Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e203138343530.roa
File: 3139342e33312e3134382e302f32342d3234203d3e203138343530.roa (raw, json)
Hash identifier: 2f2XdsK8NvHEOaBL1Tef89JGrkNuCPEwqsMF+A0mv1E=
Subject key identifier: EC:74:A9:A4:52:F3:F0:1A:F0:54:2B:A1:95:DE:DB:7D:E3:CB:28:C3
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2836BDCECFD43EDA9BA8C8CE4D3E936371154737
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e203138343530.roa
Signing time: Thu 31 Oct 2024 07:19:36 +0000
ROA not before: Thu 31 Oct 2024 07:14:36 +0000
ROA not after: Thu 30 Oct 2025 07:19:36 +0000
asID: 18450
IP address blocks: 194.31.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:36:bd:ce:cf:d4:3e:da:9b:a8:c8:ce:4d:3e:93:63:71:15:47:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Oct 31 07:14:36 2024 GMT
Not After : Oct 30 07:19:36 2025 GMT
Subject: CN=EC74A9A452F3F01AF0542BA195DEDB7DE3CB28C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:51:4c:82:b2:03:37:82:82:fe:84:13:6b:
71:32:b6:db:6a:5b:72:82:55:d6:01:31:8f:1f:6b:
9e:2d:2d:c4:1b:67:5d:36:89:a7:b2:3f:26:a7:01:
cc:82:b9:ed:f7:12:d2:22:c9:c4:54:3a:d7:13:f0:
8d:09:9d:fe:37:fc:55:45:be:93:c5:95:74:70:53:
83:b4:31:43:86:78:1b:cb:d5:35:15:c3:24:23:46:
9c:1e:6a:05:a7:33:83:28:22:45:fb:5d:e0:9f:95:
32:f9:c0:49:13:21:11:96:16:ab:ac:9d:fa:6e:a7:
3c:69:c7:6f:53:a8:34:e7:54:2d:36:89:10:80:fc:
a0:62:8d:bb:06:46:a8:df:6b:b7:22:c6:5e:ce:32:
42:1e:f6:7e:2c:e6:3c:50:5d:72:76:b6:a9:61:ce:
ff:ee:8a:b0:e1:2e:cc:99:84:df:5e:47:0f:9d:6d:
3e:40:86:99:79:07:89:95:62:8e:c6:55:72:79:6e:
e8:f4:f6:f1:1f:e5:20:c5:45:f5:90:0a:98:45:1c:
c6:54:c6:e2:b8:a3:f5:ac:e2:1a:34:7e:d4:f5:a8:
cb:f7:7c:fb:16:2e:c9:ff:71:32:dc:4c:be:81:ce:
3c:5a:ee:de:92:17:a8:20:ff:96:9e:9f:ab:4f:75:
3c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:74:A9:A4:52:F3:F0:1A:F0:54:2B:A1:95:DE:DB:7D:E3:CB:28:C3
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e203138343530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.148.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:05:8e:b4:fe:e5:85:ef:e5:a2:c4:8c:35:eb:62:98:bc:53:
5c:4a:ce:b7:1e:08:35:3a:6f:e7:44:d3:83:bd:2f:50:3c:e0:
a3:9a:93:15:8a:ab:57:b2:d2:7f:a8:cd:6e:cb:6b:fb:30:44:
6f:4a:f6:f6:34:67:23:6b:61:2a:dc:17:89:f4:75:97:46:d1:
01:c2:13:fa:d1:da:e8:1d:68:4f:30:01:30:02:04:e0:ce:bd:
12:e1:27:94:86:7a:a7:94:9f:94:38:85:90:55:45:f3:c6:27:
8f:fe:43:f6:39:7c:9b:ef:de:30:88:5c:44:54:44:dc:c2:90:
96:e6:c5:ea:82:c4:a6:77:ef:02:b9:5b:ef:b4:88:e0:74:bc:
63:d4:59:65:1b:e6:27:26:91:e5:ad:2e:d0:4d:12:72:b3:76:
96:66:69:e6:54:28:e8:4e:b7:3a:04:9c:3b:72:04:df:65:9b:
b1:e5:8f:d4:93:03:1d:7f:95:1d:54:f8:01:d2:ea:ab:b8:97:
f9:79:96:9b:47:0d:92:d4:4f:ad:9d:09:9f:2e:91:a1:ec:0d:
22:a5:bd:57:e3:54:dc:14:f2:5c:6c:bb:af:4a:59:a5:5b:bb:
a0:01:0b:58:81:c4:7d:ed:b5:a1:d4:5e:88:49:ac:27:37:22:
17:18:77:63
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKDa9zs/UPtqbqMjOTT6TY3EVRzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEwMzEwNzE0MzZaFw0yNTEwMzAwNzE5MzZaMDMxMTAvBgNV
BAMTKEVDNzRBOUE0NTJGM0YwMUFGMDU0MkJBMTk1REVEQjdERTNDQjI4QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2H1FMgrIDN4KC/oQTa3Eytttq
W3KCVdYBMY8fa54tLcQbZ102iaeyPyanAcyCue33EtIiycRUOtcT8I0Jnf43/FVF
vpPFlXRwU4O0MUOGeBvL1TUVwyQjRpweagWnM4MoIkX7XeCflTL5wEkTIRGWFqus
nfpupzxpx29TqDTnVC02iRCA/KBijbsGRqjfa7cixl7OMkIe9n4s5jxQXXJ2tqlh
zv/uirDhLsyZhN9eRw+dbT5Ahpl5B4mVYo7GVXJ5buj09vEf5SDFRfWQCphFHMZU
xuK4o/Ws4ho0ftT1qMv3fPsWLsn/cTLcTL6Bzjxa7t6SF6gg/5aen6tPdTwnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7HSppFLz8BrwVCuhld7bfePLKMMwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM4MzQzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh+UMA0GCSqGSIb3DQEBCwUAA4IBAQC1BY60/uWF7+WixIw162KYvFNcSs63Hgg1
Om/nRNODvS9QPOCjmpMViqtXstJ/qM1uy2v7MERvSvb2NGcja2Eq3BeJ9HWXRtEB
whP60droHWhPMAEwAgTgzr0S4SeUhnqnlJ+UOIWQVUXzxieP/kP2OXyb794wiFxE
VETcwpCW5sXqgsSmd+8CuVvvtIjgdLxj1FllG+YnJpHlrS7QTRJys3aWZmnmVCjo
Trc6BJw7cgTfZZux5Y/UkwMdf5UdVPgB0uqruJf5eZabRw2S1E+tnQmfLpGh7A0i
pb1X41TcFPJcbLuvSlmlW7ugAQtYgcR97bWh1F6ISawnNyIXGHdj
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org