Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232342e302f32342d3234203d3e203632323430.roa
File: 3139342e3135362e3232342e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: 2QJ/lk+89+mImcdqO0/evsPLZS9OnxkX5kZbOFnC6lY=
Subject key identifier: 6E:21:9A:3F:6A:7E:DF:B6:D7:A0:8A:72:F6:3A:E7:CF:52:08:3D:FA
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 64E077D16125D59B1C3EBD21217D24CB80CBD278
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232342e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:22 +0000
ROA not before: Mon 01 Apr 2024 13:58:22 +0000
ROA not after: Mon 31 Mar 2025 14:03:22 +0000
asID: 62240
IP address blocks: 194.156.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:e0:77:d1:61:25:d5:9b:1c:3e:bd:21:21:7d:24:cb:80:cb:d2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:22 2024 GMT
Not After : Mar 31 14:03:22 2025 GMT
Subject: CN=6E219A3F6A7EDFB6D7A08A72F63AE7CF52083DFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:28:5a:fb:f2:c7:51:bf:dd:a0:31:93:76:a9:
2f:87:e4:2a:aa:b9:6e:47:1c:f8:e7:d8:df:c6:e3:
d7:f6:35:96:bd:f6:df:ec:16:e0:85:67:2c:3b:59:
c2:f6:61:9d:07:67:52:e9:4d:90:49:dd:c8:29:51:
cb:16:7e:e2:75:c6:74:08:04:48:91:9f:95:a8:d6:
29:34:bb:53:04:02:23:5d:ea:07:a7:4f:1c:c6:d5:
f8:ae:9a:60:a2:14:af:75:2e:bd:60:12:8e:01:6c:
44:c1:93:25:d2:71:91:e7:94:ae:c7:60:16:9e:13:
1c:c1:d0:ae:34:cb:2e:78:a1:27:bd:66:43:4f:3e:
29:e9:ff:c3:be:46:a7:40:24:e3:43:3d:6b:fb:8f:
8b:41:6f:2f:5c:99:9c:d2:12:0a:b4:5d:d9:51:fb:
36:5d:2f:d0:43:fa:5c:89:94:2d:14:0c:93:72:29:
49:f9:9e:5e:ae:13:ca:0d:32:da:1e:5e:db:6a:2d:
8c:d6:9f:6a:a1:11:58:7a:5f:63:ce:aa:44:f6:98:
08:54:62:fb:7e:b6:28:51:10:62:02:a6:e5:90:dc:
19:03:00:07:35:b7:f8:3e:52:88:ff:05:d6:52:b1:
f0:3c:43:35:b9:e5:b4:e1:97:35:a8:5f:4a:f1:a6:
d2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:21:9A:3F:6A:7E:DF:B6:D7:A0:8A:72:F6:3A:E7:CF:52:08:3D:FA
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232342e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.224.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:42:98:50:4d:72:12:0b:02:59:07:73:e8:68:6f:be:7a:dc:
84:50:88:57:c3:b9:50:36:34:91:ab:3f:1c:6f:f7:23:5e:4b:
fb:ea:7f:92:77:8c:b2:64:06:f3:24:2b:14:b1:d1:bb:ff:1d:
b0:8c:cd:3e:71:0c:45:30:a1:ab:9b:2f:e4:76:4a:2e:cd:ca:
e6:2a:7d:a8:1f:b3:54:6d:2b:21:06:b3:da:95:db:9b:75:3f:
6e:c1:85:93:f4:fc:4b:d2:6f:b8:41:ea:5d:a6:fc:46:70:73:
81:b2:59:7e:d5:9d:70:36:d4:5b:5b:3e:54:72:da:54:b3:f3:
2f:52:83:3f:6f:08:6f:b9:51:c3:82:29:ab:f1:0c:1e:4c:67:
b2:2e:0c:24:c4:0e:03:be:d9:ec:4f:72:f5:d6:40:ba:41:f6:
64:6f:40:23:2c:c0:15:c5:5e:04:e2:96:3f:48:d3:94:17:fd:
d8:d4:5b:26:f6:4b:e1:24:0d:8c:8c:11:a3:ac:31:09:39:60:
28:aa:97:bf:87:89:8a:c5:f6:c5:58:87:d1:3e:98:dc:fd:ed:
6a:5c:9b:6b:df:98:06:94:33:af:1d:d7:a6:e4:17:e9:37:31:
db:d8:20:16:46:17:73:96:11:f0:92:c7:36:2a:b4:e0:40:05:
59:ba:1e:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZOB30WEl1ZscPr0hIX0ky4DL0ngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjJaFw0yNTAzMzExNDAzMjJaMDMxMTAvBgNV
BAMTKDZFMjE5QTNGNkE3RURGQjZEN0EwOEE3MkY2M0FFN0NGNTIwODNERkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRKFr78sdRv92gMZN2qS+H5Cqq
uW5HHPjn2N/G49f2NZa99t/sFuCFZyw7WcL2YZ0HZ1LpTZBJ3cgpUcsWfuJ1xnQI
BEiRn5Wo1ik0u1MEAiNd6genTxzG1fiummCiFK91Lr1gEo4BbETBkyXScZHnlK7H
YBaeExzB0K40yy54oSe9ZkNPPinp/8O+RqdAJONDPWv7j4tBby9cmZzSEgq0XdlR
+zZdL9BD+lyJlC0UDJNyKUn5nl6uE8oNMtoeXttqLYzWn2qhEVh6X2POqkT2mAhU
Yvt+tihREGICpuWQ3BkDAAc1t/g+Uoj/BdZSsfA8QzW55bThlzWoX0rxptJnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbiGaP2p+37bXoIpy9jrnz1IIPfowHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMTM1MzYyZTMy
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCnOAwDQYJKoZIhvcNAQELBQADggEBAKBCmFBNchILAlkHc+hob7563IRQiFfD
uVA2NJGrPxxv9yNeS/vqf5J3jLJkBvMkKxSx0bv/HbCMzT5xDEUwoaubL+R2Si7N
yuYqfagfs1RtKyEGs9qV25t1P27BhZP0/EvSb7hB6l2m/EZwc4GyWX7VnXA21Ftb
PlRy2lSz8y9Sgz9vCG+5UcOCKavxDB5MZ7IuDCTEDgO+2exPcvXWQLpB9mRvQCMs
wBXFXgTilj9I05QX/djUWyb2S+EkDYyMEaOsMQk5YCiql7+HiYrF9sVYh9E+mNz9
7Wpcm2vfmAaUM68d16bkF+k3MdvYIBZGF3OWEfCSxzYqtOBABVm6Hv8=
-----END CERTIFICATE-----
Generated at Sun May 5 23:30:54 2024 by rpki-client on console-ams.rpki-client.org