Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
File: 3139332e32392e36302e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: Ze/JdYGGH5DOGnJy+/Ckz0z4n3MI7RbZWoBKXyld54w=
Subject key identifier: DE:3A:43:2D:94:7C:C0:CB:AF:7E:B8:35:5E:B6:00:9A:86:B2:61:F7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4E4D1D282975258CCFDBBCA379DB04D0E79CDE97
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:28 +0000
ROA not before: Tue 25 Jun 2024 21:42:28 +0000
ROA not after: Tue 24 Jun 2025 21:47:28 +0000
asID: 204170
IP address blocks: 193.29.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:4d:1d:28:29:75:25:8c:cf:db:bc:a3:79:db:04:d0:e7:9c:de:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 25 21:42:28 2024 GMT
Not After : Jun 24 21:47:28 2025 GMT
Subject: CN=DE3A432D947CC0CBAF7EB8355EB6009A86B261F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:40:44:6f:45:82:9f:f8:c1:a3:05:00:ea:cb:
14:1f:a0:74:b5:6f:be:17:06:08:02:0d:8e:85:55:
ad:e3:6b:cc:68:dc:6a:78:bb:11:b4:86:3e:37:1b:
a0:75:0d:43:f2:87:70:5d:09:59:f9:66:32:2d:c7:
16:c8:7e:de:c6:8a:78:c0:24:bc:0b:95:78:62:4c:
86:f2:c3:30:52:b8:c8:9e:c2:3b:d7:57:8d:98:fa:
2c:20:7f:61:ad:8b:98:11:b1:fa:84:10:71:07:00:
46:bb:06:31:33:17:aa:a7:17:17:43:c7:b3:85:e6:
33:e9:fa:33:82:cf:3d:2a:7b:6d:f2:04:2a:ff:99:
8a:a8:86:98:97:44:97:b3:dc:74:b1:ee:e3:30:49:
b9:cf:47:ab:fe:9d:bd:fe:1d:fe:03:36:b1:ec:75:
33:64:c0:dd:45:bd:40:5e:5d:b4:18:07:65:f1:15:
6b:e6:5b:49:38:a0:42:62:e4:e5:f1:09:37:92:ec:
e1:e3:8c:13:09:d0:5e:19:87:7f:38:5b:18:91:cb:
51:25:45:1a:3a:30:9e:76:4f:e1:d6:3d:ba:43:f3:
44:b1:ba:75:c4:bd:5d:e6:b8:b1:92:a9:0d:69:d4:
a0:3c:a1:9a:04:b4:99:09:7b:22:b2:51:03:0b:82:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3A:43:2D:94:7C:C0:CB:AF:7E:B8:35:5E:B6:00:9A:86:B2:61:F7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.60.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:b5:9d:9f:76:1b:a5:b6:a3:e1:2c:44:06:2d:4a:77:40:79:
85:6c:06:9d:17:60:e2:dc:ea:95:fa:7b:9c:3c:19:87:06:e5:
6e:67:dc:30:26:b3:be:0b:14:2d:77:1a:bc:be:cf:f3:6f:ae:
5f:6c:eb:76:85:8a:8b:6d:fb:62:0c:76:dd:74:4e:ab:e5:10:
e3:9a:6c:51:3d:1d:aa:8d:c0:54:fe:e1:62:7b:ae:4b:55:19:
c8:82:00:55:18:af:39:17:81:16:95:1f:47:46:81:28:91:c1:
e3:d2:f5:08:c2:8f:38:70:38:6c:12:34:fc:6f:8f:f2:67:45:
52:b9:6e:1b:4e:e7:89:b9:03:60:48:da:ea:cd:40:bb:d2:f8:
77:d2:19:be:e1:4d:5c:b9:69:f6:83:57:4c:61:36:04:17:9f:
d5:bb:b9:7e:2f:cf:fb:bb:7c:cf:c6:e1:8d:90:9f:61:79:95:
7d:94:8e:fe:13:2b:f0:c1:40:9f:dd:49:02:f1:7d:d8:57:b5:
f0:28:98:0c:d3:bd:cd:80:01:f9:67:b1:e0:06:93:ca:f4:81:
db:1c:fa:a6:5c:6c:7e:32:a4:57:14:ef:5e:da:ff:f1:0d:4c:
30:a1:9f:ca:fb:7b:24:c0:e7:e4:43:7c:b7:54:a2:ac:39:8d:
1c:c9:82:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTk0dKCl1JYzP27yjedsE0Oec3pcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA2MjUyMTQyMjhaFw0yNTA2MjQyMTQ3MjhaMDMxMTAvBgNV
BAMTKERFM0E0MzJEOTQ3Q0MwQ0JBRjdFQjgzNTVFQjYwMDlBODZCMjYxRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNQERvRYKf+MGjBQDqyxQfoHS1
b74XBggCDY6FVa3ja8xo3Gp4uxG0hj43G6B1DUPyh3BdCVn5ZjItxxbIft7GinjA
JLwLlXhiTIbywzBSuMiewjvXV42Y+iwgf2Gti5gRsfqEEHEHAEa7BjEzF6qnFxdD
x7OF5jPp+jOCzz0qe23yBCr/mYqohpiXRJez3HSx7uMwSbnPR6v+nb3+Hf4DNrHs
dTNkwN1FvUBeXbQYB2XxFWvmW0k4oEJi5OXxCTeS7OHjjBMJ0F4Zh384WxiRy1El
RRo6MJ52T+HWPbpD80SxunXEvV3muLGSqQ1p1KA8oZoEtJkJeyKyUQMLgsIhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3jpDLZR8wMuvfrg1XrYAmoayYfcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzMjM5MmUzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wR08MA0GCSqGSIb3DQEBCwUAA4IBAQCftZ2fdhultqPhLEQGLUp3QHmFbAadF2Di
3OqV+nucPBmHBuVuZ9wwJrO+CxQtdxq8vs/zb65fbOt2hYqLbftiDHbddE6r5RDj
mmxRPR2qjcBU/uFie65LVRnIggBVGK85F4EWlR9HRoEokcHj0vUIwo84cDhsEjT8
b4/yZ0VSuW4bTueJuQNgSNrqzUC70vh30hm+4U1cuWn2g1dMYTYEF5/Vu7l+L8/7
u3zPxuGNkJ9heZV9lI7+EyvwwUCf3UkC8X3YV7XwKJgM073NgAH5Z7HgBpPK9IHb
HPqmXGx+MqRXFO9e2v/xDUwwoZ/K+3skwOfkQ3y3VKKsOY0cyYK1
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:08:54 2025 by rpki-client