Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: n2rE0ll087i1WLMKYEDfFi5LJz9S15ruaYEBHCSUmbk=
Subject key identifier: 6D:A2:36:11:6B:0B:9C:FC:24:E9:07:F4:E2:10:69:81:A2:71:B8:2F
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 1724916F78DDD0C961E7A22597490034A6EBFDD1
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:40 +0000
ROA not before: Sun 12 May 2024 10:58:40 +0000
ROA not after: Sun 11 May 2025 11:03:40 +0000
asID: 136787
IP address blocks: 192.145.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:24:91:6f:78:dd:d0:c9:61:e7:a2:25:97:49:00:34:a6:eb:fd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: May 12 10:58:40 2024 GMT
Not After : May 11 11:03:40 2025 GMT
Subject: CN=6DA236116B0B9CFC24E907F4E2106981A271B82F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3f:83:1f:33:9c:c8:a0:79:7e:56:e3:83:bc:
25:68:bb:49:b2:17:75:dd:cc:88:99:8a:12:b7:52:
93:cd:d4:e9:ab:99:5e:46:5d:83:82:a1:e3:3d:9c:
34:ad:33:48:a1:d8:9a:75:89:12:0d:0d:d6:34:51:
7d:5b:46:8f:99:c7:f7:42:bf:7f:69:59:d6:aa:bd:
15:bb:bb:81:bd:15:07:6a:fb:8a:a1:5c:8d:6c:88:
71:0f:38:5b:08:11:36:23:91:bb:46:1b:3d:50:5b:
35:ec:b4:8a:01:5b:8b:50:41:d3:67:18:52:b5:d1:
41:cb:96:21:31:3a:52:91:ba:fb:3d:43:da:ab:02:
2a:fe:33:fe:bf:b0:50:67:b5:7e:58:e6:0b:1a:b7:
b3:e4:d2:4e:10:25:32:2d:61:63:31:f8:97:cd:c6:
22:d6:f5:5c:8a:bc:8d:20:a6:49:55:93:9b:5e:21:
23:53:fd:1e:ea:f7:41:62:59:3d:06:93:5d:25:1e:
80:dc:38:76:64:f8:ad:64:6d:fb:c5:94:01:20:b4:
d9:03:7e:29:31:5d:23:01:2b:b3:27:2e:2f:2a:90:
bf:b8:af:22:67:fa:73:b5:20:51:06:97:00:47:68:
f4:c7:b8:fa:48:b1:1a:3c:80:d0:0f:df:dd:da:14:
d3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:36:11:6B:0B:9C:FC:24:E9:07:F4:E2:10:69:81:A2:71:B8:2F
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.36.0/24
Signature Algorithm: sha256WithRSAEncryption
33:73:1f:94:69:6f:8b:d7:4f:9c:35:94:39:ca:14:74:3e:cd:
6d:83:f9:7b:3e:d4:bd:1d:dd:0c:83:60:70:dc:0a:32:77:95:
d3:f0:a4:19:84:28:78:2f:e5:c3:0e:47:24:fa:99:8b:d0:c4:
11:05:e5:91:e5:62:c3:db:87:09:4e:7a:ad:e8:35:fc:48:83:
98:24:e5:74:83:35:64:ab:a7:2a:fb:41:53:6e:b6:c5:8f:c8:
79:ea:db:db:6a:da:61:b8:29:73:ce:e8:1b:7e:f1:69:59:8c:
34:e6:c1:e0:c3:9f:fa:14:d9:51:76:e4:a0:69:f8:e0:fc:7d:
3c:20:d9:8d:78:a7:e3:a8:2b:a4:6b:e4:2e:41:3c:f6:e3:d8:
77:86:57:3d:46:50:3d:14:ef:94:d2:92:21:75:df:02:d8:c8:
dc:b3:97:39:45:89:9d:13:d3:ba:28:e1:47:12:ce:f7:0d:e2:
98:b4:62:09:76:3b:4b:49:f4:c0:55:0f:c3:c1:66:62:8d:c6:
7e:09:51:fe:10:38:f5:ff:bd:87:67:68:d1:b9:73:58:fd:9b:
21:f2:66:22:ae:0b:11:ed:b4:2a:3a:6c:e2:5c:25:b1:cd:b1:
1f:31:34:9a:3a:43:0a:7a:7d:12:7b:7e:53:bb:0d:51:07:63:
75:1e:77:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFySRb3jd0Mlh56Ill0kANKbr/dEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA1MTIxMDU4NDBaFw0yNTA1MTExMTAzNDBaMDMxMTAvBgNV
BAMTKDZEQTIzNjExNkIwQjlDRkMyNEU5MDdGNEUyMTA2OTgxQTI3MUI4MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzP4MfM5zIoHl+VuODvCVou0my
F3XdzIiZihK3UpPN1OmrmV5GXYOCoeM9nDStM0ih2Jp1iRINDdY0UX1bRo+Zx/dC
v39pWdaqvRW7u4G9FQdq+4qhXI1siHEPOFsIETYjkbtGGz1QWzXstIoBW4tQQdNn
GFK10UHLliExOlKRuvs9Q9qrAir+M/6/sFBntX5Y5gsat7Pk0k4QJTItYWMx+JfN
xiLW9VyKvI0gpklVk5teISNT/R7q90FiWT0Gk10lHoDcOHZk+K1kbfvFlAEgtNkD
fikxXSMBK7MnLi8qkL+4ryJn+nO1IFEGlwBHaPTHuPpIsRo8gNAP393aFNNRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbaI2EWsLnPwk6Qf04hBpgaJxuC8wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMyMmUzMTM0MzUyZTMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkSQwDQYJKoZIhvcNAQELBQADggEBADNzH5Rpb4vXT5w1lDnKFHQ+zW2D+Xs+
1L0d3QyDYHDcCjJ3ldPwpBmEKHgv5cMORyT6mYvQxBEF5ZHlYsPbhwlOeq3oNfxI
g5gk5XSDNWSrpyr7QVNutsWPyHnq29tq2mG4KXPO6Bt+8WlZjDTmweDDn/oU2VF2
5KBp+OD8fTwg2Y14p+OoK6Rr5C5BPPbj2HeGVz1GUD0U75TSkiF13wLYyNyzlzlF
iZ0T07oo4UcSzvcN4pi0Ygl2O0tJ9MBVD8PBZmKNxn4JUf4QOPX/vYdnaNG5c1j9
myHyZiKuCxHttCo6bOJcJbHNsR8xNJo6Qwp6fRJ7flO7DVEHY3Ued5k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org