Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232372e302f32342d3234203d3e20313336373837.roa
File: 3139342e3135362e3232372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GJC58bBEo9I8k46ycQHSJQF2Zs4cZvX2HW0W9Occ0EY=
Subject key identifier: 86:79:80:85:BA:B4:81:F6:B0:8B:EA:3E:D4:A8:FA:E0:72:25:4A:9A
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 7C5C70926E6C64A28A14589EEFCB9B3BD2AE010C
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:40 +0000
ROA not before: Mon 26 Feb 2024 08:48:40 +0000
ROA not after: Mon 24 Feb 2025 08:53:40 +0000
asID: 136787
IP address blocks: 194.156.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5c:70:92:6e:6c:64:a2:8a:14:58:9e:ef:cb:9b:3b:d2:ae:01:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:40 2024 GMT
Not After : Feb 24 08:53:40 2025 GMT
Subject: CN=86798085BAB481F6B08BEA3ED4A8FAE072254A9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:de:8d:04:fa:07:85:da:bb:aa:04:a4:45:84:
a3:7e:4e:e3:f2:fe:97:a3:da:11:ce:07:8e:65:b8:
92:fc:43:ec:b8:eb:aa:41:d0:cc:89:b0:af:b2:02:
7a:99:f7:1b:c0:53:da:1d:60:e9:3c:ce:6b:59:1b:
c7:be:5d:d0:6d:a1:e6:32:6f:a2:ef:b4:6a:0d:e1:
fa:aa:bf:93:6c:b3:5a:b9:dc:6c:93:8c:69:0d:f5:
96:aa:21:22:d4:e5:0a:04:6f:26:70:e5:fd:4a:96:
eb:a1:46:f9:52:e6:d9:8b:9b:26:52:38:53:1f:75:
ff:bf:d3:11:6c:71:4a:ea:c5:75:cf:12:84:2e:72:
f8:32:b6:38:d3:3f:81:99:ca:91:dd:cb:6d:d0:30:
aa:8f:9c:15:6e:54:a1:61:81:ce:04:c6:35:08:8d:
2c:79:df:f4:74:30:3e:58:83:9c:01:cf:e6:7c:5d:
ba:ea:ff:7c:ee:57:fe:ea:ec:61:57:d7:8f:8d:74:
a0:2c:15:ed:14:bc:63:47:ce:ff:d2:33:28:65:a1:
6b:d0:fa:7f:ff:01:d6:be:73:67:d6:08:ae:87:c1:
5c:83:27:ae:ae:f6:99:26:f6:eb:64:92:a5:5e:c4:
1a:fb:97:9c:2d:73:c5:af:43:13:63:12:4c:51:ea:
6f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:79:80:85:BA:B4:81:F6:B0:8B:EA:3E:D4:A8:FA:E0:72:25:4A:9A
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e3135362e3232372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c4:c8:4a:88:a2:c7:ad:f8:13:bb:22:3c:47:6c:a1:39:63:
33:17:66:8d:27:59:16:7f:fe:ad:32:49:f0:a6:1a:d9:01:e9:
ab:4a:a4:cc:58:c6:f5:29:1e:54:88:ca:02:c5:18:0d:22:1d:
96:ff:ed:4a:64:f8:79:44:ed:e7:42:c7:6e:f2:9f:43:58:63:
5d:a4:c4:6f:27:1c:13:30:35:f6:f7:85:a5:cd:41:36:ac:94:
ac:2b:93:5d:a7:81:0f:d1:f6:13:39:58:ab:58:85:35:73:f2:
8d:59:d9:97:4a:e2:35:f2:a2:fd:1f:54:7a:ad:7a:84:7b:2a:
11:43:9d:70:bf:92:d5:bf:ec:6e:fe:cb:a8:16:85:69:4e:fa:
d6:8b:0c:71:67:68:64:67:de:b4:00:36:e9:03:18:23:d5:c2:
0f:e9:13:af:2f:48:f0:c1:48:89:25:34:c2:cf:93:fd:fc:6d:
df:cc:aa:2b:51:de:7f:c8:9c:99:5c:5a:f1:e1:49:6e:3f:e8:
04:9f:49:71:4e:10:74:6e:85:b9:5d:ff:f9:bc:02:70:7b:fd:
65:5d:bb:78:06:98:97:fb:c3:0d:17:22:2a:df:7a:90:52:d5:
f2:e4:04:a3:4a:5e:62:d0:5f:7d:d0:42:66:28:10:3d:b5:61:
67:70:60:b5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfFxwkm5sZKKKFFie78ubO9KuAQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4NDBaFw0yNTAyMjQwODUzNDBaMDMxMTAvBgNV
BAMTKDg2Nzk4MDg1QkFCNDgxRjZCMDhCRUEzRUQ0QThGQUUwNzIyNTRBOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX3o0E+geF2ruqBKRFhKN+TuPy
/pej2hHOB45luJL8Q+y466pB0MyJsK+yAnqZ9xvAU9odYOk8zmtZG8e+XdBtoeYy
b6LvtGoN4fqqv5Nss1q53GyTjGkN9ZaqISLU5QoEbyZw5f1KluuhRvlS5tmLmyZS
OFMfdf+/0xFscUrqxXXPEoQucvgytjjTP4GZypHdy23QMKqPnBVuVKFhgc4ExjUI
jSx53/R0MD5Yg5wBz+Z8Xbrq/3zuV/7q7GFX14+NdKAsFe0UvGNHzv/SMyhloWvQ
+n//Ada+c2fWCK6HwVyDJ66u9pkm9utkkqVexBr7l5wtc8WvQxNjEkxR6m/TAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhnmAhbq0gfawi+o+1Kj64HIlSpowHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMTM1MzYyZTMy
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKc4zANBgkqhkiG9w0BAQsFAAOCAQEAHsTISoiix634E7siPEdsoTljMxdm
jSdZFn/+rTJJ8KYa2QHpq0qkzFjG9SkeVIjKAsUYDSIdlv/tSmT4eUTt50LHbvKf
Q1hjXaTEbyccEzA19veFpc1BNqyUrCuTXaeBD9H2EzlYq1iFNXPyjVnZl0riNfKi
/R9Ueq16hHsqEUOdcL+S1b/sbv7LqBaFaU761osMcWdoZGfetAA26QMYI9XCD+kT
ry9I8MFIiSU0ws+T/fxt38yqK1Hef8icmVxa8eFJbj/oBJ9JcU4QdG6FuV3/+bwC
cHv9ZV27eAaYl/vDDRciKt96kFLV8uQEo0peYtBffdBCZigQPbVhZ3BgtQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:00 2024 by rpki-client on console-ams.rpki-client.org