Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
File: 3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa (raw, json)
Hash identifier: 52tVUpi0RT+lqZ2/bgNc2M4W9zIYZJyXf3ZMTF6zxCw=
Subject key identifier: 0A:20:EE:B3:4B:A9:73:90:41:01:94:11:06:31:86:DE:3A:B8:CD:57
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3D1C7CAE80BFCBE01361C33A9019F89C1A5E15F6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
Signing time: Mon 26 Feb 2024 08:52:44 +0000
ROA not before: Mon 26 Feb 2024 08:47:44 +0000
ROA not after: Mon 24 Feb 2025 08:52:44 +0000
asID: 396319
IP address blocks: 139.28.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1c:7c:ae:80:bf:cb:e0:13:61:c3:3a:90:19:f8:9c:1a:5e:15:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:44 2024 GMT
Not After : Feb 24 08:52:44 2025 GMT
Subject: CN=0A20EEB34BA9739041019411063186DE3AB8CD57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c2:86:44:64:13:ed:4f:97:c1:19:a6:7b:ed:
d8:fd:ed:86:36:98:b5:29:64:20:28:6f:14:6f:fd:
bf:7d:08:9d:5f:07:ff:de:03:76:49:f3:65:96:fc:
a9:25:0a:33:5c:e4:39:90:6d:64:5b:41:c0:d7:42:
f8:ee:f8:a2:a3:16:97:4a:90:74:b1:c2:f3:7a:64:
3c:78:35:0e:bf:3c:7e:14:8e:a9:98:8f:1a:ac:27:
83:f7:48:0c:1e:ef:3b:a3:68:cc:25:07:fd:0f:9b:
95:5f:65:72:ff:ac:09:64:83:f3:58:2a:d2:52:d2:
85:de:b6:3a:c6:c7:65:1e:b9:db:7e:07:3e:24:d8:
c7:1e:0c:ea:ec:e7:1f:8b:91:06:2d:02:2b:30:1f:
39:25:b2:d9:a0:5e:6e:e8:a3:6d:01:45:ff:41:d5:
7e:9d:fc:ba:6b:7b:49:b5:95:3f:a1:b9:a3:68:1e:
d2:4c:09:42:f9:55:19:05:66:b1:80:8e:33:3c:cd:
90:30:0c:25:95:5b:62:3b:79:de:8b:87:ff:22:d4:
a0:15:3b:b2:2e:7c:11:26:21:47:99:62:43:50:cc:
93:9c:53:00:dd:53:f5:80:5d:c3:5c:58:87:3d:3f:
6b:95:f7:a0:7f:fd:30:99:0b:dc:a7:cf:23:d2:b9:
fc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:20:EE:B3:4B:A9:73:90:41:01:94:11:06:31:86:DE:3A:B8:CD:57
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.160.0/22
Signature Algorithm: sha256WithRSAEncryption
44:48:56:0f:09:95:98:44:2a:e3:bf:23:c5:d5:94:cf:17:6b:
c3:0b:04:23:82:1a:e3:4a:75:d0:91:f2:b4:39:c2:33:80:77:
a9:cc:8b:cd:ae:58:9a:2a:41:07:56:1b:0a:71:2a:c5:98:16:
f4:09:ee:73:5c:2b:20:b3:39:9d:40:db:20:ac:34:a5:32:6b:
67:74:66:f8:1c:46:7a:ee:fc:0d:20:58:21:c5:6c:17:6f:c7:
e7:05:e2:ef:b9:fc:f5:14:84:19:07:7d:63:c3:32:b3:ed:2d:
ec:ab:cc:64:d0:e9:7e:5d:f1:4f:56:0f:f3:e7:0b:8f:8b:e5:
94:33:7a:41:c0:30:db:49:a3:4f:fa:f7:77:78:a0:de:d6:e4:
cd:0f:ef:62:82:82:e3:84:ae:8a:eb:11:36:44:8c:46:37:5f:
78:05:cd:c2:b5:38:b5:95:57:90:36:b8:31:67:66:a0:07:63:
a4:9c:84:e9:19:07:25:a0:e9:a0:b0:e3:d9:02:60:28:e7:dc:
ee:96:6e:5f:6d:2c:d2:58:37:78:73:74:6e:fb:56:ec:b8:ac:
af:58:8e:20:bb:a4:86:d7:8b:0e:bd:ae:ec:64:74:5f:6a:22:
1a:7f:40:34:cc:01:59:1f:1c:a0:49:75:58:d1:b5:a7:d5:c4:
37:ca:33:ab
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPRx8roC/y+ATYcM6kBn4nBpeFfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDRaFw0yNTAyMjQwODUyNDRaMDMxMTAvBgNV
BAMTKDBBMjBFRUIzNEJBOTczOTA0MTAxOTQxMTA2MzE4NkRFM0FCOENENTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYwoZEZBPtT5fBGaZ77dj97YY2
mLUpZCAobxRv/b99CJ1fB//eA3ZJ82WW/KklCjNc5DmQbWRbQcDXQvju+KKjFpdK
kHSxwvN6ZDx4NQ6/PH4UjqmYjxqsJ4P3SAwe7zujaMwlB/0Pm5VfZXL/rAlkg/NY
KtJS0oXetjrGx2Ueudt+Bz4k2MceDOrs5x+LkQYtAiswHzklstmgXm7oo20BRf9B
1X6d/Lpre0m1lT+huaNoHtJMCUL5VRkFZrGAjjM8zZAwDCWVW2I7ed6Lh/8i1KAV
O7IufBEmIUeZYkNQzJOcUwDdU/WAXcNcWIc9P2uV96B//TCZC9ynzyPSufwPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCiDus0upc5BBAZQRBjGG3jq4zVcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMzM5MmUzMjM4MmUzMTM2
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzM5MzYzMzMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKLHKAwDQYJKoZIhvcNAQELBQADggEBAERIVg8JlZhEKuO/I8XVlM8Xa8MLBCOC
GuNKddCR8rQ5wjOAd6nMi82uWJoqQQdWGwpxKsWYFvQJ7nNcKyCzOZ1A2yCsNKUy
a2d0ZvgcRnru/A0gWCHFbBdvx+cF4u+5/PUUhBkHfWPDMrPtLeyrzGTQ6X5d8U9W
D/PnC4+L5ZQzekHAMNtJo0/693d4oN7W5M0P72KCguOErorrETZEjEY3X3gFzcK1
OLWVV5A2uDFnZqAHY6SchOkZByWg6aCw49kCYCjn3O6Wbl9tLNJYN3hzdG77Vuy4
rK9YjiC7pIbXiw69ruxkdF9qIhp/QDTMAVkfHKBJdVjRtafVxDfKM6s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org