Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e20313336373837.roa
File: 39312e3139362e3232312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: x1FF6pVRpe9LRepaFPAG89kxLEfAHvTwXfVV7HRRcWg=
Subject key identifier: BF:A2:48:28:E9:60:FC:A5:72:A9:E3:2F:FD:A8:C7:73:D7:09:08:20
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 25FCE50265813C94C5978C97D734529B41D436F5
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:22 +0000
ROA not before: Mon 01 Apr 2024 13:58:22 +0000
ROA not after: Mon 31 Mar 2025 14:03:22 +0000
asID: 136787
IP address blocks: 91.196.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:fc:e5:02:65:81:3c:94:c5:97:8c:97:d7:34:52:9b:41:d4:36:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:22 2024 GMT
Not After : Mar 31 14:03:22 2025 GMT
Subject: CN=BFA24828E960FCA572A9E32FFDA8C773D7090820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:99:09:f4:c5:2a:d0:2c:72:15:70:f6:48:6f:
33:02:e1:94:4c:98:30:52:16:2d:8f:4b:3c:fd:db:
2b:e0:16:2a:c3:f7:a9:aa:77:3d:7d:78:09:73:d4:
fc:15:f6:16:75:39:09:ad:07:d6:71:2f:21:d4:a6:
d6:5e:77:d7:06:82:df:65:fe:3e:06:9c:e5:5c:fe:
e5:65:d2:65:0f:cb:da:36:f6:64:7a:5d:b3:8a:ac:
0b:54:c9:11:4c:2f:c0:4d:27:99:77:4a:c3:b1:e4:
a2:50:c0:7b:77:6b:87:ed:26:19:b8:8b:b1:ce:dd:
63:4e:44:64:34:bd:ce:38:45:a4:3f:7d:da:2c:1b:
25:64:8f:5e:27:ea:0a:a4:68:20:29:e7:6f:05:76:
33:41:b5:10:85:a9:af:45:da:40:3e:31:ad:64:78:
6f:e7:93:51:f1:ce:04:6e:66:76:00:b8:b2:a1:0d:
9f:bb:9e:7b:32:ba:1e:5b:a7:7e:f8:0d:3d:0b:ff:
d6:ef:3d:6a:aa:54:b4:d7:e7:b4:82:48:08:71:f8:
04:d8:ed:68:6e:61:68:b2:12:24:42:4f:b8:63:01:
31:74:03:72:79:ea:ad:e8:e1:39:b7:94:2c:26:8a:
1b:8c:65:70:d3:63:af:16:65:d4:ea:eb:8a:2c:2b:
23:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A2:48:28:E9:60:FC:A5:72:A9:E3:2F:FD:A8:C7:73:D7:09:08:20
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.221.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:b1:6d:16:74:0e:64:9f:80:16:84:2a:0c:e0:46:16:d3:d1:
8b:a4:f2:b6:7f:11:60:fc:fe:a5:da:a1:d7:65:c3:f1:c3:13:
a1:e9:2c:98:e8:77:e5:58:00:8b:64:d9:c5:9d:47:e6:92:e1:
03:2c:f5:98:28:6c:27:d0:11:34:58:8b:b5:cb:d5:98:50:bc:
b1:07:b6:df:36:14:4c:4a:d8:38:90:fd:0f:83:f2:68:ba:17:
6c:f5:f4:ce:55:c6:7a:57:b3:71:f7:9e:5b:dd:67:43:31:25:
78:94:a5:fa:03:30:2b:85:07:47:06:56:eb:ae:49:59:37:b0:
2a:c0:d9:62:24:3e:fe:65:9a:17:4d:27:4d:b9:81:da:e3:90:
36:07:51:72:0f:0c:14:31:58:44:94:f4:4d:4e:7f:41:f3:62:
28:13:40:1e:f2:79:10:d2:e9:94:bc:4e:f1:53:0e:e0:0e:01:
51:62:f9:c1:c1:0f:e9:e6:bf:14:83:2d:70:35:ac:03:49:61:
97:55:1f:a1:19:44:61:9c:7d:3f:dd:96:2d:70:a6:7c:00:34:
76:cd:28:87:11:5f:58:8e:43:c2:7c:80:f4:4b:76:0f:c1:c3:
ce:37:7a:71:5e:de:e7:f1:0a:c5:f7:97:d1:48:b3:55:16:86:
bf:2f:23:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJfzlAmWBPJTFl4yX1zRSm0HUNvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjJaFw0yNTAzMzExNDAzMjJaMDMxMTAvBgNV
BAMTKEJGQTI0ODI4RTk2MEZDQTU3MkE5RTMyRkZEQThDNzczRDcwOTA4MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5mQn0xSrQLHIVcPZIbzMC4ZRM
mDBSFi2PSzz92yvgFirD96mqdz19eAlz1PwV9hZ1OQmtB9ZxLyHUptZed9cGgt9l
/j4GnOVc/uVl0mUPy9o29mR6XbOKrAtUyRFML8BNJ5l3SsOx5KJQwHt3a4ftJhm4
i7HO3WNORGQ0vc44RaQ/fdosGyVkj14n6gqkaCAp528FdjNBtRCFqa9F2kA+Ma1k
eG/nk1HxzgRuZnYAuLKhDZ+7nnsyuh5bp374DT0L/9bvPWqqVLTX57SCSAhx+ATY
7WhuYWiyEiRCT7hjATF0A3J56q3o4Tm3lCwmihuMZXDTY68WZdTq64osKyPDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUv6JIKOlg/KVyqeMv/ajHc9cJCCAwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzkzMTJlMzEzOTM2MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbxN0wDQYJKoZIhvcNAQELBQADggEBAC2xbRZ0DmSfgBaEKgzgRhbT0Yuk8rZ/
EWD8/qXaoddlw/HDE6HpLJjod+VYAItk2cWdR+aS4QMs9ZgobCfQETRYi7XL1ZhQ
vLEHtt82FExK2DiQ/Q+D8mi6F2z19M5VxnpXs3H3nlvdZ0MxJXiUpfoDMCuFB0cG
VuuuSVk3sCrA2WIkPv5lmhdNJ025gdrjkDYHUXIPDBQxWESU9E1Of0HzYigTQB7y
eRDS6ZS8TvFTDuAOAVFi+cHBD+nmvxSDLXA1rANJYZdVH6EZRGGcfT/dli1wpnwA
NHbNKIcRX1iOQ8J8gPRLdg/Bw843enFe3ufxCsX3l9FIs1UWhr8vI+Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org