Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
File: 3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: 9LjSlR+RH5d7FPCvjUDQoSYOcZyiZz2voyDfL9ojI1g=
Subject key identifier: 17:65:E4:9D:31:0E:12:A1:B7:1C:3F:2D:D6:60:10:1F:A3:39:00:A7
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0F72013FE0FB793E50C0C2F82ACB80A90DB1F6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
Signing time: Mon 26 Feb 2024 08:52:40 +0000
ROA not before: Mon 26 Feb 2024 08:47:40 +0000
ROA not after: Mon 24 Feb 2025 08:52:40 +0000
asID: 141039
IP address blocks: 194.146.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:72:01:3f:e0:fb:79:3e:50:c0:c2:f8:2a:cb:80:a9:0d:b1:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:40 2024 GMT
Not After : Feb 24 08:52:40 2025 GMT
Subject: CN=1765E49D310E12A1B71C3F2DD660101FA33900A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e7:d0:b9:6c:6e:13:6c:dd:be:94:3f:a1:d2:
cf:46:a0:a4:85:0c:9e:04:4c:c7:5c:f3:f6:44:85:
7a:de:34:ac:a7:31:db:3f:b3:58:43:92:11:25:73:
fe:f9:96:f2:fe:6a:7b:53:55:5d:33:4f:e6:97:91:
08:7b:d5:c5:cd:77:23:9f:2a:61:b0:22:f3:db:88:
38:85:12:bb:03:f1:85:eb:78:a8:6d:7c:7b:99:89:
be:bc:cf:0b:80:4d:a7:b4:ff:03:de:dd:81:d9:49:
cb:90:8b:67:d8:45:c5:15:46:62:40:91:64:1f:f6:
cc:25:90:ea:28:ec:87:8e:be:a5:d9:15:d0:80:a0:
f6:f9:02:c8:27:29:bc:a4:43:6f:27:9a:e7:10:55:
16:f7:0c:37:c2:27:7f:75:9c:b7:28:48:15:ff:41:
0d:1c:86:94:55:06:2c:22:34:36:65:ad:55:51:a8:
93:ca:ca:90:b1:12:86:f2:07:9f:5d:1b:93:b1:7e:
d7:f3:20:95:1a:bb:a8:f6:7e:62:dc:ed:c1:5a:e4:
ee:02:44:5f:f7:24:92:ea:40:e4:ae:33:78:72:6e:
a9:b4:3b:d7:4d:f7:47:d9:f7:dc:65:e7:4d:64:e6:
7c:cd:67:ff:d9:be:91:2b:8c:47:52:bc:e0:0a:b1:
97:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:65:E4:9D:31:0E:12:A1:B7:1C:3F:2D:D6:60:10:1F:A3:39:00:A7
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.14.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:75:9a:7c:c2:09:96:b5:f0:a3:8d:7c:30:5b:77:56:f7:0b:
66:7b:87:15:c7:1f:d1:ea:53:2e:82:d2:ed:0f:40:75:22:d8:
cf:a0:18:3e:bf:12:4a:0d:d0:90:69:28:0e:97:40:7d:3f:73:
a5:2f:62:f5:c5:ae:64:d4:3d:08:c4:8a:a8:da:b6:3a:1f:f3:
9a:b6:b9:3b:40:ed:6b:02:ac:0f:24:a8:07:b0:a1:d1:b1:a0:
f6:37:ff:dc:bd:6d:70:e0:2b:43:45:94:c3:1d:b7:3e:49:4a:
9a:e8:52:bb:7a:d2:48:77:af:91:ea:71:75:cc:cb:22:84:b2:
a6:2a:e5:83:b8:92:91:f8:9e:a6:ef:c5:3d:ac:84:b4:4a:01:
fe:35:37:7d:91:f3:23:b5:86:39:3f:b9:13:12:71:64:26:45:
88:bc:27:91:dd:00:25:f5:96:80:f0:da:f5:b5:96:e2:54:1e:
45:12:50:32:e2:d5:df:3f:2b:96:ab:f3:f2:b4:c6:8c:66:e1:
94:02:10:86:ec:42:03:6e:4b:07:2d:f0:57:4b:62:1c:c3:5c:
ad:85:3c:a4:8a:68:5a:02:e8:91:cf:14:39:9b:bf:d8:43:db:
d7:36:24:5d:c4:ab:38:be:3b:c9:b5:a1:4f:e3:37:fd:b3:28:
21:c7:e5:00
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITD3IBP+D7eT5QwML4KsuAqQ2x9jANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygwODg0NjlkMWEzMzA4NWZmODhiM2U1OTlkMjIzY2E3NGMy
MzEzYTNhMB4XDTI0MDIyNjA4NDc0MFoXDTI1MDIyNDA4NTI0MFowMzExMC8GA1UE
AxMoMTc2NUU0OUQzMTBFMTJBMUI3MUMzRjJERDY2MDEwMUZBMzM5MDBBNzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALbn0LlsbhNs3b6UP6HSz0agpIUM
ngRMx1zz9kSFet40rKcx2z+zWEOSESVz/vmW8v5qe1NVXTNP5peRCHvVxc13I58q
YbAi89uIOIUSuwPxhet4qG18e5mJvrzPC4BNp7T/A97dgdlJy5CLZ9hFxRVGYkCR
ZB/2zCWQ6ijsh46+pdkV0ICg9vkCyCcpvKRDbyea5xBVFvcMN8Inf3WctyhIFf9B
DRyGlFUGLCI0NmWtVVGok8rKkLEShvIHn10bk7F+1/MglRq7qPZ+YtztwVrk7gJE
X/ckkupA5K4zeHJuqbQ71033R9n33GXnTWTmfM1n/9m+kSuMR1K84Aqxl8UCAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBQXZeSdMQ4SobccPy3WYBAfozkApzAfBgNVHSME
GDAWgBQIhGnRozCF/4iz5ZnSI8p0wjE6OjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5
YWYvNS8wODg0NjlEMUEzMzA4NUZGODhCM0U1OTlEMjIzQ0E3NEMyMzEzQTNBLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvQ0lScDBhTXdoZi1Jcy1XWjBpUEtkTUl4
T2pvLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02
N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvNS8zMTM5MzQyZTMxMzQzNjJlMzEz
NDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMKSDjANBgkqhkiG9w0BAQsFAAOCAQEAq3WafMIJlrXwo418MFt3VvcLZnuHFccf
0epTLoLS7Q9AdSLYz6AYPr8SSg3QkGkoDpdAfT9zpS9i9cWuZNQ9CMSKqNq2Oh/z
mra5O0DtawKsDySoB7Ch0bGg9jf/3L1tcOArQ0WUwx23PklKmuhSu3rSSHevkepx
dczLIoSypirlg7iSkfiepu/FPayEtEoB/jU3fZHzI7WGOT+5ExJxZCZFiLwnkd0A
JfWWgPDa9bWW4lQeRRJQMuLV3z8rlqvz8rTGjGbhlAIQhuxCA25LBy3wV0tiHMNc
rYU8pIpoWgLokc8UOZu/2EPb1zYkXcSrOL47ybWhT+M3/bMoIcflAA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org