Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234352e302f32342d3234203d3e20313336373837.roa
File: 3139332e3136302e3234352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: iw31cifgNqnkF/gugfmc40nF0R15kfmvug8aa9PKE80=
Subject key identifier: F7:41:24:44:79:28:FA:AE:EF:F3:E2:FD:18:0F:47:01:1B:EB:52:38
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 761F58792948C48DD1A0D48B8E46EF27516A35F1
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:24 +0000
ROA not before: Mon 01 Apr 2024 13:58:24 +0000
ROA not after: Mon 31 Mar 2025 14:03:24 +0000
asID: 136787
IP address blocks: 193.160.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:1f:58:79:29:48:c4:8d:d1:a0:d4:8b:8e:46:ef:27:51:6a:35:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:24 2024 GMT
Not After : Mar 31 14:03:24 2025 GMT
Subject: CN=F74124447928FAAEEFF3E2FD180F47011BEB5238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:67:0d:cc:ca:04:c3:0e:f3:98:be:27:43:45:
e0:b6:8b:d1:34:a0:e0:a9:a3:74:2f:c3:0a:9c:3d:
29:91:e8:77:38:ff:08:db:04:e1:ec:21:54:39:a1:
57:ab:22:34:51:34:39:30:c5:e2:42:c7:1b:64:d4:
aa:24:f0:a9:1f:fb:5b:c1:05:27:73:d2:72:96:18:
a8:19:36:b7:b8:b0:88:6a:f8:35:9a:47:03:a2:61:
2e:e2:5a:d8:50:af:99:e6:95:c1:0c:b7:88:99:dd:
e6:4f:ed:72:ad:96:26:89:0a:44:3b:51:71:10:9f:
fd:27:5d:db:d5:9f:b4:1b:39:2e:56:00:32:dc:28:
7e:46:71:a1:85:46:6c:37:a6:19:48:37:f2:ef:8f:
12:d6:1a:ba:ef:2a:88:df:a2:92:d8:d3:db:23:c1:
6a:e2:b6:f4:54:c1:86:e8:f6:a2:a1:27:18:6b:52:
3a:bc:35:5b:1a:2a:39:bd:bb:96:b6:26:67:87:6c:
9c:33:74:83:0d:18:69:90:f6:59:53:97:60:61:a5:
65:4c:c6:f5:9b:f2:6d:4f:92:8c:50:95:96:33:56:
b9:02:22:61:20:9e:b4:46:21:ee:9c:de:a6:bd:50:
c4:71:f0:4b:ea:c1:e8:c8:c8:f5:a0:b3:54:ac:ee:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:41:24:44:79:28:FA:AE:EF:F3:E2:FD:18:0F:47:01:1B:EB:52:38
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:0a:38:e1:9e:03:01:06:fa:19:6f:ff:a2:96:5a:d3:93:5f:
bc:6c:20:e8:5c:df:44:9f:39:40:ec:ee:fd:54:f9:09:61:84:
36:f1:fe:5e:63:29:2d:49:a8:32:af:df:c0:66:17:3e:28:00:
48:23:b2:df:b3:49:75:f5:8f:43:90:5b:79:56:c2:b2:ff:e5:
5e:03:83:f9:7b:13:e6:39:80:2f:df:1b:8d:31:8b:cb:b8:80:
c0:1b:e2:05:90:0b:c8:58:52:58:f1:ac:74:18:a5:4f:79:37:
c6:e0:84:8b:a4:32:74:d4:dc:72:f0:6c:3a:8f:ce:93:05:33:
cb:70:1a:69:19:d6:d0:60:44:7d:9e:9d:aa:64:e3:94:04:80:
9d:eb:4b:ad:6b:af:e3:15:54:a5:aa:98:2a:6b:07:46:62:6d:
db:0c:95:38:b2:f1:53:bb:8e:16:11:56:02:7e:36:ce:14:f7:
48:c9:18:56:1a:c5:64:64:c4:ee:47:e5:7f:36:6f:1e:9b:4e:
6b:09:b9:da:6b:a9:c7:d1:3d:7f:cf:23:e3:d0:13:b3:e8:4d:
7a:fb:59:8a:dd:87:b4:09:cc:6e:ed:77:ed:d8:3b:12:fb:12:
3f:cc:43:d9:20:5c:e6:58:ab:3b:33:4d:bf:42:b0:34:40:1f:
62:65:a4:ff
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdh9YeSlIxI3RoNSLjkbvJ1FqNfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjRaFw0yNTAzMzExNDAzMjRaMDMxMTAvBgNV
BAMTKEY3NDEyNDQ0NzkyOEZBQUVFRkYzRTJGRDE4MEY0NzAxMUJFQjUyMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTZw3MygTDDvOYvidDReC2i9E0
oOCpo3QvwwqcPSmR6Hc4/wjbBOHsIVQ5oVerIjRRNDkwxeJCxxtk1Kok8Kkf+1vB
BSdz0nKWGKgZNre4sIhq+DWaRwOiYS7iWthQr5nmlcEMt4iZ3eZP7XKtliaJCkQ7
UXEQn/0nXdvVn7QbOS5WADLcKH5GcaGFRmw3phlIN/LvjxLWGrrvKojfopLY09sj
wWritvRUwYbo9qKhJxhrUjq8NVsaKjm9u5a2JmeHbJwzdIMNGGmQ9llTl2BhpWVM
xvWb8m1PkoxQlZYzVrkCImEgnrRGIe6c3qa9UMRx8EvqwejIyPWgs1Ss7sKHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU90EkRHko+q7v8+L9GA9HARvrUjgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTMzMmUzMTM2MzAyZTMy
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGg9TANBgkqhkiG9w0BAQsFAAOCAQEAnAo44Z4DAQb6GW//opZa05NfvGwg
6FzfRJ85QOzu/VT5CWGENvH+XmMpLUmoMq/fwGYXPigASCOy37NJdfWPQ5BbeVbC
sv/lXgOD+XsT5jmAL98bjTGLy7iAwBviBZALyFhSWPGsdBilT3k3xuCEi6QydNTc
cvBsOo/OkwUzy3AaaRnW0GBEfZ6dqmTjlASAnetLrWuv4xVUpaqYKmsHRmJt2wyV
OLLxU7uOFhFWAn42zhT3SMkYVhrFZGTE7kflfzZvHptOawm52mupx9E9f88j49AT
s+hNevtZit2HtAnMbu137dg7EvsSP8xD2SBc5lirOzNNv0KwNEAfYmWk/w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org