Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
File: 3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: JDG892y3+BTaYWzydsBs14dSuaCeFMwEn/Nx/rLPA1k=
Subject key identifier: D8:5D:9C:5D:1B:AF:45:18:79:1F:14:4F:50:9D:3B:65:45:04:1C:2A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 139890554C7791A294EFCEB71D32FFE327AC9804
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 27 Jan 2025 09:44:51 +0000
ROA not before: Mon 27 Jan 2025 09:39:51 +0000
ROA not after: Mon 26 Jan 2026 09:44:51 +0000
asID: 147049
IP address blocks: 194.156.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:98:90:55:4c:77:91:a2:94:ef:ce:b7:1d:32:ff:e3:27:ac:98:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:51 2025 GMT
Not After : Jan 26 09:44:51 2026 GMT
Subject: CN=D85D9C5D1BAF4518791F144F509D3B6545041C2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ac:82:4f:9f:71:ae:99:83:b7:12:bc:a9:6f:
cd:81:9e:1e:cd:6f:af:1d:3a:d9:cd:3b:81:00:20:
5a:75:90:9b:a9:1e:21:d2:da:b6:25:3f:a5:45:78:
2a:31:27:92:d2:f4:c2:aa:2c:3a:b2:83:2f:15:f0:
47:85:59:ac:ca:6d:27:78:d5:de:19:27:a4:c7:a3:
a4:7b:e9:16:3c:d6:79:1c:5a:d9:9c:da:b5:75:53:
c6:c3:74:49:cc:65:79:7d:a8:bc:be:70:fe:d6:12:
32:17:ca:26:8b:c9:ff:10:a4:d0:55:7c:15:0b:c9:
68:68:df:3f:be:55:75:34:98:58:28:f5:1f:53:fc:
01:a4:88:ac:cb:7a:bf:4a:c8:1c:95:e4:f1:72:91:
97:eb:27:c3:33:b9:c3:31:8a:94:67:78:03:a8:f3:
08:55:7d:2d:47:28:68:d1:68:5d:e6:f8:da:bd:7a:
e3:60:df:1f:6a:f8:7d:b5:63:80:53:3b:d4:6d:44:
1a:d0:8e:30:4e:b8:31:f7:bb:01:6c:6a:31:9d:a5:
57:2f:77:1e:db:6f:8b:5c:35:25:ec:e9:83:c9:8f:
59:b7:6b:c5:d3:75:7d:61:d4:a6:22:32:41:e6:ae:
12:a0:e0:e3:b4:15:f2:6b:3a:29:5f:df:7e:19:ca:
2f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5D:9C:5D:1B:AF:45:18:79:1F:14:4F:50:9D:3B:65:45:04:1C:2A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133362e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.136.0/24
Signature Algorithm: sha256WithRSAEncryption
52:5a:6b:1d:76:05:cb:e0:26:41:38:c7:b2:51:41:ad:a6:ec:
c1:90:9e:92:91:c8:e1:b6:c6:2a:45:01:de:df:bd:19:75:f0:
77:fc:9b:67:dc:b3:5b:7f:3d:94:75:33:84:c6:62:f7:29:3e:
b1:a5:80:12:a9:95:56:69:55:e4:70:5c:36:66:27:a8:4e:52:
1a:2e:ef:f2:55:e0:85:12:ee:ca:a2:ef:be:27:11:db:15:44:
98:5b:6a:eb:8d:7c:2c:52:d0:69:e0:72:67:88:83:13:f6:eb:
b9:5c:3e:cd:82:4a:09:4d:06:0a:ec:3b:f5:9a:44:26:62:ac:
30:ec:c0:df:6d:a6:56:27:42:34:31:82:8c:c0:41:cb:98:33:
7c:4f:d7:27:ac:cd:7e:66:a7:1e:4b:d9:ec:7d:06:a9:15:d9:
86:eb:1f:ef:43:e6:35:dd:f5:f3:b4:03:f7:23:c8:46:bd:0e:
50:ba:5f:df:97:ee:fc:e1:db:ed:d0:ee:6f:aa:cb:cc:f8:5c:
33:46:0f:7f:b3:f1:fc:19:fb:7e:46:30:73:cf:2d:4c:6a:43:
13:4e:31:68:fb:21:cd:47:ee:d7:6a:be:de:05:d6:b2:98:36:
3b:49:c3:0b:74:2a:31:e7:ce:2a:43:17:9e:95:a2:ec:39:e0:
89:7c:4e:69
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUE5iQVUx3kaKU7863HTL/4yesmAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTFaFw0yNjAxMjYwOTQ0NTFaMDMxMTAvBgNV
BAMTKEQ4NUQ5QzVEMUJBRjQ1MTg3OTFGMTQ0RjUwOUQzQjY1NDUwNDFDMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIrIJPn3GumYO3Erypb82Bnh7N
b68dOtnNO4EAIFp1kJupHiHS2rYlP6VFeCoxJ5LS9MKqLDqygy8V8EeFWazKbSd4
1d4ZJ6THo6R76RY81nkcWtmc2rV1U8bDdEnMZXl9qLy+cP7WEjIXyiaLyf8QpNBV
fBULyWho3z++VXU0mFgo9R9T/AGkiKzLer9KyByV5PFykZfrJ8MzucMxipRneAOo
8whVfS1HKGjRaF3m+Nq9euNg3x9q+H21Y4BTO9RtRBrQjjBOuDH3uwFsajGdpVcv
dx7bb4tcNSXs6YPJj1m3a8XTdX1h1KYiMkHmrhKg4OO0FfJrOilf334Zyi8fAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2F2cXRuvRRh5HxRPUJ07ZUUEHCowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM1MzYyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKciDANBgkqhkiG9w0BAQsFAAOCAQEAUlprHXYFy+AmQTjHslFBrabswZCe
kpHI4bbGKkUB3t+9GXXwd/ybZ9yzW389lHUzhMZi9yk+saWAEqmVVmlV5HBcNmYn
qE5SGi7v8lXghRLuyqLvvicR2xVEmFtq6418LFLQaeByZ4iDE/bruVw+zYJKCU0G
Cuw79ZpEJmKsMOzA322mVidCNDGCjMBBy5gzfE/XJ6zNfmanHkvZ7H0GqRXZhusf
70PmNd3187QD9yPIRr0OULpf35fu/OHb7dDub6rLzPhcM0YPf7Px/Bn7fkYwc88t
TGpDE04xaPshzUfu12q+3gXWspg2O0nDC3QqMefOKkMXnpWi7DngiXxOaQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:06:15 2025 by rpki-client