Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e38362e302f32342d3234203d3e20323039383534.roa
File: 3139342e36302e38362e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: mADIBUo+bJpyrPOoVBGg3dp46d4IECfLbAARAmTcELw=
Subject key identifier: 90:90:4D:B9:0C:8B:98:D3:AA:EF:97:84:BC:21:A1:70:76:A5:AE:9D
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 543A8427C97431966456E8C0998A37DDAE6A30D1
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e38362e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 19 Mar 2024 19:49:04 +0000
ROA not before: Tue 19 Mar 2024 19:44:04 +0000
ROA not after: Tue 18 Mar 2025 19:49:04 +0000
asID: 209854
IP address blocks: 194.60.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3a:84:27:c9:74:31:96:64:56:e8:c0:99:8a:37:dd:ae:6a:30:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Mar 19 19:44:04 2024 GMT
Not After : Mar 18 19:49:04 2025 GMT
Subject: CN=90904DB90C8B98D3AAEF9784BC21A17076A5AE9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:63:4c:2a:d5:16:d4:7f:91:27:39:e0:b8:d1:
99:61:ea:05:ee:f0:74:49:32:d8:dd:ed:a3:b0:f8:
0e:aa:6a:a9:be:f1:cf:4d:fb:88:55:c3:7e:5d:7c:
0f:47:0e:b7:55:87:7c:2b:f1:d3:c2:21:10:e5:ae:
81:7b:77:fe:01:42:2c:9f:00:65:90:8f:bb:68:a0:
76:33:ae:45:f0:a0:1f:e7:45:4c:37:84:d8:4b:e8:
00:25:75:f6:14:23:7b:6d:be:20:ce:75:06:2e:70:
1f:06:ab:49:78:07:c6:db:e3:0d:6c:ea:07:17:5f:
60:ef:73:0f:d7:f7:25:33:00:a9:22:8a:b3:c2:ac:
9a:5b:f7:ec:73:89:13:98:2e:4f:af:02:34:9c:d8:
9a:a0:a1:52:c9:e8:da:45:0f:0f:c3:d1:57:e8:41:
b2:50:eb:23:82:3c:a0:03:7d:3a:a5:6d:11:38:46:
ea:ab:84:c6:e6:19:9c:57:b4:f8:80:ce:88:78:ff:
e0:19:73:75:dd:5f:4e:b6:a7:f9:4f:29:1e:d1:66:
1a:7b:7d:10:bb:d8:e5:9a:7d:b7:a2:e3:23:b6:ee:
1c:3e:dc:40:bb:aa:70:0e:87:69:5d:bd:16:7d:c8:
92:7c:8b:aa:41:96:52:d3:5d:f7:18:b5:f3:22:9b:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:90:4D:B9:0C:8B:98:D3:AA:EF:97:84:BC:21:A1:70:76:A5:AE:9D
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e36302e38362e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:95:13:ca:41:71:ee:a0:dd:2f:95:e7:b9:b5:8c:15:21:8c:
8c:86:2c:e7:f4:f8:68:b6:76:d4:64:95:c2:85:5d:6a:cd:da:
7c:e8:16:37:9d:3a:24:17:54:f6:1c:bf:f7:b6:6c:95:57:8c:
a9:fd:eb:65:bc:37:35:91:0c:54:ed:77:3c:53:42:b2:43:9e:
b6:70:63:43:5c:8c:0c:2e:96:ab:42:d9:38:49:d9:d6:f2:e1:
78:8e:0c:35:2b:c6:67:f2:ce:25:dd:30:d2:90:a2:bc:bd:f9:
30:a9:fa:55:a4:b4:10:c4:bf:22:5b:5a:e4:96:d9:83:c3:b2:
d8:27:28:de:fe:d1:bc:23:d4:d6:cf:62:a9:e7:77:a9:28:d3:
e5:fb:ce:20:d3:62:9a:0d:b7:6b:00:9d:13:a8:4c:c2:cc:3c:
fc:03:21:75:a9:07:7e:eb:0d:a5:58:e9:42:af:0a:9e:84:12:
a5:5d:dc:5e:ac:d3:f5:2f:de:63:d9:8b:85:8a:91:6f:44:c5:
68:e4:b2:94:15:13:c4:7b:ec:f6:9c:a7:4a:50:37:93:3c:7a:
9a:e0:72:9d:16:e4:d9:56:38:89:34:f4:94:e4:70:19:0b:c1:
d3:9d:80:ab:82:db:19:02:7c:31:f4:8d:33:06:f4:e0:aa:10:
03:27:50:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVDqEJ8l0MZZkVujAmYo33a5qMNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAzMTkxOTQ0MDRaFw0yNTAzMTgxOTQ5MDRaMDMxMTAvBgNV
BAMTKDkwOTA0REI5MEM4Qjk4RDNBQUVGOTc4NEJDMjFBMTcwNzZBNUFFOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNY0wq1RbUf5EnOeC40Zlh6gXu
8HRJMtjd7aOw+A6qaqm+8c9N+4hVw35dfA9HDrdVh3wr8dPCIRDlroF7d/4BQiyf
AGWQj7tooHYzrkXwoB/nRUw3hNhL6AAldfYUI3ttviDOdQYucB8Gq0l4B8bb4w1s
6gcXX2Dvcw/X9yUzAKkiirPCrJpb9+xziROYLk+vAjSc2JqgoVLJ6NpFDw/D0Vfo
QbJQ6yOCPKADfTqlbRE4RuqrhMbmGZxXtPiAzoh4/+AZc3XdX062p/lPKR7RZhp7
fRC72OWafbei4yO27hw+3EC7qnAOh2ldvRZ9yJJ8i6pBllLTXfcYtfMim6R1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkJBNuQyLmNOq75eEvCGhcHalrp0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzNjMwMmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzgzNTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wjxWMA0GCSqGSIb3DQEBCwUAA4IBAQCKlRPKQXHuoN0vlee5tYwVIYyMhizn9Pho
tnbUZJXChV1qzdp86BY3nTokF1T2HL/3tmyVV4yp/etlvDc1kQxU7Xc8U0KyQ562
cGNDXIwMLparQtk4SdnW8uF4jgw1K8Zn8s4l3TDSkKK8vfkwqfpVpLQQxL8iW1rk
ltmDw7LYJyje/tG8I9TWz2Kp53epKNPl+84g02KaDbdrAJ0TqEzCzDz8AyF1qQd+
6w2lWOlCrwqehBKlXdxerNP1L95j2YuFipFvRMVo5LKUFRPEe+z2nKdKUDeTPHqa
4HKdFuTZVjiJNPSU5HAZC8HTnYCrgtsZAnwx9I0zBvTgqhADJ1Cz
-----END CERTIFICATE-----
Generated at Wed May 8 01:22:09 2024 by rpki-client on console-ams.rpki-client.org