Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232352e302f32342d3234203d3e203632323430.roa
File: 3139342e3135362e3232352e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: BkzgIhV4XOkr7wOTjx/XJz4fbzz5kt0WHih2CZQlRRw=
Subject key identifier: 40:08:87:B6:A9:3F:5F:CA:C6:56:A1:E2:92:8C:11:3D:00:37:89:10
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 5DB2C2CB7D7FEB9B57B3FB976AB64950BB6F4A0A
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232352e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:22 +0000
ROA not before: Mon 01 Apr 2024 13:58:22 +0000
ROA not after: Mon 31 Mar 2025 14:03:22 +0000
asID: 62240
IP address blocks: 194.156.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b2:c2:cb:7d:7f:eb:9b:57:b3:fb:97:6a:b6:49:50:bb:6f:4a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:22 2024 GMT
Not After : Mar 31 14:03:22 2025 GMT
Subject: CN=400887B6A93F5FCAC656A1E2928C113D00378910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:62:47:bf:43:71:7a:0f:02:98:25:12:12:41:
7b:b8:43:4f:59:d8:d8:27:03:93:ef:47:22:af:db:
c9:a8:cd:8c:34:a8:ec:fd:1e:e2:18:ad:58:8b:85:
6e:e2:44:bc:0c:ff:fa:69:f2:36:99:e9:7a:71:d9:
e9:61:bb:12:d7:75:cc:ad:5a:87:a5:9c:22:e3:15:
21:3f:7c:d3:9a:ad:a8:37:67:e9:96:93:b9:fe:6f:
f8:f1:17:5f:f9:5b:d9:b6:b8:20:35:83:d7:5c:d5:
91:4d:ce:b4:f1:31:9f:ba:76:f2:dd:95:f1:f3:45:
a1:29:2c:72:e2:f9:37:7a:36:c6:5c:4a:d0:cd:75:
60:0d:e3:c7:e1:90:2d:c9:27:8d:8c:c5:32:5c:7b:
1c:9a:e4:88:60:f7:af:0a:5e:61:64:03:a6:0a:04:
63:28:f9:2c:b8:be:c9:8c:03:b0:08:06:75:55:dd:
01:78:75:6a:c5:ac:eb:a2:c0:56:f4:4b:2a:7a:55:
a3:76:c9:4e:9f:f7:5b:4b:87:53:a4:c2:1f:00:6e:
c3:01:40:cd:1a:d4:1f:35:71:96:74:bf:85:df:69:
3f:da:3d:16:a3:18:04:ce:d6:c0:ab:91:5e:40:a5:
77:9b:d3:2a:e2:d8:9c:dc:84:10:bb:be:83:80:e1:
b7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:08:87:B6:A9:3F:5F:CA:C6:56:A1:E2:92:8C:11:3D:00:37:89:10
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232352e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.225.0/24
Signature Algorithm: sha256WithRSAEncryption
88:95:fd:db:ab:9e:0a:9e:5e:fb:10:fe:23:81:87:b8:54:92:
88:7a:5a:6f:2c:32:54:fd:35:5c:05:af:93:83:37:96:31:c3:
df:c5:85:95:56:9b:3e:88:5d:ff:b6:ac:c3:de:1a:49:e4:60:
fb:f6:e9:11:c9:bf:16:47:5d:2e:c4:d2:d3:01:5e:35:4f:92:
45:de:48:9e:ca:d3:96:c2:8b:a8:10:f8:52:d0:8c:79:37:00:
fd:c9:26:ea:4b:dc:b6:7b:5d:45:eb:b6:48:e2:75:4d:16:4a:
6b:c0:39:c1:02:18:1a:f3:99:2a:08:c3:57:7a:57:44:b2:ba:
d5:34:2a:24:c3:17:22:31:c7:e8:b5:c6:50:f5:80:61:f9:0d:
02:53:99:c1:a4:d9:a1:4c:ec:be:07:fc:d9:d8:95:d0:af:09:
f6:1b:ab:34:9c:8b:27:56:95:8c:84:88:72:db:75:bf:b5:51:
7e:f8:d9:5a:01:b1:ae:0b:20:36:3e:62:52:90:09:f6:b8:ab:
a3:d5:71:cf:e6:7e:7d:d4:3c:76:4c:f9:34:23:57:41:62:89:
72:5e:36:9b:2e:cb:64:e4:75:2a:7e:4b:85:af:a7:a4:ae:67:
d2:ef:4a:13:18:27:e3:75:d1:01:f0:e4:e6:90:21:f9:c8:42:
b2:9d:f7:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXbLCy31/65tXs/uXarZJULtvSgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjJaFw0yNTAzMzExNDAzMjJaMDMxMTAvBgNV
BAMTKDQwMDg4N0I2QTkzRjVGQ0FDNjU2QTFFMjkyOEMxMTNEMDAzNzg5MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTYke/Q3F6DwKYJRISQXu4Q09Z
2NgnA5PvRyKv28mozYw0qOz9HuIYrViLhW7iRLwM//pp8jaZ6Xpx2elhuxLXdcyt
WoelnCLjFSE/fNOarag3Z+mWk7n+b/jxF1/5W9m2uCA1g9dc1ZFNzrTxMZ+6dvLd
lfHzRaEpLHLi+Td6NsZcStDNdWAN48fhkC3JJ42MxTJcexya5Ihg968KXmFkA6YK
BGMo+Sy4vsmMA7AIBnVV3QF4dWrFrOuiwFb0Syp6VaN2yU6f91tLh1Okwh8AbsMB
QM0a1B81cZZ0v4XfaT/aPRajGATO1sCrkV5ApXeb0yri2JzchBC7voOA4bexAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQAiHtqk/X8rGVqHikowRPQA3iRAwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMTM1MzYyZTMy
MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCnOEwDQYJKoZIhvcNAQELBQADggEBAIiV/durngqeXvsQ/iOBh7hUkoh6Wm8s
MlT9NVwFr5ODN5Yxw9/FhZVWmz6IXf+2rMPeGknkYPv26RHJvxZHXS7E0tMBXjVP
kkXeSJ7K05bCi6gQ+FLQjHk3AP3JJupL3LZ7XUXrtkjidU0WSmvAOcECGBrzmSoI
w1d6V0SyutU0KiTDFyIxx+i1xlD1gGH5DQJTmcGk2aFM7L4H/NnYldCvCfYbqzSc
iydWlYyEiHLbdb+1UX742VoBsa4LIDY+YlKQCfa4q6PVcc/mfn3UPHZM+TQjV0Fi
iXJeNpsuy2TkdSp+S4Wvp6SuZ9LvShMYJ+N10QHw5OaQIfnIQrKd93E=
-----END CERTIFICATE-----
Generated at Sun May 5 23:30:54 2024 by rpki-client on console-ams.rpki-client.org