Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
File: 3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: /s+epBwH6Jwf/hlgiRd2Yp9WfGxWuO/QLOCVX590Ro4=
Subject key identifier: 32:7A:53:1D:0F:E1:BA:D0:B9:B7:7A:6D:4A:A4:F7:10:0F:D9:5C:1D
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 5FB96FEDD7F3A09D596BAF564B81694DC7951AAA
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 201341
IP address blocks: 193.32.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:b9:6f:ed:d7:f3:a0:9d:59:6b:af:56:4b:81:69:4d:c7:95:1a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=327A531D0FE1BAD0B9B77A6D4AA4F7100FD95C1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3e:56:05:33:ba:a9:4b:79:d5:5a:45:7f:d2:
8b:35:08:43:19:3b:f3:3e:70:55:5e:5f:b8:6b:2f:
79:c7:e2:f6:48:90:5b:01:8f:c7:12:34:9c:94:bf:
08:6f:b6:8f:91:f8:ea:45:32:bc:69:41:da:a3:8f:
8c:8a:aa:e8:77:96:f7:44:7b:62:8b:eb:9f:d7:f2:
4e:f0:0b:1e:2c:cc:33:df:39:0b:5a:be:d9:36:59:
6a:36:aa:17:74:11:82:3e:2d:41:d0:85:31:0a:e3:
83:ab:a8:4f:38:46:72:46:54:3d:a8:b4:c9:8f:7e:
fd:5b:52:33:7a:84:78:f7:4b:97:97:db:7b:de:4e:
d8:6a:69:3d:3d:85:21:c0:23:95:db:b5:ee:23:63:
98:d0:31:f5:d8:7c:c1:00:4a:fc:9c:6a:9b:dd:9d:
2c:c6:8b:ad:73:d3:34:a5:b0:7a:5d:83:db:0c:3d:
3e:de:d1:b3:51:bb:48:72:99:3c:a0:72:93:58:90:
1a:3e:a4:a7:88:a7:f4:06:be:b2:e5:fa:bd:5e:c2:
0b:f9:aa:2a:bf:59:81:9e:0e:d6:03:42:88:54:9b:
d5:16:88:c8:35:12:55:e1:c9:c5:2f:cd:e7:19:d0:
a9:7f:3d:5d:ce:dc:62:2c:1e:ae:da:f7:ad:5d:be:
af:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7A:53:1D:0F:E1:BA:D0:B9:B7:7A:6D:4A:A4:F7:10:0F:D9:5C:1D
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:df:e4:cc:b4:a4:21:40:fb:a7:ce:d8:1c:c0:a6:a4:f2:db:
b6:23:89:91:41:74:cc:7e:05:d9:e3:b9:51:d4:dc:19:5f:00:
45:f7:52:39:71:84:cc:04:9f:76:ed:65:da:e0:f6:69:b6:5b:
58:af:f3:f0:b5:5f:9e:ca:8c:af:ec:45:24:44:95:89:2f:e2:
54:d8:9e:e0:5f:41:04:c6:7b:a9:d3:09:df:83:94:83:74:66:
07:44:cd:ae:25:9a:51:7b:02:6f:cc:f5:2c:10:7b:ae:59:82:
8b:9e:cd:dc:17:50:a7:bc:ed:a7:a2:88:bd:ba:bf:59:e8:47:
49:24:23:55:ff:18:00:a9:3d:b7:b3:ca:3d:4c:20:53:0d:75:
fc:b2:0d:81:63:97:0d:5c:52:26:49:da:28:b3:da:ee:2d:c2:
13:93:b2:f4:ab:30:b7:90:a8:c7:86:9c:f1:3f:29:e6:0a:72:
98:8d:98:3f:2d:d6:c8:60:58:29:87:3d:31:98:b2:c9:cf:f2:
5f:8d:67:40:2e:8c:21:d4:a7:47:b9:75:84:22:fe:71:00:2c:
b3:d4:1e:5b:72:89:a0:9d:df:48:59:41:57:69:35:d4:9d:21:
ad:3e:e0:56:75:b1:52:1b:76:fb:81:a5:e4:82:59:87:4e:54:
11:31:dc:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUX7lv7dfzoJ1Za69WS4FpTceVGqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKDMyN0E1MzFEMEZFMUJBRDBCOUI3N0E2RDRBQTRGNzEwMEZEOTVDMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0PlYFM7qpS3nVWkV/0os1CEMZ
O/M+cFVeX7hrL3nH4vZIkFsBj8cSNJyUvwhvto+R+OpFMrxpQdqjj4yKquh3lvdE
e2KL65/X8k7wCx4szDPfOQtavtk2WWo2qhd0EYI+LUHQhTEK44OrqE84RnJGVD2o
tMmPfv1bUjN6hHj3S5eX23veTthqaT09hSHAI5Xbte4jY5jQMfXYfMEASvycapvd
nSzGi61z0zSlsHpdg9sMPT7e0bNRu0hymTygcpNYkBo+pKeIp/QGvrLl+r1ewgv5
qiq/WYGeDtYDQohUm9UWiMg1ElXhycUvzecZ0Kl/PV3O3GIsHq7a961dvq8ZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMnpTHQ/hutC5t3ptSqT3EA/ZXB0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTMzMmUzMzMyMmUzMTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBIK0wDQYJKoZIhvcNAQELBQADggEBAEvf5My0pCFA+6fO2BzApqTy27YjiZFB
dMx+BdnjuVHU3BlfAEX3UjlxhMwEn3btZdrg9mm2W1iv8/C1X57KjK/sRSRElYkv
4lTYnuBfQQTGe6nTCd+DlIN0ZgdEza4lmlF7Am/M9SwQe65ZgouezdwXUKe87aei
iL26v1noR0kkI1X/GACpPbezyj1MIFMNdfyyDYFjlw1cUiZJ2iiz2u4twhOTsvSr
MLeQqMeGnPE/KeYKcpiNmD8t1shgWCmHPTGYssnP8l+NZ0AujCHUp0e5dYQi/nEA
LLPUHltyiaCd30hZQVdpNdSdIa0+4FZ1sVIbdvuBpeSCWYdOVBEx3AQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:17 2024 by rpki-client on console-fra.rpki-client.org