Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31392e302f32342d3332203d3e20313431393935.roa
File: 3138352e3139332e31392e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: QreKnAum85nMVmggp9B90bWTDCl5nI31LeHN256Cg+w=
Subject key identifier: 0A:2D:3B:B1:E9:21:BC:3F:79:72:E5:CF:FE:FD:6A:55:2F:1D:23:FA
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 08C9B025ED7AEA387E1315362C5D9B8A9E17A276
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31392e302f32342d3332203d3e20313431393935.roa
Signing time: Mon 10 Jun 2024 11:03:56 +0000
ROA not before: Mon 10 Jun 2024 10:58:56 +0000
ROA not after: Mon 09 Jun 2025 11:03:56 +0000
asID: 141995
IP address blocks: 185.193.19.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:c9:b0:25:ed:7a:ea:38:7e:13:15:36:2c:5d:9b:8a:9e:17:a2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 10 10:58:56 2024 GMT
Not After : Jun 9 11:03:56 2025 GMT
Subject: CN=0A2D3BB1E921BC3F7972E5CFFEFD6A552F1D23FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a9:52:ce:e9:93:30:da:34:b5:9f:03:34:c1:
ab:7b:c2:72:c4:c9:24:38:12:c3:5b:e4:b8:11:18:
87:cc:e1:7d:65:f2:13:70:b5:a7:34:0a:23:c8:94:
69:7a:ca:50:29:c1:9b:36:48:e9:3c:56:dc:e6:f0:
4f:9d:c5:1d:a7:05:64:49:ec:9e:f2:9a:95:79:09:
59:dd:8d:7c:70:ce:ab:e9:f2:bb:0c:64:07:79:b2:
b1:20:08:a3:3e:9c:9c:99:9c:28:67:49:31:8e:2a:
71:be:9a:bc:1f:24:98:1b:4c:14:4d:63:b4:a3:7b:
af:1e:9b:3f:41:88:d3:c3:76:c1:26:0b:5c:aa:dd:
f4:a1:42:7b:cd:2d:be:ab:8c:ae:42:4a:26:df:ea:
24:44:c0:70:b7:9f:50:d4:09:40:23:09:11:d2:6c:
b1:67:5d:9c:b7:bf:0b:1a:ad:0a:a9:fc:de:6a:6d:
e2:db:34:7d:f3:05:26:e2:78:1e:65:7d:40:d8:cd:
44:0b:57:50:cd:a8:f4:55:5a:d7:06:a7:0c:6b:15:
41:7e:8d:d2:4c:ff:05:d3:60:5d:87:d7:e8:91:64:
0a:a1:1b:ee:cf:85:09:80:e6:f7:23:67:f9:9d:2c:
65:b5:88:03:e9:31:8c:8e:cd:e4:c2:5d:40:52:e5:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2D:3B:B1:E9:21:BC:3F:79:72:E5:CF:FE:FD:6A:55:2F:1D:23:FA
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31392e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.19.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6a:38:d1:43:4f:4d:26:1f:f1:d3:29:4e:f1:7f:45:17:95:
1e:49:c7:d8:ca:a6:1d:39:50:7f:a0:0a:86:e8:9b:7a:cc:5c:
5b:28:39:a6:a0:e1:a5:00:4b:30:b3:6e:bf:89:c2:b8:66:0e:
00:6c:f3:8e:f5:9d:7d:b0:a3:f1:91:8d:00:65:e4:9e:f1:c9:
56:28:9e:d8:71:3c:13:77:8e:ab:03:8c:11:2b:c6:0c:06:92:
29:69:26:18:78:7e:33:d0:a2:b5:e9:f4:07:67:e4:ce:8d:c4:
e7:50:7c:e7:8f:5e:09:43:a4:ba:44:b5:62:1d:89:6b:4b:d9:
8b:44:0e:b4:b8:43:e1:da:58:a8:bd:3a:20:4f:d0:1a:c0:50:
63:a6:3c:0d:e9:06:f0:75:b7:36:33:c5:ca:8b:11:7c:82:27:
6e:98:a5:57:fd:4a:64:7b:8c:e5:23:3a:29:1e:fa:64:89:08:
aa:e3:03:5a:80:a2:0f:53:c7:88:76:df:a5:01:47:29:9c:fb:
da:bc:ae:4d:ed:8d:5f:90:fa:99:fa:db:71:fc:91:7b:40:90:
23:d7:a0:bb:27:7a:37:96:6a:ef:a0:70:85:a8:0c:6a:14:e3:
dd:e2:2a:79:28:ef:17:50:39:04:c9:7b:1e:ac:78:b5:70:38:
02:49:f2:19
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCMmwJe166jh+ExU2LF2bip4XonYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MTAxMDU4NTZaFw0yNTA2MDkxMTAzNTZaMDMxMTAvBgNV
BAMTKDBBMkQzQkIxRTkyMUJDM0Y3OTcyRTVDRkZFRkQ2QTU1MkYxRDIzRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpqVLO6ZMw2jS1nwM0wat7wnLE
ySQ4EsNb5LgRGIfM4X1l8hNwtac0CiPIlGl6ylApwZs2SOk8Vtzm8E+dxR2nBWRJ
7J7ympV5CVndjXxwzqvp8rsMZAd5srEgCKM+nJyZnChnSTGOKnG+mrwfJJgbTBRN
Y7Sje68emz9BiNPDdsEmC1yq3fShQnvNLb6rjK5CSibf6iREwHC3n1DUCUAjCRHS
bLFnXZy3vwsarQqp/N5qbeLbNH3zBSbieB5lfUDYzUQLV1DNqPRVWtcGpwxrFUF+
jdJM/wXTYF2H1+iRZAqhG+7PhQmA5vcjZ/mdLGW1iAPpMYyOzeTCXUBS5Ut1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCi07sekhvD95cuXP/v1qVS8dI/owHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzODM1MmUzMTM5MzMyZTMx
MzkyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5wRMwDQYJKoZIhvcNAQELBQADggEBAFRqONFDT00mH/HTKU7xf0UXlR5Jx9jK
ph05UH+gCobom3rMXFsoOaag4aUASzCzbr+JwrhmDgBs8471nX2wo/GRjQBl5J7x
yVYonthxPBN3jqsDjBErxgwGkilpJhh4fjPQorXp9Adn5M6NxOdQfOePXglDpLpE
tWIdiWtL2YtEDrS4Q+HaWKi9OiBP0BrAUGOmPA3pBvB1tzYzxcqLEXyCJ26YpVf9
SmR7jOUjOike+mSJCKrjA1qAog9Tx4h236UBRymc+9q8rk3tjV+Q+pn623H8kXtA
kCPXoLsnejeWau+gcIWoDGoU493iKnko7xdQOQTJex6seLVwOAJJ8hk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org