Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e3230302e302f32342d3234203d3e20323034313730.roa
File: 3139342e36302e3230302e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: sSgTvzXXHCovjBBWaaTZZbKlc54FzQQVxOX9CVzaEWc=
Subject key identifier: 3C:8A:EA:B3:3F:F7:CC:7D:2B:30:EA:F4:9D:41:70:3E:4C:DD:F5:6C
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3DB8429F691BBDBFC634ADD19928BDA38B693A2A
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e3230302e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:43 +0000
ROA not before: Mon 26 Feb 2024 08:48:43 +0000
ROA not after: Mon 24 Feb 2025 08:53:43 +0000
asID: 204170
IP address blocks: 194.60.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b8:42:9f:69:1b:bd:bf:c6:34:ad:d1:99:28:bd:a3:8b:69:3a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 26 08:48:43 2024 GMT
Not After : Feb 24 08:53:43 2025 GMT
Subject: CN=3C8AEAB33FF7CC7D2B30EAF49D41703E4CDDF56C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:85:60:df:51:3f:7e:f6:37:c7:34:42:07:ad:
77:59:36:b9:43:a2:e9:96:6e:bd:65:1e:37:7e:c1:
48:f9:07:41:1a:c0:7b:2b:bc:19:fb:de:8f:1a:cb:
c1:ff:96:cc:eb:60:7b:da:f0:ce:13:dd:ec:4c:16:
84:f8:49:fd:9c:8b:0e:76:23:06:55:1f:88:27:06:
aa:78:8d:57:fc:8e:fd:9e:8a:a4:98:4b:6d:1c:06:
2e:01:ac:4e:b5:a6:1f:44:c8:31:b8:f6:24:60:47:
42:e0:d5:7b:ed:da:b0:67:7b:15:58:f6:17:be:2e:
88:0b:e6:d9:39:5a:2d:86:88:e2:2a:5e:b0:13:98:
6e:3f:4c:84:26:bd:e2:1e:13:d1:61:64:d1:1b:f0:
4a:20:75:15:0f:05:c9:fc:77:f0:f0:1a:68:c1:f9:
75:74:00:1d:0d:8e:88:75:dc:2b:42:63:ce:4b:35:
aa:ad:95:71:ae:bb:ee:fd:38:24:08:d5:dd:4a:4b:
b2:ec:7a:59:7f:cf:9b:8b:29:32:c9:70:f6:fd:a0:
6a:6b:09:e5:b8:58:5d:e0:68:80:c9:0e:c7:8c:58:
d0:3d:c5:e0:05:b3:09:be:50:2e:ef:1c:2e:3e:4c:
19:46:97:6e:7c:41:f8:ce:74:f9:f8:03:d3:38:87:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8A:EA:B3:3F:F7:CC:7D:2B:30:EA:F4:9D:41:70:3E:4C:DD:F5:6C
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e3230302e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7d:e6:a5:7e:19:2e:7e:39:f0:04:e7:2a:f7:54:ee:96:5e:
b3:e3:12:4a:96:89:4a:39:e2:88:47:07:dc:9f:a2:48:2a:f9:
50:26:31:b6:1a:92:c4:b8:9b:84:0f:eb:1f:0e:7a:82:24:a2:
40:88:d0:62:ca:64:e3:98:89:55:b5:8c:bc:f2:2f:4a:43:c2:
23:cb:9e:a3:19:79:0d:ea:36:4d:53:25:d9:13:04:0b:cd:d8:
3e:96:54:ee:dd:7d:d0:f6:17:6f:af:ce:a8:54:40:2b:f4:e9:
8b:6e:5a:7c:a3:b4:08:23:d7:ff:41:92:c9:a3:43:93:00:3f:
68:ea:a4:8e:c3:20:28:c6:bb:b7:74:8f:89:99:5e:dd:70:9a:
d9:ec:f4:c8:fe:ae:3a:0c:bf:c8:2a:a0:6e:e7:60:84:fa:60:
35:05:78:dc:79:ff:46:a1:28:05:93:f4:ef:5b:71:2c:0c:3d:
ef:7f:e2:46:5b:1b:79:e2:75:6b:f2:13:1f:24:b5:00:f2:fe:
d1:4a:01:f7:78:90:0c:a0:1d:25:f9:0e:84:2d:ea:ad:55:cc:
c1:f0:6e:d0:50:ab:1d:d3:1f:07:68:f4:30:47:1c:f2:18:69:
eb:e7:52:35:5a:79:fa:d8:f2:59:8a:d6:cc:32:e9:b6:59:5b:
7e:14:ab:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPbhCn2kbvb/GNK3RmSi9o4tpOiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4NDNaFw0yNTAyMjQwODUzNDNaMDMxMTAvBgNV
BAMTKDNDOEFFQUIzM0ZGN0NDN0QyQjMwRUFGNDlENDE3MDNFNENEREY1NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVhWDfUT9+9jfHNEIHrXdZNrlD
oumWbr1lHjd+wUj5B0EawHsrvBn73o8ay8H/lszrYHva8M4T3exMFoT4Sf2ciw52
IwZVH4gnBqp4jVf8jv2eiqSYS20cBi4BrE61ph9EyDG49iRgR0Lg1Xvt2rBnexVY
9he+LogL5tk5Wi2GiOIqXrATmG4/TIQmveIeE9FhZNEb8EogdRUPBcn8d/DwGmjB
+XV0AB0Njoh13CtCY85LNaqtlXGuu+79OCQI1d1KS7Lsell/z5uLKTLJcPb9oGpr
CeW4WF3gaIDJDseMWNA9xeAFswm+UC7vHC4+TBlGl258QfjOdPn4A9M4h7YHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPIrqsz/3zH0rMOr0nUFwPkzd9WwwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzNjMwMmUzMjMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCPMgwDQYJKoZIhvcNAQELBQADggEBAD195qV+GS5+OfAE5yr3VO6WXrPjEkqW
iUo54ohHB9yfokgq+VAmMbYaksS4m4QP6x8OeoIkokCI0GLKZOOYiVW1jLzyL0pD
wiPLnqMZeQ3qNk1TJdkTBAvN2D6WVO7dfdD2F2+vzqhUQCv06YtuWnyjtAgj1/9B
ksmjQ5MAP2jqpI7DICjGu7d0j4mZXt1wmtns9Mj+rjoMv8gqoG7nYIT6YDUFeNx5
/0ahKAWT9O9bcSwMPe9/4kZbG3nidWvyEx8ktQDy/tFKAfd4kAygHSX5DoQt6q1V
zMHwbtBQqx3THwdo9DBHHPIYaevnUjVaefrY8lmK1swy6bZZW34Uq7M=
-----END CERTIFICATE-----
Generated at Sat May 18 23:30:57 2024 by rpki-client on console-fra.rpki-client.org