Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
File: 3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa (raw, json)
Hash identifier: Ji5SZJk98OMHpG1d84k2zyAdVfJj15bAobYGXVHMr1M=
Subject key identifier: 13:5D:89:13:35:B9:2B:CE:D3:D9:F8:44:8A:9F:2F:ED:A5:DF:6F:59
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0A5EF5E1A31187A39679E7033AA205A7A5D1D2F9
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
Signing time: Mon 26 Feb 2024 08:52:41 +0000
ROA not before: Mon 26 Feb 2024 08:47:41 +0000
ROA not after: Mon 24 Feb 2025 08:52:41 +0000
asID: 396319
IP address blocks: 176.101.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:5e:f5:e1:a3:11:87:a3:96:79:e7:03:3a:a2:05:a7:a5:d1:d2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:41 2024 GMT
Not After : Feb 24 08:52:41 2025 GMT
Subject: CN=135D891335B92BCED3D9F8448A9F2FEDA5DF6F59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ca:d5:f6:9d:4b:d8:03:aa:6f:2a:f6:57:fc:
47:13:bc:78:96:76:15:45:78:03:ad:b0:4e:af:ce:
67:db:29:c5:9b:75:a1:e1:1f:fd:c4:a8:bd:7b:9c:
fc:22:fd:f1:dd:2b:8a:e9:2c:34:3c:ea:9c:d3:4f:
2d:ad:83:f3:56:9e:95:53:42:88:f5:ff:9c:e8:86:
13:05:50:c4:1a:d9:77:13:12:6a:ec:1f:85:21:53:
ea:ec:3d:bb:f2:8e:67:3a:48:29:b3:b1:76:c0:ba:
52:7a:a1:66:df:b0:49:3f:b7:fd:1b:4c:ad:0c:e3:
2d:7c:6b:4a:16:a2:38:28:a2:a6:d4:de:66:6f:30:
66:d9:8a:70:64:50:7b:1b:21:be:4c:09:2b:f5:23:
c0:80:fa:20:ed:d8:34:0a:f5:84:f9:a9:47:13:d8:
b8:a7:e8:fe:b9:90:2c:87:19:95:8c:ed:fe:eb:cc:
e6:18:2d:f2:ce:ba:24:dc:e6:d2:9d:0a:10:92:ec:
32:de:2e:58:04:08:a9:b3:68:2d:79:18:f9:a3:84:
94:08:11:ee:09:8d:30:e7:76:33:a9:74:e4:f9:21:
28:09:66:2c:45:c5:a9:67:34:eb:c3:50:75:e5:8d:
da:63:db:f0:54:0f:b1:a4:4e:1c:e1:ed:1e:d4:ec:
47:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5D:89:13:35:B9:2B:CE:D3:D9:F8:44:8A:9F:2F:ED:A5:DF:6F:59
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.172.0/22
Signature Algorithm: sha256WithRSAEncryption
01:49:6e:96:9b:63:2a:ea:c7:f3:25:d0:c3:a8:3e:d0:0a:24:
4f:82:c4:2b:47:2a:3f:be:ee:d5:0e:a1:74:32:e8:e6:59:b0:
ff:85:cd:ca:31:f5:cc:01:76:ca:ca:f3:33:ef:d0:32:cb:29:
3c:7f:22:47:5d:e6:aa:5a:42:18:b6:28:54:79:ff:91:2b:7c:
2e:0f:d4:7e:e9:d7:48:3b:e7:31:dd:93:4b:0a:54:27:06:6b:
b9:6a:c6:74:5d:c4:31:c8:45:cc:dd:52:68:14:6b:41:71:2b:
cf:5a:ef:4c:70:bb:75:f3:68:c7:8d:af:78:b5:39:89:36:ce:
52:44:e9:da:8b:f6:d5:38:27:52:dc:90:75:fe:f9:18:bb:1c:
4f:19:c4:cc:24:09:94:80:ad:d9:96:db:b6:ee:9d:e5:24:44:
84:be:6f:59:62:9a:e7:93:a7:1d:4c:75:3f:e2:e4:ad:32:74:
a4:ec:60:67:85:15:87:c3:f8:11:2c:18:02:1b:2d:32:98:61:
a0:40:8c:ca:01:29:d4:c9:29:1f:f2:79:24:94:2d:d8:e6:ce:
67:72:cf:94:b1:44:80:40:42:93:e9:34:ce:67:ab:d2:27:5a:
f3:7a:08:c8:5f:f2:e3:ad:97:9a:1d:c9:74:81:78:ba:c3:7d:
d5:3c:5c:1d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCl714aMRh6OWeecDOqIFp6XR0vkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDFaFw0yNTAyMjQwODUyNDFaMDMxMTAvBgNV
BAMTKDEzNUQ4OTEzMzVCOTJCQ0VEM0Q5Rjg0NDhBOUYyRkVEQTVERjZGNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNytX2nUvYA6pvKvZX/EcTvHiW
dhVFeAOtsE6vzmfbKcWbdaHhH/3EqL17nPwi/fHdK4rpLDQ86pzTTy2tg/NWnpVT
Qoj1/5zohhMFUMQa2XcTEmrsH4UhU+rsPbvyjmc6SCmzsXbAulJ6oWbfsEk/t/0b
TK0M4y18a0oWojgooqbU3mZvMGbZinBkUHsbIb5MCSv1I8CA+iDt2DQK9YT5qUcT
2Lin6P65kCyHGZWM7f7rzOYYLfLOuiTc5tKdChCS7DLeLlgECKmzaC15GPmjhJQI
Ee4JjTDndjOpdOT5ISgJZixFxalnNOvDUHXljdpj2/BUD7GkThzh7R7U7Ee5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUE12JEzW5K87T2fhEip8v7aXfb1kwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNzM2MmUzMTMwMzEyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMzMzkzNjMzMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArBlrDANBgkqhkiG9w0BAQsFAAOCAQEAAUlulptjKurH8yXQw6g+0AokT4LE
K0cqP77u1Q6hdDLo5lmw/4XNyjH1zAF2ysrzM+/QMsspPH8iR13mqlpCGLYoVHn/
kSt8Lg/UfunXSDvnMd2TSwpUJwZruWrGdF3EMchFzN1SaBRrQXErz1rvTHC7dfNo
x42veLU5iTbOUkTp2ov21TgnUtyQdf75GLscTxnEzCQJlICt2Zbbtu6d5SREhL5v
WWKa55OnHUx1P+LkrTJ0pOxgZ4UVh8P4ESwYAhstMphhoECMygEp1MkpH/J5JJQt
2ObOZ3LPlLFEgEBCk+k0zmer0ida83oIyF/y462Xmh3JdIF4usN91TxcHQ==
-----END CERTIFICATE-----
Generated at Thu May 16 15:36:04 2024 by rpki-client on console-fra.rpki-client.org