Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32342d3234203d3e20313336373837.roa
File: 39312e3139362e3232322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cvyFVlAsg2eL5a2DxkbLvE012o9975tXXvwtq2aEkqk=
Subject key identifier: 14:F3:75:B5:6A:66:8E:15:1A:2D:1D:BE:B8:26:49:C6:79:F0:97:E9
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 797F20E5A5F80CBED8183055834EDE529CE7FD7A
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:24 +0000
ROA not before: Mon 01 Apr 2024 13:58:24 +0000
ROA not after: Mon 31 Mar 2025 14:03:24 +0000
asID: 136787
IP address blocks: 91.196.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:7f:20:e5:a5:f8:0c:be:d8:18:30:55:83:4e:de:52:9c:e7:fd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:24 2024 GMT
Not After : Mar 31 14:03:24 2025 GMT
Subject: CN=14F375B56A668E151A2D1DBEB82649C679F097E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:12:d5:37:7b:76:d0:f7:ad:b7:f2:18:fa:
f9:ca:65:13:66:22:d8:1b:f7:e7:c1:0c:2e:c6:16:
90:8d:35:93:8b:e8:28:ae:b9:61:60:75:71:c3:80:
17:33:da:b9:cb:cc:1a:3e:95:c6:34:db:75:54:ee:
15:29:2e:9d:ae:a6:01:5d:37:56:22:9d:6c:6c:59:
99:00:26:5c:9d:c1:68:2f:ef:6b:7d:58:86:74:6b:
6b:cb:d9:10:db:fe:1b:73:d4:af:45:7e:bd:fd:fe:
19:7e:a4:bc:c9:e1:8a:5a:3e:a8:8a:11:99:24:77:
a1:af:d2:88:1d:fc:1b:a1:2d:d9:4e:40:5c:3b:23:
a7:ae:05:02:a9:f2:90:b3:25:3d:fe:64:e2:84:07:
35:82:9d:74:f1:6b:51:0d:ed:38:94:a2:bf:12:70:
85:d3:ae:a7:be:44:ad:b8:c8:f5:7a:3b:74:24:fd:
bd:4b:4f:4e:c0:05:ab:1d:1d:64:bd:02:a5:58:6e:
39:cb:16:20:b6:21:77:2c:a2:75:57:5c:0b:03:50:
db:f4:80:9a:c3:cc:45:b1:b8:51:da:a1:ef:5a:da:
4d:9c:f7:91:c9:5b:bd:97:72:db:1f:e7:ef:37:43:
82:b7:1f:c2:42:1c:54:d7:e9:de:1f:36:1c:4a:f6:
f3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F3:75:B5:6A:66:8E:15:1A:2D:1D:BE:B8:26:49:C6:79:F0:97:E9
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.222.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:21:ac:20:e4:c7:f1:56:87:ae:54:3d:c2:e1:00:5b:d3:4e:
d1:2f:3f:da:cf:f2:38:0e:51:5b:23:ed:bb:c2:e4:b7:00:ec:
09:13:cd:4f:85:9c:04:e6:ac:ff:79:89:69:bc:1a:25:1d:51:
83:f5:35:92:3d:13:61:5c:a7:4e:71:04:63:88:02:fb:9c:51:
91:59:63:34:84:91:65:74:85:08:08:1b:34:4c:ae:99:6f:a9:
a7:b1:26:57:eb:52:c0:eb:dd:c4:fc:06:ac:23:32:04:b3:a0:
46:62:1d:d4:30:6a:15:2e:ac:97:b1:c8:b1:f5:dd:d5:13:98:
74:c2:c6:18:55:4e:0e:eb:8e:16:40:56:c1:bc:97:87:cf:8f:
8a:be:04:f4:d9:78:87:91:83:cd:54:dd:03:fd:26:c1:01:69:
1e:91:fe:50:fc:f1:46:42:cf:ae:f1:24:25:63:5e:5b:13:2e:
c6:73:ee:0f:62:d4:69:16:1d:a4:fa:c3:f0:f3:55:bd:4b:53:
c6:5d:8d:e4:74:f6:87:f7:dc:59:6a:41:72:21:ff:17:15:ba:
9f:3e:fd:51:33:f5:1b:2d:08:30:5d:69:00:10:e9:70:73:c6:
56:77:a3:73:ad:77:25:ab:e1:5c:8f:09:48:d2:e3:46:9d:ab:
08:38:22:d4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeX8g5aX4DL7YGDBVg07eUpzn/XowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjRaFw0yNTAzMzExNDAzMjRaMDMxMTAvBgNV
BAMTKDE0RjM3NUI1NkE2NjhFMTUxQTJEMURCRUI4MjY0OUM2NzlGMDk3RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjLhLVN3t20Pett/IY+vnKZRNm
Itgb9+fBDC7GFpCNNZOL6CiuuWFgdXHDgBcz2rnLzBo+lcY023VU7hUpLp2upgFd
N1YinWxsWZkAJlydwWgv72t9WIZ0a2vL2RDb/htz1K9Ffr39/hl+pLzJ4YpaPqiK
EZkkd6Gv0ogd/BuhLdlOQFw7I6euBQKp8pCzJT3+ZOKEBzWCnXTxa1EN7TiUor8S
cIXTrqe+RK24yPV6O3Qk/b1LT07ABasdHWS9AqVYbjnLFiC2IXcsonVXXAsDUNv0
gJrDzEWxuFHaoe9a2k2c95HJW72Xctsf5+83Q4K3H8JCHFTX6d4fNhxK9vNpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFPN1tWpmjhUaLR2+uCZJxnnwl+kwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzkzMTJlMzEzOTM2MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbxN4wDQYJKoZIhvcNAQELBQADggEBADshrCDkx/FWh65UPcLhAFvTTtEvP9rP
8jgOUVsj7bvC5LcA7AkTzU+FnATmrP95iWm8GiUdUYP1NZI9E2Fcp05xBGOIAvuc
UZFZYzSEkWV0hQgIGzRMrplvqaexJlfrUsDr3cT8BqwjMgSzoEZiHdQwahUurJex
yLH13dUTmHTCxhhVTg7rjhZAVsG8l4fPj4q+BPTZeIeRg81U3QP9JsEBaR6R/lD8
8UZCz67xJCVjXlsTLsZz7g9i1GkWHaT6w/DzVb1LU8ZdjeR09of33FlqQXIh/xcV
up8+/VEz9RstCDBdaQAQ6XBzxlZ3o3OtdyWr4VyPCUjS40adqwg4ItQ=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org