Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234362e302f32342d3234203d3e20313336373837.roa
File: 3139332e3136302e3234362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zRqMBgeodNV1ggnsbKXWDiZbFf00KzO0jIulrEOBZZs=
Subject key identifier: 7B:56:02:DA:CB:43:C6:4F:E8:3A:6B:B2:C8:12:1B:5D:CB:BC:BE:DB
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3AD381121B15290CB26CDBF6AE9887A19D10ADC2
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:23 +0000
ROA not before: Mon 01 Apr 2024 13:58:23 +0000
ROA not after: Mon 31 Mar 2025 14:03:23 +0000
asID: 136787
IP address blocks: 193.160.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d3:81:12:1b:15:29:0c:b2:6c:db:f6:ae:98:87:a1:9d:10:ad:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:23 2024 GMT
Not After : Mar 31 14:03:23 2025 GMT
Subject: CN=7B5602DACB43C64FE83A6BB2C8121B5DCBBCBEDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:73:28:d0:b9:c1:c2:ec:b6:70:10:70:3d:
84:ac:bc:49:01:d0:1e:aa:ab:e4:0a:a2:1e:b5:23:
45:f8:f7:82:84:18:dd:aa:1c:dd:ad:2c:0d:2b:0d:
af:32:52:a8:d9:8a:06:fa:be:af:27:ca:dd:42:ba:
74:65:c2:86:95:75:db:c6:a9:fe:45:9f:c7:72:44:
98:d9:0a:09:61:e4:73:bb:6d:e4:c4:17:19:0b:29:
c1:08:af:d5:9d:61:de:33:3e:ec:93:98:cf:69:9e:
d5:75:fb:d0:b6:95:1a:b5:bb:8a:15:57:f9:02:4b:
56:c9:39:b0:10:a1:56:e3:fc:3e:65:1f:c7:d3:ee:
48:29:b1:5d:64:32:af:f7:e6:e4:fc:dd:7d:03:41:
4f:03:62:09:8b:23:a8:14:70:16:79:dc:85:a8:06:
3b:63:d5:ac:1a:9c:91:1e:3b:3a:e4:68:26:da:b4:
8c:bd:c8:fe:0b:e9:57:6e:a6:5a:f3:38:0b:cc:35:
f7:50:12:fb:65:e1:09:7e:30:4c:5c:be:7a:01:20:
aa:1b:94:72:6b:9b:e2:49:89:12:43:8a:1e:d6:f8:
14:83:67:c8:55:0e:66:3d:23:be:69:a5:39:a5:e1:
7f:0a:78:fa:ca:bc:6a:fd:b3:85:b3:df:56:e1:3e:
32:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:56:02:DA:CB:43:C6:4F:E8:3A:6B:B2:C8:12:1B:5D:CB:BC:BE:DB
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e3136302e3234362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:fd:46:fc:20:0e:79:ff:1a:33:d8:a8:a9:98:cc:4d:12:3e:
eb:1f:b7:30:c4:17:cb:88:fd:fb:6a:21:d7:e2:33:78:6c:e0:
ba:53:38:10:f3:e0:1e:df:85:3f:7a:4f:17:b8:c3:50:3f:fb:
03:72:e4:88:9e:65:8b:e1:13:93:e5:a1:cf:30:4f:1c:95:2b:
d5:4d:28:d0:ad:2a:11:53:0b:09:4e:be:28:da:22:c4:78:15:
f5:05:a2:0f:3b:8f:42:9f:66:bc:94:5d:6c:d6:d5:6c:31:74:
ed:da:5d:c4:4d:3a:7b:6e:5c:ce:38:c0:cc:92:f8:62:4f:1a:
60:ba:a6:0d:8d:60:ea:5a:08:de:13:30:71:3a:9f:e8:e8:8d:
20:f5:a1:fc:c7:0b:00:6f:ee:56:c2:b2:a6:57:ed:77:ec:fa:
bd:a8:a1:a3:1a:fd:bf:1b:49:1b:62:b8:13:89:bb:6d:13:59:
3b:84:b8:6e:61:01:10:e9:12:30:49:a7:9c:60:4d:6a:ed:64:
17:92:08:a8:49:e1:50:f0:f1:a9:fb:60:57:fb:b9:19:d3:aa:
dd:97:5a:fb:f8:a7:d5:a7:6c:98:95:f2:27:72:e3:f2:27:96:
b1:75:ea:ae:ed:15:e0:49:6d:3b:04:2e:f3:03:50:2a:0d:ff:
f6:e9:7a:ca
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOtOBEhsVKQyybNv2rpiHoZ0QrcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjNaFw0yNTAzMzExNDAzMjNaMDMxMTAvBgNV
BAMTKDdCNTYwMkRBQ0I0M0M2NEZFODNBNkJCMkM4MTIxQjVEQ0JCQ0JFREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPvnMo0LnBwuy2cBBwPYSsvEkB
0B6qq+QKoh61I0X494KEGN2qHN2tLA0rDa8yUqjZigb6vq8nyt1CunRlwoaVddvG
qf5Fn8dyRJjZCglh5HO7beTEFxkLKcEIr9WdYd4zPuyTmM9pntV1+9C2lRq1u4oV
V/kCS1bJObAQoVbj/D5lH8fT7kgpsV1kMq/35uT83X0DQU8DYgmLI6gUcBZ53IWo
Bjtj1awanJEeOzrkaCbatIy9yP4L6VduplrzOAvMNfdQEvtl4Ql+MExcvnoBIKob
lHJrm+JJiRJDih7W+BSDZ8hVDmY9I75ppTml4X8KePrKvGr9s4Wz31bhPjLPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUe1YC2stDxk/oOmuyyBIbXcu8vtswHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTMzMmUzMTM2MzAyZTMy
MzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGg9jANBgkqhkiG9w0BAQsFAAOCAQEASv1G/CAOef8aM9ioqZjMTRI+6x+3
MMQXy4j9+2oh1+IzeGzgulM4EPPgHt+FP3pPF7jDUD/7A3LkiJ5li+ETk+WhzzBP
HJUr1U0o0K0qEVMLCU6+KNoixHgV9QWiDzuPQp9mvJRdbNbVbDF07dpdxE06e25c
zjjAzJL4Yk8aYLqmDY1g6loI3hMwcTqf6OiNIPWh/McLAG/uVsKyplftd+z6vaih
oxr9vxtJG2K4E4m7bRNZO4S4bmEBEOkSMEmnnGBNau1kF5IIqEnhUPDxqftgV/u5
GdOq3Zda+/in1adsmJXyJ3Lj8ieWsXXqru0V4EltOwQu8wNQKg3/9ul6yg==
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:00 2024 by rpki-client on console-ams.rpki-client.org