Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
File: 3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: +zvvg4+KI5ouUl+Et1gkzom6AYFac5rd8AfvIgPZXFY=
Subject key identifier: 54:C8:9C:66:E6:92:99:5D:CC:75:CD:37:61:40:94:58:69:3B:68:9E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4896CC0E4AC74821363C7015F1A34C48050A0CF5
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:52:41 +0000
ROA not before: Mon 26 Feb 2024 08:47:41 +0000
ROA not after: Mon 24 Feb 2025 08:52:41 +0000
asID: 47583
IP address blocks: 193.168.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:96:cc:0e:4a:c7:48:21:36:3c:70:15:f1:a3:4c:48:05:0a:0c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:41 2024 GMT
Not After : Feb 24 08:52:41 2025 GMT
Subject: CN=54C89C66E692995DCC75CD3761409458693B689E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a8:d8:c4:a4:6c:c2:58:2d:7a:93:b5:1e:c1:
0f:83:ee:38:92:a3:ca:07:2a:c6:67:2a:d6:00:5f:
53:38:50:e5:19:a2:37:9e:7d:71:c3:cf:0a:35:ad:
d3:c3:39:91:b5:57:de:55:7d:15:03:e3:3c:eb:3b:
67:41:f6:2e:cd:0f:97:ae:d4:03:49:ec:e0:7d:d3:
5b:ef:f3:3a:0d:1b:af:e1:7d:28:6a:e4:c4:81:93:
fe:80:52:01:cf:7b:ca:db:6c:39:2a:12:7d:1a:fa:
0b:a2:3f:74:2b:af:9f:3b:de:3d:f5:5f:6a:79:65:
26:6a:c0:bb:de:c4:14:b5:d4:17:6d:38:02:f2:1f:
1c:54:b4:db:3d:86:01:a9:58:91:04:f3:bd:30:41:
a9:1b:b8:1d:43:6d:de:c2:80:7d:03:9f:c4:76:5a:
74:c9:61:92:31:92:25:63:a1:5a:64:8d:f5:d6:84:
00:f5:a5:f3:09:80:ef:26:85:aa:1a:9c:ff:bf:23:
5b:37:7b:b9:1c:eb:66:99:4b:80:50:63:dd:de:cb:
6c:62:44:0b:6c:72:d3:49:b9:29:c9:19:80:75:cc:
e5:3c:5a:55:28:45:9e:13:73:ef:2a:24:dc:13:d9:
4a:89:d0:be:4e:2e:e2:d4:c7:d2:b3:c9:2d:90:a0:
0f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C8:9C:66:E6:92:99:5D:CC:75:CD:37:61:40:94:58:69:3B:68:9E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.194.0/23
Signature Algorithm: sha256WithRSAEncryption
05:55:22:16:3d:45:eb:0c:50:6c:d5:2d:2d:e1:d9:b6:45:b0:
48:7a:ec:ca:52:34:78:f0:0e:ed:2f:a9:85:26:49:02:81:af:
ef:46:aa:a3:c9:89:74:77:af:b3:f3:83:72:7d:6e:0f:97:ca:
3a:fa:fc:02:fe:7a:32:89:18:be:24:84:af:98:b2:96:6a:52:
99:6b:73:a2:1b:5d:6b:09:3c:2a:d4:01:ca:e5:f0:02:2d:31:
f7:4a:6a:c0:ba:3c:ae:5c:f6:43:aa:98:df:68:64:06:a7:e2:
cd:e2:25:9a:5f:b3:61:66:ff:81:54:2c:de:d1:40:b9:8f:f1:
22:1c:b8:c7:df:dd:a5:e5:9f:8a:1b:67:7e:05:74:57:d7:70:
50:1a:72:2c:74:18:8c:e6:80:1e:0a:8a:eb:39:53:c5:95:77:
9c:14:20:d6:3b:ab:9d:47:44:42:90:19:e4:1d:7d:ee:72:9f:
8d:af:e0:b8:13:1c:8a:9d:d8:c5:76:cb:94:ff:2f:00:e8:19:
95:22:3c:92:9f:99:16:47:39:b6:13:28:0b:e0:77:a9:3d:ed:
38:0f:16:d7:5c:2b:b3:71:d5:aa:6f:58:6f:99:d2:d4:86:55:
ba:6a:ed:44:d9:8f:a1:6f:92:de:2c:16:50:78:6b:95:55:1e:
e4:2f:63:9e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSJbMDkrHSCE2PHAV8aNMSAUKDPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDFaFw0yNTAyMjQwODUyNDFaMDMxMTAvBgNV
BAMTKDU0Qzg5QzY2RTY5Mjk5NURDQzc1Q0QzNzYxNDA5NDU4NjkzQjY4OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqqNjEpGzCWC16k7UewQ+D7jiS
o8oHKsZnKtYAX1M4UOUZojeefXHDzwo1rdPDOZG1V95VfRUD4zzrO2dB9i7ND5eu
1ANJ7OB901vv8zoNG6/hfShq5MSBk/6AUgHPe8rbbDkqEn0a+guiP3Qrr5873j31
X2p5ZSZqwLvexBS11BdtOALyHxxUtNs9hgGpWJEE870wQakbuB1Dbd7CgH0Dn8R2
WnTJYZIxkiVjoVpkjfXWhAD1pfMJgO8mhaoanP+/I1s3e7kc62aZS4BQY93ey2xi
RAtsctNJuSnJGYB1zOU8WlUoRZ4Tc+8qJNwT2UqJ0L5OLuLUx9KzyS2QoA//AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVMicZuaSmV3Mdc03YUCUWGk7aJ4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzMTM2MzgyZTMx
MzkzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHBqMIwDQYJKoZIhvcNAQELBQADggEBAAVVIhY9ResMUGzVLS3h2bZFsEh67MpS
NHjwDu0vqYUmSQKBr+9GqqPJiXR3r7Pzg3J9bg+Xyjr6/AL+ejKJGL4khK+YspZq
Uplrc6IbXWsJPCrUAcrl8AItMfdKasC6PK5c9kOqmN9oZAan4s3iJZpfs2Fm/4FU
LN7RQLmP8SIcuMff3aXln4obZ34FdFfXcFAacix0GIzmgB4Kius5U8WVd5wUINY7
q51HREKQGeQdfe5yn42v4LgTHIqd2MV2y5T/LwDoGZUiPJKfmRZHObYTKAvgd6k9
7TgPFtdcK7Nx1apvWG+Z0tSGVbpq7UTZj6Fvkt4sFlB4a5VVHuQvY54=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org