Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
File: 3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 74C7R/EIYrYFOeGFCK6k0e57RwEdMK3aTQmpUQwS50I=
Subject key identifier: 85:A2:CB:24:47:BA:BD:88:52:BE:27:81:7D:D5:E1:03:89:CE:9D:69
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 14302B89E5F9ABFC895D2ADCB727376804F538F6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:42 +0000
ROA not before: Sat 02 Mar 2024 21:49:42 +0000
ROA not after: Sat 01 Mar 2025 21:54:42 +0000
asID: 136787
IP address blocks: 194.156.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:30:2b:89:e5:f9:ab:fc:89:5d:2a:dc:b7:27:37:68:04:f5:38:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 2 21:49:42 2024 GMT
Not After : Mar 1 21:54:42 2025 GMT
Subject: CN=85A2CB2447BABD8852BE27817DD5E10389CE9D69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:25:e3:99:24:08:1f:08:ab:65:0c:1d:3b:
43:b0:f9:04:c4:81:2e:b1:c1:a5:96:65:57:3e:82:
1c:f1:c1:5d:1c:4e:ec:f9:89:5f:60:74:94:99:97:
46:4d:52:44:01:58:23:30:cd:d2:b5:e6:75:05:e8:
74:b1:6f:8f:78:8c:25:c4:94:54:5e:e4:07:fb:5c:
43:c1:78:8c:41:fc:26:69:54:0f:f7:13:0f:c2:de:
53:59:f9:f4:3c:38:3f:51:74:5d:16:dc:49:44:f7:
c3:13:1a:c0:3f:c2:28:77:74:58:ba:9c:19:fd:ef:
26:93:67:f7:5a:5f:28:27:26:91:92:54:bc:6b:4b:
95:31:b6:8e:48:be:16:82:e8:19:da:81:87:a3:c9:
8c:68:9b:7a:fa:8b:3d:23:e6:29:dd:4e:bf:66:0f:
95:49:e8:46:df:8a:f6:29:b1:8c:01:56:eb:35:f8:
54:74:85:fd:61:1b:3c:97:33:bf:9d:f7:fd:43:fc:
27:41:b6:ce:25:76:cb:c2:db:7c:c1:7a:a9:f7:27:
bb:4a:6e:07:06:86:ab:f0:4e:1f:72:6a:37:90:c9:
d6:63:6a:96:60:e8:32:f8:59:f1:e3:f3:08:f4:06:
d9:ee:c6:de:be:a3:c7:f2:44:41:ec:9e:a5:a1:46:
b1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A2:CB:24:47:BA:BD:88:52:BE:27:81:7D:D5:E1:03:89:CE:9D:69
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.137.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:a2:15:e9:e9:ee:7a:11:1e:8c:76:d6:1f:a8:54:dd:15:15:
5d:0e:0c:83:cc:66:49:10:2d:db:75:15:f6:62:09:51:08:d5:
0f:7f:46:66:30:59:77:6d:23:fc:2d:16:aa:fe:2b:65:d2:e4:
38:73:2f:1c:13:51:27:ef:38:fb:2d:46:44:29:ca:8b:12:2c:
88:77:1a:8a:41:fb:3c:04:51:f2:ff:05:9c:ec:68:0f:ab:a1:
1f:f8:60:a9:f1:07:b5:ec:bb:fa:9b:a6:0d:6f:b1:3c:b4:f6:
e8:e9:cc:37:65:e7:a4:cc:9d:5e:86:e8:f1:7b:61:52:fe:9b:
7d:fa:00:a3:2e:b0:b9:f3:d8:bf:dc:bf:75:71:d1:0c:6b:c7:
c8:31:b9:19:7c:e9:93:c6:1e:69:a6:f6:59:36:e5:54:f0:98:
08:25:01:a4:c6:9b:19:53:ac:0f:06:d4:51:56:ab:9a:36:74:
fc:a3:22:54:aa:62:e0:8e:14:5a:4b:2d:33:9a:51:f6:7d:01:
38:ed:90:9a:3f:23:7f:7c:be:07:8f:01:f3:00:36:2b:ac:77:
e6:d0:f8:89:50:35:fe:53:43:d9:78:5f:17:55:7c:89:40:ef:
0d:46:18:85:bd:68:2e:59:99:ea:ce:6f:e4:90:48:f6:7d:21:
9b:c1:a4:06
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFDArieX5q/yJXSrctyc3aAT1OPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDAzMDIyMTQ5NDJaFw0yNTAzMDEyMTU0NDJaMDMxMTAvBgNV
BAMTKDg1QTJDQjI0NDdCQUJEODg1MkJFMjc4MTdERDVFMTAzODlDRTlENjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1ESXjmSQIHwirZQwdO0Ow+QTE
gS6xwaWWZVc+ghzxwV0cTuz5iV9gdJSZl0ZNUkQBWCMwzdK15nUF6HSxb494jCXE
lFRe5Af7XEPBeIxB/CZpVA/3Ew/C3lNZ+fQ8OD9RdF0W3ElE98MTGsA/wih3dFi6
nBn97yaTZ/daXygnJpGSVLxrS5Uxto5IvhaC6BnagYejyYxom3r6iz0j5indTr9m
D5VJ6EbfivYpsYwBVus1+FR0hf1hGzyXM7+d9/1D/CdBts4ldsvC23zBeqn3J7tK
bgcGhqvwTh9yajeQydZjapZg6DL4WfHj8wj0Btnuxt6+o8fyREHsnqWhRrE1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhaLLJEe6vYhSvieBfdXhA4nOnWkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM1MzYyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKciTANBgkqhkiG9w0BAQsFAAOCAQEAsaIV6enuehEejHbWH6hU3RUVXQ4M
g8xmSRAt23UV9mIJUQjVD39GZjBZd20j/C0Wqv4rZdLkOHMvHBNRJ+84+y1GRCnK
ixIsiHcaikH7PARR8v8FnOxoD6uhH/hgqfEHtey7+pumDW+xPLT26OnMN2XnpMyd
Xobo8XthUv6bffoAoy6wufPYv9y/dXHRDGvHyDG5GXzpk8Yeaab2WTblVPCYCCUB
pMabGVOsDwbUUVarmjZ0/KMiVKpi4I4UWkstM5pR9n0BOO2Qmj8jf3y+B48B8wA2
K6x35tD4iVA1/lND2XhfF1V8iUDvDUYYhb1oLlmZ6s5v5JBI9n0hm8GkBg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org