Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
File: 3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4LKetkNTJynMqMza1Wk5mtoB7h3v4eiuH/RE0CoZ/pc=
Subject key identifier: 61:10:92:FE:D5:4F:7C:D4:18:90:25:14:D7:C6:A9:B8:30:7F:87:57
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 49585E5212873A9F4B522CB93F5926102306CE64
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 22 Nov 2024 07:44:22 +0000
ROA not before: Fri 22 Nov 2024 07:39:22 +0000
ROA not after: Fri 21 Nov 2025 07:44:22 +0000
asID: 136787
IP address blocks: 194.26.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:58:5e:52:12:87:3a:9f:4b:52:2c:b9:3f:59:26:10:23:06:ce:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 22 07:39:22 2024 GMT
Not After : Nov 21 07:44:22 2025 GMT
Subject: CN=611092FED54F7CD418902514D7C6A9B8307F8757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3b:81:57:37:2c:e8:cc:f3:58:bd:6f:1b:0f:
e7:6a:bc:77:c9:13:bb:aa:8f:3b:77:d8:0f:68:e4:
95:62:ab:31:51:72:04:c5:70:ca:85:23:ff:10:39:
07:53:13:b8:d6:eb:81:ab:63:82:af:83:b7:60:34:
23:28:ea:0e:04:db:8e:0b:60:bb:6a:06:27:0f:ad:
6a:54:95:24:9e:68:3c:1b:47:91:8b:32:ac:fc:10:
81:6b:ce:06:e0:dd:d2:6c:56:81:83:ec:b6:57:b3:
e6:4a:f2:70:60:e4:aa:5d:36:84:2c:91:98:41:f3:
37:b2:06:a1:43:94:1a:48:ff:23:26:98:e7:78:65:
9d:19:42:1f:0f:0f:17:e9:c3:42:d2:c6:88:92:de:
88:ac:5e:11:55:41:6d:1c:42:33:89:ac:ce:f0:67:
48:58:20:60:cd:5a:bb:58:e8:33:63:86:27:e9:6e:
9b:a2:3a:9a:5d:b9:a0:1f:a2:61:ab:ad:4d:b6:b5:
bd:26:db:3b:c2:3b:49:ee:c9:49:2b:28:6b:16:00:
4e:bf:f2:53:0a:cc:b3:52:5e:9f:f7:ed:bf:f5:23:
e5:a6:51:6c:97:73:72:fc:b4:67:01:ea:e4:d8:94:
28:6b:00:d6:1f:8d:7a:45:ce:55:9f:7c:fe:c5:aa:
dd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:10:92:FE:D5:4F:7C:D4:18:90:25:14:D7:C6:A9:B8:30:7F:87:57
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.211.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ab:8d:b9:eb:9a:ab:0b:3f:7c:c7:0d:e7:cb:a7:e8:7d:ac:
ab:34:87:9b:ed:52:e9:2c:a8:77:1c:70:f7:10:c7:82:d8:9f:
a0:b6:16:93:ef:e1:cb:57:0c:ad:65:93:ed:99:8e:01:d7:bb:
fb:06:55:86:4d:d0:06:60:fd:78:63:4c:aa:25:96:b7:70:dc:
c3:84:12:53:30:9d:7d:bf:e5:ea:c8:3f:e9:7b:41:64:bc:ba:
08:73:3c:d3:55:fe:ab:d6:9d:7f:8e:12:b0:7a:33:6a:aa:70:
f0:0a:aa:bd:7d:8c:c0:26:8a:cb:a9:3c:12:48:c4:0e:27:a7:
e1:42:9e:8d:55:1f:14:34:35:5b:17:bc:08:18:a4:88:9d:7a:
42:3e:89:99:9f:8a:ec:28:58:2d:80:66:cd:9a:4b:99:ef:99:
27:b6:d8:22:fd:2a:26:fd:52:9c:be:e2:32:00:63:14:7b:5a:
5d:e7:c4:47:7a:fb:4f:03:c5:ae:45:51:9c:09:ba:50:27:9e:
c7:6d:24:f3:56:1b:be:80:de:45:e9:d1:7e:e2:0a:fa:6b:5e:
ad:1e:b7:7f:3f:80:34:d2:b6:d0:9e:00:54:0d:33:78:cc:c4:
1f:a6:91:c6:35:de:48:2b:32:1a:b0:64:34:41:61:5b:c2:ca:
55:27:53:5f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSVheUhKHOp9LUiy5P1kmECMGzmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjIwNzM5MjJaFw0yNTExMjEwNzQ0MjJaMDMxMTAvBgNV
BAMTKDYxMTA5MkZFRDU0RjdDRDQxODkwMjUxNEQ3QzZBOUI4MzA3Rjg3NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxO4FXNyzozPNYvW8bD+dqvHfJ
E7uqjzt32A9o5JViqzFRcgTFcMqFI/8QOQdTE7jW64GrY4Kvg7dgNCMo6g4E244L
YLtqBicPrWpUlSSeaDwbR5GLMqz8EIFrzgbg3dJsVoGD7LZXs+ZK8nBg5KpdNoQs
kZhB8zeyBqFDlBpI/yMmmOd4ZZ0ZQh8PDxfpw0LSxoiS3oisXhFVQW0cQjOJrM7w
Z0hYIGDNWrtY6DNjhifpbpuiOppduaAfomGrrU22tb0m2zvCO0nuyUkrKGsWAE6/
8lMKzLNSXp/37b/1I+WmUWyXc3L8tGcB6uTYlChrANYfjXpFzlWffP7Fqt0RAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUYRCS/tVPfNQYkCUU18apuDB/h1cwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzYy
ZTMyMzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMIa0zANBgkqhkiG9w0BAQsFAAOCAQEABquNueuaqws/fMcN58un6H2s
qzSHm+1S6Syodxxw9xDHgtifoLYWk+/hy1cMrWWT7ZmOAde7+wZVhk3QBmD9eGNM
qiWWt3Dcw4QSUzCdfb/l6sg/6XtBZLy6CHM801X+q9adf44SsHozaqpw8AqqvX2M
wCaKy6k8EkjEDien4UKejVUfFDQ1Wxe8CBikiJ16Qj6JmZ+K7ChYLYBmzZpLme+Z
J7bYIv0qJv1SnL7iMgBjFHtaXefER3r7TwPFrkVRnAm6UCeex20k81YbvoDeRenR
fuIK+mterR63fz+ANNK20J4AVA0zeMzEH6aRxjXeSCsyGrBkNEFhW8LKVSdTXw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org