Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: PFSACPLW6AY6JH3BuMU20jFohFrQboygCJJIv3KLwJo=
Subject key identifier: E3:F8:3F:67:4A:C0:81:C0:0E:90:3D:31:8D:7B:45:E6:59:37:4D:D1
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 1E17832747D26861C3402B24163C150483524716
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 10:59:28 +0000
ROA not before: Sun 11 Jun 2023 10:54:28 +0000
ROA not after: Sun 09 Jun 2024 10:59:28 +0000
asID: 136787
IP address blocks: 192.145.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:17:83:27:47:d2:68:61:c3:40:2b:24:16:3c:15:04:83:52:47:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 11 10:54:28 2023 GMT
Not After : Jun 9 10:59:28 2024 GMT
Subject: CN=E3F83F674AC081C00E903D318D7B45E659374DD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6d:37:3f:16:31:fd:41:15:2e:89:71:4b:82:
30:28:79:99:9c:1c:ca:87:2c:a3:d0:9d:ca:27:9c:
cf:ba:15:20:cb:9f:0c:de:20:52:7c:51:19:11:5f:
67:43:14:3d:04:de:cd:2f:1e:e1:67:2c:b1:13:68:
ee:ea:73:8d:7c:ef:6b:8b:94:f8:97:f1:bf:27:df:
f4:3d:38:a7:ab:03:e8:d8:82:5b:3a:80:c5:f0:89:
b0:4f:6d:d6:ca:e5:67:ec:b4:3a:08:93:f9:a2:12:
3c:be:ff:61:00:fe:a6:db:a1:d3:77:ea:ea:ee:83:
7d:13:7c:ae:7a:36:b4:cb:ae:bf:20:b9:1c:fe:fe:
9f:30:23:8c:15:c7:17:4d:57:7a:99:92:f0:75:01:
8b:9e:d2:b1:0c:39:d5:1b:8b:0c:34:05:07:55:0f:
0c:28:8f:d8:40:03:dd:8c:20:c7:34:0d:df:1a:08:
bb:e6:87:d6:11:69:1f:04:46:75:e0:67:c9:6e:c2:
d2:13:68:86:2a:c3:fe:5c:a0:cf:a3:ae:b0:fb:a2:
06:39:b1:5f:58:69:a0:5e:ab:f4:ab:5e:20:43:85:
3c:e6:2a:c5:92:25:fb:e4:e3:28:07:ca:d3:1d:1f:
01:4c:7a:80:2a:13:cf:eb:62:b9:99:be:30:20:75:
92:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F8:3F:67:4A:C0:81:C0:0E:90:3D:31:8D:7B:45:E6:59:37:4D:D1
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.36.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f7:6a:a3:54:0c:e9:36:05:d9:f9:dd:20:42:58:3a:3e:8e:
fd:f8:88:0a:f9:0c:96:dd:bb:2d:c5:06:e5:01:58:6b:00:8b:
5e:72:cb:d9:2b:28:86:41:3f:9c:41:f1:d8:bc:1f:10:01:9c:
72:eb:ac:9e:e0:db:12:0e:04:00:4f:28:19:2d:92:3c:6d:97:
1f:10:b0:0b:07:23:b6:9f:1f:72:64:f5:92:08:ce:6e:00:45:
2e:f8:71:c5:ef:36:9c:13:1e:14:e3:fa:82:73:0f:68:87:c3:
0d:f8:16:eb:0a:a6:9c:4a:53:d1:ee:c5:5b:42:bf:a2:50:64:
32:3e:22:95:32:d4:c1:de:05:bf:45:36:17:f8:e0:3d:82:db:
04:ed:0b:1b:b2:0a:4a:6c:99:88:a7:97:32:b0:13:90:11:06:
5b:38:c8:02:8d:9e:78:ee:02:cb:61:28:30:9d:73:89:be:3d:
0f:3e:81:8d:7d:fc:ee:70:48:e0:07:9f:6a:0d:37:34:92:33:
c1:e2:d0:f7:3e:d2:50:22:ed:99:bf:da:a1:71:d3:2c:1e:be:
bd:cc:da:18:b4:84:70:00:9f:b9:b8:7b:af:45:3f:9f:e4:b3:
78:38:36:8f:75:57:79:0a:6b:91:f8:06:a6:66:b3:2d:93:a0:
1a:22:63:07
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHheDJ0fSaGHDQCskFjwVBINSRxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzA2MTExMDU0MjhaFw0yNDA2MDkxMDU5MjhaMDMxMTAvBgNV
BAMTKEUzRjgzRjY3NEFDMDgxQzAwRTkwM0QzMThEN0I0NUU2NTkzNzRERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnbTc/FjH9QRUuiXFLgjAoeZmc
HMqHLKPQnconnM+6FSDLnwzeIFJ8URkRX2dDFD0E3s0vHuFnLLETaO7qc41872uL
lPiX8b8n3/Q9OKerA+jYgls6gMXwibBPbdbK5WfstDoIk/miEjy+/2EA/qbbodN3
6urug30TfK56NrTLrr8guRz+/p8wI4wVxxdNV3qZkvB1AYue0rEMOdUbiww0BQdV
Dwwoj9hAA92MIMc0Dd8aCLvmh9YRaR8ERnXgZ8luwtITaIYqw/5coM+jrrD7ogY5
sV9YaaBeq/SrXiBDhTzmKsWSJfvk4ygHytMdHwFMeoAqE8/rYrmZvjAgdZJXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4/g/Z0rAgcAOkD0xjXtF5lk3TdEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMyMmUzMTM0MzUyZTMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkSQwDQYJKoZIhvcNAQELBQADggEBAFT3aqNUDOk2Bdn53SBCWDo+jv34iAr5
DJbduy3FBuUBWGsAi15yy9krKIZBP5xB8di8HxABnHLrrJ7g2xIOBABPKBktkjxt
lx8QsAsHI7afH3Jk9ZIIzm4ARS74ccXvNpwTHhTj+oJzD2iHww34FusKppxKU9Hu
xVtCv6JQZDI+IpUy1MHeBb9FNhf44D2C2wTtCxuyCkpsmYinlzKwE5ARBls4yAKN
nnjuAsthKDCdc4m+PQ8+gY19/O5wSOAHn2oNNzSSM8Hi0Pc+0lAi7Zm/2qFx0ywe
vr3M2hi0hHAAn7m4e69FP5/ks3g4No91V3kKa5H4BqZmsy2ToBoiYwc=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org