Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139322e3134352e3131382e302f32342d3234203d3e20313431303339.roa
File: 3139322e3134352e3131382e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: gmjUco2sDf10tLakVX/8b1gYFYnzpvCHCte9kDvzIGE=
Subject key identifier: 4D:69:F0:C5:6E:71:98:43:0C:AD:DD:87:CA:47:DD:DB:2E:5D:F0:D0
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 159A0E4FEFAFB63AE699E654C75EE9545E759830
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139322e3134352e3131382e302f32342d3234203d3e20313431303339.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 141039
IP address blocks: 192.145.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:9a:0e:4f:ef:af:b6:3a:e6:99:e6:54:c7:5e:e9:54:5e:75:98:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=4D69F0C56E7198430CADDD87CA47DDDB2E5DF0D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:12:b2:d4:d3:93:d7:2c:ae:37:0d:73:11:
bc:78:b2:bc:f3:12:ca:c9:31:91:4c:f3:6f:6f:c6:
c0:08:25:70:91:3d:17:e1:b0:e7:63:ee:08:c6:4d:
6e:bc:0d:18:95:9e:5a:49:90:4c:7c:e9:16:25:a8:
35:31:39:68:15:eb:5c:15:6d:dc:b6:cf:ad:8d:34:
1f:2f:d9:d9:42:15:96:c8:7d:db:a6:45:36:42:c2:
21:73:43:66:be:52:ca:73:0a:0b:04:06:16:79:13:
af:35:dc:e5:03:2e:25:a7:50:93:90:43:23:f6:b9:
1c:58:a3:c1:e8:8c:61:44:eb:cc:89:45:a9:06:6d:
f1:d8:a9:90:6f:2b:f7:b0:a2:29:17:5f:d0:78:c7:
5e:a1:54:b3:ff:1d:0f:5a:01:38:47:00:0d:21:76:
68:ee:2d:ef:f8:2f:8d:60:82:b0:38:4d:4e:bd:36:
8e:08:5f:2b:65:64:e3:f0:58:73:27:f0:a2:19:8d:
c7:0b:fa:59:d1:cd:7c:0b:58:91:21:88:51:e4:53:
f8:d5:19:57:9c:b1:d3:b2:c0:53:0f:9e:c1:4a:e4:
bd:b8:c8:47:49:76:99:e7:cc:4d:24:44:7f:35:5c:
6b:ec:d1:a6:43:8c:e5:b5:f7:ea:cd:e2:96:48:01:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:69:F0:C5:6E:71:98:43:0C:AD:DD:87:CA:47:DD:DB:2E:5D:F0:D0
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139322e3134352e3131382e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.118.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:91:eb:ba:40:ee:a7:8f:9c:03:c1:98:5f:ff:0d:10:b9:b4:
74:a7:6f:36:86:a0:0d:60:7e:01:3e:0b:e8:aa:7a:5b:6e:5f:
95:36:a3:f6:e7:9c:83:10:ef:b0:24:29:0e:1b:6d:f4:19:f7:
1d:58:5b:66:d2:e9:53:eb:53:0b:ce:b2:43:f6:0b:c8:50:32:
06:29:b8:e0:92:e3:48:f3:5e:9e:eb:26:6c:bb:b3:3f:c4:f3:
00:8f:9f:d8:9a:46:78:1d:b6:e9:94:d6:63:97:f0:36:4d:82:
75:96:a4:bf:c3:8e:48:80:31:e6:72:41:ab:a6:67:6b:f4:72:
f9:34:17:f9:5c:d6:96:a3:bc:e6:ae:1c:1d:0f:b7:1e:63:d2:
2e:c8:e9:33:66:9d:90:b8:49:4a:51:db:24:b1:e6:5b:87:ef:
f7:d2:b1:83:10:c5:ac:4c:d6:12:1d:59:4a:47:c5:f7:5f:29:
d4:9a:e7:0f:44:86:56:da:a5:fb:7e:5d:6d:18:c6:36:02:1a:
d8:72:82:a8:9c:3b:63:45:45:fb:82:0f:64:13:02:5b:51:91:
1c:3e:dd:d7:95:1d:f0:49:a5:34:80:55:9f:a4:2d:72:ae:9b:
b9:81:8a:0c:a5:37:b6:9f:d4:ac:b4:0e:2f:6e:5d:c2:bd:e7:
9e:f5:6e:7d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFZoOT++vtjrmmeZUx17pVF51mDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKDRENjlGMEM1NkU3MTk4NDMwQ0FEREQ4N0NBNDdERERCMkU1REYwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3lhKy1NOT1yyuNw1zEbx4srzz
EsrJMZFM829vxsAIJXCRPRfhsOdj7gjGTW68DRiVnlpJkEx86RYlqDUxOWgV61wV
bdy2z62NNB8v2dlCFZbIfdumRTZCwiFzQ2a+UspzCgsEBhZ5E6813OUDLiWnUJOQ
QyP2uRxYo8HojGFE68yJRakGbfHYqZBvK/ewoikXX9B4x16hVLP/HQ9aAThHAA0h
dmjuLe/4L41ggrA4TU69No4IXytlZOPwWHMn8KIZjccL+lnRzXwLWJEhiFHkU/jV
GVecsdOywFMPnsFK5L24yEdJdpnnzE0kRH81XGvs0aZDjOW19+rN4pZIAUD/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTWnwxW5xmEMMrd2Hykfd2y5d8NAwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTMyMmUzMTM0MzUyZTMx
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMCRdjANBgkqhkiG9w0BAQsFAAOCAQEAoJHrukDup4+cA8GYX/8NELm0dKdv
NoagDWB+AT4L6Kp6W25flTaj9uecgxDvsCQpDhtt9Bn3HVhbZtLpU+tTC86yQ/YL
yFAyBim44JLjSPNenusmbLuzP8TzAI+f2JpGeB226ZTWY5fwNk2CdZakv8OOSIAx
5nJBq6Zna/Ry+TQX+VzWlqO85q4cHQ+3HmPSLsjpM2adkLhJSlHbJLHmW4fv99Kx
gxDFrEzWEh1ZSkfF918p1JrnD0SGVtql+35dbRjGNgIa2HKCqJw7Y0VF+4IPZBMC
W1GRHD7d15Ud8EmlNIBVn6Qtcq6buYGKDKU3tp/UrLQOL25dwr3nnvVufQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org