Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
File: 3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: YoOz7HdzLkbqRYbCmJ34ZfZcqQpXOwj3uQSZ7rkb8NM=
Subject key identifier: 08:2E:DC:A6:DF:B9:60:72:62:D4:FA:8A:C0:0F:94:D5:07:EF:7C:38
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 358108A9DDC302B2E1E447C05F2BB6A4023768ED
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:27 +0000
ROA not before: Wed 03 Apr 2024 18:58:27 +0000
ROA not after: Wed 02 Apr 2025 19:03:27 +0000
asID: 136787
IP address blocks: 194.146.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:81:08:a9:dd:c3:02:b2:e1:e4:47:c0:5f:2b:b6:a4:02:37:68:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 3 18:58:27 2024 GMT
Not After : Apr 2 19:03:27 2025 GMT
Subject: CN=082EDCA6DFB9607262D4FA8AC00F94D507EF7C38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:38:77:74:1b:52:c4:c1:94:a4:a3:c1:18:
02:91:ee:a2:28:e7:9b:af:77:39:9f:cf:94:73:e6:
fd:c9:ed:20:c4:ca:02:d8:de:d5:85:60:59:d2:55:
84:2e:aa:07:34:80:2a:2d:9d:3e:47:59:25:e1:d3:
c2:4e:11:0e:0b:c4:2e:83:15:e2:e7:9c:6f:61:c7:
ed:19:7d:b2:d3:72:60:78:72:77:d4:66:b2:54:fa:
ab:a6:90:0b:48:ba:1b:1a:04:f1:cb:af:f1:dd:e1:
34:35:1a:46:0e:6e:54:f6:3f:4e:29:1f:89:5a:4e:
b1:78:0c:8e:4b:f7:02:5e:47:eb:34:ed:12:eb:aa:
87:47:22:8f:92:ad:ae:8b:20:30:28:4e:9d:bf:f4:
79:1e:a1:1a:f9:02:86:05:37:bb:77:58:80:31:20:
10:b1:43:3b:eb:70:c0:5d:f0:8b:57:75:e3:16:b7:
8e:44:5f:07:dd:52:11:be:79:7e:90:1b:e3:1f:08:
d1:ad:ec:08:99:16:31:74:d7:75:04:7c:7d:0d:3c:
27:b7:c0:19:7e:c8:50:d0:6c:48:a9:9b:1b:f4:19:
92:56:db:36:bd:6b:04:21:f9:28:fe:eb:76:a5:f8:
bc:2c:78:d9:8b:2b:48:9a:cf:a4:92:f6:4c:f3:3c:
9f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2E:DC:A6:DF:B9:60:72:62:D4:FA:8A:C0:0F:94:D5:07:EF:7C:38
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c4:a7:f2:9f:21:67:13:00:9f:e3:bd:d7:a5:9e:ab:42:39:
28:a0:40:ca:05:9c:d0:de:b1:1e:18:01:c1:03:3a:a6:6b:86:
5c:08:f7:0c:57:d9:92:26:5c:0e:ba:07:90:1c:04:e3:9a:ee:
32:ed:1c:75:cc:f7:38:d7:13:d1:90:60:2b:99:5a:d4:08:ff:
83:b3:7a:f3:8c:b4:f8:b6:50:59:25:3a:8a:4e:fc:64:7b:4d:
7e:f1:4d:a8:86:24:07:88:8f:88:c2:e1:12:0d:83:04:cf:2f:
1c:2f:6e:9c:4d:ba:93:77:76:68:1e:7d:37:d8:e6:2e:1a:7b:
27:77:00:3c:d2:46:eb:83:e8:c4:2e:4b:4c:9f:08:41:ed:b9:
27:01:bb:68:33:1b:d6:4b:9b:0b:2e:d2:57:7e:2d:52:5a:ed:
02:fd:86:04:3d:0f:d4:b7:b8:37:b8:94:0f:2e:a7:07:dd:75:
28:a0:20:f3:45:12:1b:b6:85:59:d5:79:e8:58:12:76:a2:94:
a7:61:d8:67:4e:01:1e:a6:60:76:38:61:2a:3b:6f:35:fd:d0:
1d:c9:22:ad:4a:6f:7f:82:d8:67:ff:ec:30:a9:2a:2e:36:a5:
8d:90:a7:cc:73:64:18:8a:95:a3:15:f1:61:68:28:cf:12:21:
ee:98:eb:22
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNYEIqd3DArLh5EfAXyu2pAI3aO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDA0MDMxODU4MjdaFw0yNTA0MDIxOTAzMjdaMDMxMTAvBgNV
BAMTKDA4MkVEQ0E2REZCOTYwNzI2MkQ0RkE4QUMwMEY5NEQ1MDdFRjdDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlUzh3dBtSxMGUpKPBGAKR7qIo
55uvdzmfz5Rz5v3J7SDEygLY3tWFYFnSVYQuqgc0gCotnT5HWSXh08JOEQ4LxC6D
FeLnnG9hx+0ZfbLTcmB4cnfUZrJU+qumkAtIuhsaBPHLr/Hd4TQ1GkYOblT2P04p
H4laTrF4DI5L9wJeR+s07RLrqodHIo+Sra6LIDAoTp2/9HkeoRr5AoYFN7t3WIAx
IBCxQzvrcMBd8ItXdeMWt45EXwfdUhG+eX6QG+MfCNGt7AiZFjF013UEfH0NPCe3
wBl+yFDQbEipmxv0GZJW2za9awQh+Sj+63al+LwseNmLK0iaz6SS9kzzPJ8nAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCC7cpt+5YHJi1PqKwA+U1QfvfDgwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM0MzYyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCkg8wDQYJKoZIhvcNAQELBQADggEBAC7Ep/KfIWcTAJ/jvdelnqtCOSigQMoF
nNDesR4YAcEDOqZrhlwI9wxX2ZImXA66B5AcBOOa7jLtHHXM9zjXE9GQYCuZWtQI
/4OzevOMtPi2UFklOopO/GR7TX7xTaiGJAeIj4jC4RINgwTPLxwvbpxNupN3dmge
fTfY5i4aeyd3ADzSRuuD6MQuS0yfCEHtuScBu2gzG9ZLmwsu0ld+LVJa7QL9hgQ9
D9S3uDe4lA8upwfddSigIPNFEhu2hVnVeehYEnailKdh2GdOAR6mYHY4YSo7bzX9
0B3JIq1Kb3+C2Gf/7DCpKi42pY2Qp8xzZBiKlaMV8WFoKM8SIe6Y6yI=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org