Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
File: 3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: TYFpzltIGTPgiGEQchZmiBGP+MddH379NUSTzKEGWOw=
Subject key identifier: FE:F1:9A:92:29:EC:45:D3:3B:B0:39:51:FB:13:E8:17:9F:BA:7C:1E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 7061335C9F336DC13FF0D9A76E69B6C13969DE1F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:52:40 +0000
ROA not before: Mon 26 Feb 2024 08:47:40 +0000
ROA not after: Mon 24 Feb 2025 08:52:40 +0000
asID: 147049
IP address blocks: 194.156.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:61:33:5c:9f:33:6d:c1:3f:f0:d9:a7:6e:69:b6:c1:39:69:de:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 26 08:47:40 2024 GMT
Not After : Feb 24 08:52:40 2025 GMT
Subject: CN=FEF19A9229EC45D33BB03951FB13E8179FBA7C1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5b:d0:9a:0e:58:6e:b3:4e:f0:e2:77:8f:f4:
69:f1:97:fe:55:dc:93:a7:b3:2e:af:a1:5b:3e:a8:
ea:67:4f:11:8e:c5:04:15:b6:1d:1d:2f:d3:35:69:
06:ca:20:fe:4e:4f:89:c8:04:f8:24:fc:d1:0a:15:
5d:a0:3d:ed:a1:c9:fb:60:3b:ef:50:59:4e:a4:6d:
99:6a:77:6e:cb:b1:3a:9b:07:57:36:43:a0:f6:04:
f1:1e:7c:13:c0:fc:d3:b6:f4:9a:19:da:d1:45:94:
e1:5d:ed:4f:63:0b:78:88:7f:79:22:dc:03:09:fb:
37:15:32:ca:5c:ea:02:98:6f:45:a2:61:55:a4:d6:
6f:a7:89:a5:83:ca:18:be:b4:8e:95:b0:cf:b7:62:
40:6c:b2:97:69:bc:5f:f7:cb:3f:05:16:73:37:d2:
30:a4:db:49:72:60:06:37:32:ef:a8:a7:cb:da:38:
d7:7d:1d:9d:c6:53:49:23:ba:f3:d4:1d:09:95:cd:
b0:2c:91:82:fb:aa:4a:82:a0:11:bf:26:b1:dc:30:
d6:46:d8:c1:96:d5:b4:62:b0:fa:a6:a1:46:5c:3c:
95:9f:ee:ba:d2:5b:32:19:a2:d0:e3:c6:d1:10:46:
aa:e3:5e:0b:f6:90:c0:ef:0f:f5:79:ad:2d:91:33:
a4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F1:9A:92:29:EC:45:D3:3B:B0:39:51:FB:13:E8:17:9F:BA:7C:1E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.136.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ed:d7:08:c8:3d:3f:4e:14:67:fe:99:09:48:ca:20:b6:f6:
ef:29:3a:f5:c0:a3:81:5c:9b:d3:f7:42:d4:11:89:4b:44:67:
74:d2:ba:98:64:fc:1e:10:7a:35:a0:83:ef:c8:e6:dd:dd:1c:
52:b9:60:25:05:bb:12:40:cc:92:d2:dd:29:70:af:87:3e:e4:
8a:a8:8d:a4:2d:0e:45:ac:76:10:22:31:8d:0a:85:94:9f:0d:
98:27:00:60:97:44:ce:cf:25:67:fb:4a:41:09:7d:fa:cc:1d:
48:df:1b:38:f0:ee:83:cf:c6:67:0f:26:e2:34:bc:77:24:71:
81:3a:8f:1e:61:0e:e8:95:ab:66:48:0f:83:50:2d:7a:73:ca:
d4:3a:55:ee:75:4a:ec:e9:15:f6:cb:e2:7e:ec:5f:cb:c2:e1:
49:00:2c:60:43:4c:f8:97:46:04:e0:90:da:f5:23:44:ae:6f:
15:37:71:4c:5b:19:a9:84:a8:bb:54:19:3c:4d:83:98:ff:dd:
3f:af:93:bb:74:d5:3d:31:95:19:4a:20:ec:97:0f:40:e7:70:
2d:93:52:35:a2:a3:ba:f0:c6:71:1c:75:63:e2:97:95:07:0b:
f5:0a:58:43:a0:b1:5e:c5:77:71:92:bf:af:79:a7:58:35:48:
39:17:80:32
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcGEzXJ8zbcE/8Nmnbmm2wTlp3h8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAyMjYwODQ3NDBaFw0yNTAyMjQwODUyNDBaMDMxMTAvBgNV
BAMTKEZFRjE5QTkyMjlFQzQ1RDMzQkIwMzk1MUZCMTNFODE3OUZCQTdDMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxW9CaDlhus07w4neP9Gnxl/5V
3JOnsy6voVs+qOpnTxGOxQQVth0dL9M1aQbKIP5OT4nIBPgk/NEKFV2gPe2hyftg
O+9QWU6kbZlqd27LsTqbB1c2Q6D2BPEefBPA/NO29JoZ2tFFlOFd7U9jC3iIf3ki
3AMJ+zcVMspc6gKYb0WiYVWk1m+niaWDyhi+tI6VsM+3YkBsspdpvF/3yz8FFnM3
0jCk20lyYAY3Mu+op8vaONd9HZ3GU0kjuvPUHQmVzbAskYL7qkqCoBG/JrHcMNZG
2MGW1bRisPqmoUZcPJWf7rrSWzIZotDjxtEQRqrjXgv2kMDvD/V5rS2RM6RLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU/vGakinsRdM7sDlR+xPoF5+6fB4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM1MzYyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKciDANBgkqhkiG9w0BAQsFAAOCAQEAKO3XCMg9P04UZ/6ZCUjKILb27yk6
9cCjgVyb0/dC1BGJS0RndNK6mGT8HhB6NaCD78jm3d0cUrlgJQW7EkDMktLdKXCv
hz7kiqiNpC0ORax2ECIxjQqFlJ8NmCcAYJdEzs8lZ/tKQQl9+swdSN8bOPDug8/G
Zw8m4jS8dyRxgTqPHmEO6JWrZkgPg1AtenPK1DpV7nVK7OkV9svifuxfy8LhSQAs
YENM+JdGBOCQ2vUjRK5vFTdxTFsZqYSou1QZPE2DmP/dP6+Tu3TVPTGVGUog7JcP
QOdwLZNSNaKjuvDGcRx1Y+KXlQcL9QpYQ6CxXsV3cZK/r3mnWDVIOReAMg==
-----END CERTIFICATE-----
Generated at Fri May 17 10:15:39 2024 by rpki-client on console-ams.rpki-client.org