Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3131332e36362e302f32342d3234203d3e20383334.roa
File: 3139342e3131332e36362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: PyhegcvrDn9K+skeIbw9TgUGoVONur6PlV+Zg1+R+KI=
Subject key identifier: EE:B5:99:58:43:3B:18:D3:A5:A3:5A:0B:F7:A0:E3:68:88:8D:8E:EA
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 50A26A09DA2AE74CAC62180AE46D541D35BBC05A
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3131332e36362e302f32342d3234203d3e20383334.roa
Signing time: Wed 08 Nov 2023 08:23:45 +0000
ROA not before: Wed 08 Nov 2023 08:18:45 +0000
ROA not after: Wed 06 Nov 2024 08:23:45 +0000
asID: 834
IP address blocks: 194.113.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:a2:6a:09:da:2a:e7:4c:ac:62:18:0a:e4:6d:54:1d:35:bb:c0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Nov 8 08:18:45 2023 GMT
Not After : Nov 6 08:23:45 2024 GMT
Subject: CN=EEB59958433B18D3A5A35A0BF7A0E368888D8EEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:25:b3:15:6c:a6:72:ef:f1:05:e8:79:7a:08:
a2:f3:90:ae:fb:7f:71:c2:09:f2:66:a1:33:8e:f5:
1b:21:2b:29:61:35:41:f6:a5:2a:27:ee:4a:f2:95:
d9:c7:fc:b3:bd:37:21:de:ae:97:5d:9d:ba:ff:8e:
e0:0b:88:68:34:f7:e9:01:6e:0e:48:9f:08:d8:c5:
78:98:22:92:e1:01:e9:28:c4:1b:04:cf:50:ad:5d:
2f:36:6b:52:ff:d5:7e:13:96:51:77:91:45:19:5e:
84:33:54:40:3e:fa:80:58:2d:a7:41:8d:27:19:bd:
89:03:a1:7e:82:ca:dd:16:e9:33:3d:4e:b1:20:f1:
62:d5:ae:50:12:ce:c8:46:0e:6f:b7:1e:d1:7f:f9:
19:ff:31:fa:0c:a9:ec:fc:7b:fb:39:04:41:2b:e0:
0f:de:b6:98:4c:ec:ed:a3:f3:87:fb:94:94:b2:54:
f3:32:07:74:38:a3:94:31:fc:3b:da:26:b6:fe:2d:
f2:b7:c6:96:7c:8c:aa:3e:20:ab:21:a4:49:91:3e:
58:d5:d9:64:8f:bd:23:dc:cb:53:7b:38:2c:ad:40:
dc:5f:24:85:fd:df:4f:f7:85:43:89:57:ba:f6:62:
de:21:1c:84:09:e0:77:cf:7e:4b:bc:ac:6b:92:90:
b1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B5:99:58:43:3B:18:D3:A5:A3:5A:0B:F7:A0:E3:68:88:8D:8E:EA
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3131332e36362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.66.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:36:62:20:23:31:ae:40:74:53:e6:a5:3c:21:2c:dc:b1:e4:
a7:a2:94:cc:94:83:e2:77:0c:b3:25:2f:30:73:98:9d:b2:ce:
ea:1b:89:a8:fd:94:5d:81:c9:fd:eb:69:a9:13:1f:ad:14:34:
3b:07:ae:7e:a6:e3:09:c0:5b:0e:51:a1:d1:a6:9d:b0:97:de:
cc:db:43:b4:fc:d3:ba:fa:7c:a2:88:28:c4:ba:28:be:26:71:
85:09:ce:de:ae:48:9f:00:dd:1b:8c:9f:2e:a5:93:78:64:fb:
9e:a3:f1:37:17:dc:fb:dc:bf:ce:eb:ab:97:d5:4a:7f:4e:7a:
cf:f6:d2:02:07:dd:81:e0:36:67:f3:71:12:bb:58:13:4b:4c:
f3:a7:01:e5:fe:d4:a0:7c:84:cf:63:63:c2:cc:1a:ff:3a:28:
11:51:81:68:c9:ee:42:4f:bd:bb:d3:b9:35:ae:87:fa:45:24:
23:5c:cc:07:3c:d2:5d:34:f4:84:60:c8:a5:ba:e6:c6:d7:18:
88:9b:83:b8:fd:54:47:be:c2:f4:27:02:e4:d0:0f:23:56:47:
ae:e5:e4:ec:05:c7:1a:d5:4c:b4:80:0d:e6:c8:e9:bf:fe:eb:
19:31:38:81:48:34:fd:4e:b0:c1:66:0e:67:95:7f:d0:ca:4f:
55:3e:f9:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUKJqCdoq50ysYhgK5G1UHTW7wFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzExMDgwODE4NDVaFw0yNDExMDYwODIzNDVaMDMxMTAvBgNV
BAMTKEVFQjU5OTU4NDMzQjE4RDNBNUEzNUEwQkY3QTBFMzY4ODg4RDhFRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhJbMVbKZy7/EF6Hl6CKLzkK77
f3HCCfJmoTOO9RshKylhNUH2pSon7kryldnH/LO9NyHerpddnbr/juALiGg09+kB
bg5InwjYxXiYIpLhAekoxBsEz1CtXS82a1L/1X4TllF3kUUZXoQzVEA++oBYLadB
jScZvYkDoX6Cyt0W6TM9TrEg8WLVrlASzshGDm+3HtF/+Rn/MfoMqez8e/s5BEEr
4A/etphM7O2j84f7lJSyVPMyB3Q4o5Qx/DvaJrb+LfK3xpZ8jKo+IKshpEmRPljV
2WSPvSPcy1N7OCytQNxfJIX930/3hUOJV7r2Yt4hHIQJ4HfPfku8rGuSkLH1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU7rWZWEM7GNOlo1oL96DjaIiNjuowHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMTMxMzMyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCcUIw
DQYJKoZIhvcNAQELBQADggEBAAo2YiAjMa5AdFPmpTwhLNyx5KeilMyUg+J3DLMl
LzBzmJ2yzuobiaj9lF2Byf3raakTH60UNDsHrn6m4wnAWw5RodGmnbCX3szbQ7T8
07r6fKKIKMS6KL4mcYUJzt6uSJ8A3RuMny6lk3hk+56j8TcX3Pvcv87rq5fVSn9O
es/20gIH3YHgNmfzcRK7WBNLTPOnAeX+1KB8hM9jY8LMGv86KBFRgWjJ7kJPvbvT
uTWuh/pFJCNczAc80l009IRgyKW65sbXGIibg7j9VEe+wvQnAuTQDyNWR67l5OwF
xxrVTLSADebI6b/+6xkxOIFINP1OsMFmDmeVf9DKT1U++ZU=
-----END CERTIFICATE-----
Generated at Thu May 2 07:17:11 2024 by rpki-client on console-ams.rpki-client.org