Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137342e302f32342d3234203d3e20323134363638.roa
File: 39352e3136392e3137342e302f32342d3234203d3e20323134363638.roa (raw, json)
Hash identifier: S2rwEP0Sffet4NigAXEVC1+nhRwV+92yJrQKZNcDRGw=
Subject key identifier: EB:CB:97:98:EC:EB:5C:A2:99:A9:E1:F1:28:B3:F3:EE:20:A0:43:A6
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 75AA91A9467B96E171863606C29E02165B9D109D
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137342e302f32342d3234203d3e20323134363638.roa
Signing time: Mon 08 Jul 2024 10:00:26 +0000
ROA not before: Mon 08 Jul 2024 09:55:26 +0000
ROA not after: Mon 07 Jul 2025 10:00:26 +0000
asID: 214668
IP address blocks: 95.169.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:aa:91:a9:46:7b:96:e1:71:86:36:06:c2:9e:02:16:5b:9d:10:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jul 8 09:55:26 2024 GMT
Not After : Jul 7 10:00:26 2025 GMT
Subject: CN=EBCB9798ECEB5CA299A9E1F128B3F3EE20A043A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f9:5d:81:7a:60:d4:2b:13:e9:07:d0:2a:21:
3b:de:f3:df:49:37:f5:f0:04:0d:25:3b:b4:d8:a2:
aa:e9:4e:8a:4c:e1:f9:f5:bb:03:65:d1:80:57:6c:
7a:f5:cb:b5:70:ce:dc:9e:dd:9b:62:d3:de:98:f2:
b5:60:a4:c1:59:fc:ff:cf:7e:56:5b:fa:84:49:74:
26:63:94:bc:2f:1a:b2:b1:d8:e1:bf:df:42:61:4a:
1b:d4:f9:fe:68:f7:17:20:71:ee:97:f4:72:4d:11:
21:5c:73:81:f7:90:95:34:63:95:97:28:8e:43:f0:
53:bf:31:3e:1c:0d:c7:ad:17:23:b3:14:04:5c:b6:
fb:79:bb:a9:b1:c7:37:9f:84:e8:18:46:ad:68:f9:
3d:95:89:3b:e5:6e:89:8d:06:25:a1:d6:ba:06:08:
d3:69:a4:6c:02:cb:39:6a:be:16:1f:cf:64:3f:8a:
97:1d:81:c2:8a:23:cf:f8:fe:d1:a6:39:d9:d2:6c:
11:c7:7f:b1:c6:82:b4:a7:da:dc:04:42:7e:2f:11:
1b:7a:b3:58:9f:cc:57:7e:64:2a:32:2c:97:0d:6c:
3e:7f:89:06:8b:c8:e6:28:16:b0:dd:df:61:f2:57:
df:9b:21:f9:48:3b:a7:3c:54:de:6f:bd:2b:2f:8c:
8d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CB:97:98:EC:EB:5C:A2:99:A9:E1:F1:28:B3:F3:EE:20:A0:43:A6
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137342e302f32342d3234203d3e20323134363638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:80:8e:17:12:17:91:c1:7f:a0:83:ae:5f:ad:13:d0:05:aa:
1a:a5:6c:96:69:8e:e7:73:7d:eb:a3:83:da:0c:ec:2b:72:f9:
e3:2a:d0:4d:bf:fc:e2:15:44:65:5d:1a:ea:38:fd:69:06:80:
b6:44:6c:97:9e:27:4c:7e:ab:db:7b:dc:79:1d:eb:0d:5f:f4:
f7:42:da:14:53:6c:a4:fb:c6:6d:69:7f:27:10:6f:6e:58:6c:
5b:19:7a:fd:11:a4:06:a0:76:6f:55:ee:51:13:13:10:32:17:
46:f3:4a:75:38:62:ef:00:eb:64:26:f3:de:84:99:12:47:3e:
03:1e:2a:09:cb:ab:a1:8d:51:7d:86:17:52:4e:6d:95:23:91:
93:5c:e9:c1:72:06:41:78:12:86:22:d2:fb:8e:25:7c:5f:e2:
12:a0:ff:92:31:2d:72:2e:82:9c:7a:43:da:86:ac:64:16:4c:
cc:14:ce:53:a1:ff:43:80:36:a8:5e:78:8b:e1:7b:01:2e:78:
78:90:d3:61:f9:96:89:16:b6:31:00:32:d7:c7:fa:44:ae:5d:
b3:10:07:53:f0:f5:20:3e:d5:f6:3a:b0:b4:da:40:1c:78:4a:
eb:3b:97:74:07:b3:1f:b8:0c:98:d6:77:c3:26:2f:5c:70:02:
62:aa:de:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdaqRqUZ7luFxhjYGwp4CFludEJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDA3MDgwOTU1MjZaFw0yNTA3MDcxMDAwMjZaMDMxMTAvBgNV
BAMTKEVCQ0I5Nzk4RUNFQjVDQTI5OUE5RTFGMTI4QjNGM0VFMjBBMDQzQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT+V2BemDUKxPpB9AqITve899J
N/XwBA0lO7TYoqrpTopM4fn1uwNl0YBXbHr1y7Vwztye3Zti096Y8rVgpMFZ/P/P
flZb+oRJdCZjlLwvGrKx2OG/30JhShvU+f5o9xcgce6X9HJNESFcc4H3kJU0Y5WX
KI5D8FO/MT4cDcetFyOzFARctvt5u6mxxzefhOgYRq1o+T2ViTvlbomNBiWh1roG
CNNppGwCyzlqvhYfz2Q/ipcdgcKKI8/4/tGmOdnSbBHHf7HGgrSn2twEQn4vERt6
s1ifzFd+ZCoyLJcNbD5/iQaLyOYoFrDd32HyV9+bIflIO6c8VN5vvSsvjI1/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU68uXmOzrXKKZqeHxKLPz7iCgQ6YwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNjM2Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqa4wDQYJKoZIhvcNAQELBQADggEBAJyAjhcSF5HBf6CDrl+tE9AFqhqlbJZp
judzfeujg9oM7Cty+eMq0E2//OIVRGVdGuo4/WkGgLZEbJeeJ0x+q9t73Hkd6w1f
9PdC2hRTbKT7xm1pfycQb25YbFsZev0RpAagdm9V7lETExAyF0bzSnU4Yu8A62Qm
896EmRJHPgMeKgnLq6GNUX2GF1JObZUjkZNc6cFyBkF4EoYi0vuOJXxf4hKg/5Ix
LXIugpx6Q9qGrGQWTMwUzlOh/0OANqheeIvhewEueHiQ02H5lokWtjEAMtfH+kSu
XbMQB1Pw9SA+1fY6sLTaQBx4Sus7l3QHsx+4DJjWd8MmL1xwAmKq3lM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org