Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7yXLxA7JEROSip29tRYosw14HfPYSbFcTJ56kFgw1h4=
Subject key identifier: 55:53:11:F0:8A:FF:95:35:B1:94:47:E6:C9:E8:34:6C:A3:EC:32:DB
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 575B9262CD1FF45EC065F14DB03CB33636454E66
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:20 +0000
ROA not before: Mon 01 Apr 2024 13:58:20 +0000
ROA not after: Mon 31 Mar 2025 14:03:20 +0000
asID: 136787
IP address blocks: 192.145.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:5b:92:62:cd:1f:f4:5e:c0:65:f1:4d:b0:3c:b3:36:36:45:4e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:20 2024 GMT
Not After : Mar 31 14:03:20 2025 GMT
Subject: CN=555311F08AFF9535B19447E6C9E8346CA3EC32DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4b:c5:ca:40:52:05:b7:a7:c6:0d:ff:f6:bc:
30:69:f0:20:6d:e4:bc:77:0e:23:b8:6a:d8:26:e1:
5f:91:6b:ce:67:5a:dd:92:1b:56:c5:2a:45:fb:80:
0e:45:e4:67:43:ce:50:93:24:99:e9:62:49:8c:a0:
c6:17:1a:43:8e:77:4d:94:15:8e:19:a3:d3:1e:85:
f5:d3:71:9b:7c:de:7d:46:d9:a5:33:d5:6c:46:31:
5f:39:33:1a:4b:06:ae:5e:ac:ba:d3:6b:dc:a6:bf:
53:98:96:ca:33:ef:af:f1:cd:9f:a9:c4:ae:66:67:
ce:1a:f3:1a:11:ac:4b:ef:6e:a0:b2:f4:a9:62:14:
76:f6:a2:7b:86:5d:8a:59:41:50:95:c5:93:c9:22:
a4:f5:e9:7b:72:d3:d5:7a:0c:36:d6:c2:61:3e:6b:
de:2e:e0:d7:fb:24:05:9c:bb:0a:ac:db:f8:08:58:
f0:4f:ec:64:1e:99:51:e1:d9:05:7d:de:28:f6:11:
46:58:83:ee:3a:6e:55:18:ff:c7:4c:ce:af:6f:09:
8b:ab:77:37:e3:c0:20:d3:88:c8:c8:39:21:d3:67:
29:9a:31:0b:62:ae:a2:20:ef:86:db:73:dd:a3:88:
ac:06:26:89:ac:4e:b0:e0:28:b1:05:00:cf:82:8c:
26:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:53:11:F0:8A:FF:95:35:B1:94:47:E6:C9:E8:34:6C:A3:EC:32:DB
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.38.0/24
Signature Algorithm: sha256WithRSAEncryption
60:52:41:fe:de:31:8b:a5:41:b4:dd:e7:50:ad:86:f1:dc:a4:
b6:9a:ac:ac:71:a9:6b:09:fa:a6:87:1b:fc:8a:3c:a1:19:c5:
1b:7e:7f:7d:6b:ef:47:fa:b7:72:ea:f1:57:e6:c0:3a:1d:4e:
f2:5f:04:06:fe:34:73:5b:42:f0:31:b2:bb:72:31:4f:37:fd:
72:a5:1d:34:28:1d:19:16:b3:9c:cc:68:0a:4a:80:da:3b:7a:
ce:b9:de:43:55:30:94:15:47:b7:1a:92:26:3a:98:a1:58:c8:
17:22:bd:41:05:28:35:6a:5d:04:8c:08:58:c4:41:39:3b:59:
f5:95:88:ca:71:be:2d:b1:33:7a:7b:2e:90:bf:f9:39:db:7e:
82:29:c2:97:54:37:35:c6:ab:fe:f5:2a:ec:a1:c3:e3:14:b8:
e3:e8:af:e0:43:f8:f9:22:1f:04:21:ac:ce:6f:de:a8:53:6f:
2b:5a:52:4a:a5:f1:8e:66:98:61:ef:0c:18:be:64:8f:c8:3d:
81:33:26:5f:2a:55:76:a9:13:d8:8e:b4:0a:75:25:e4:40:94:
dc:68:13:23:9e:a5:8b:ff:14:36:72:90:2d:26:66:c3:47:20:
bf:76:2b:5a:91:cc:b1:f5:a6:97:9f:d6:3a:5a:76:2e:f9:49:
8c:e5:0d:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUV1uSYs0f9F7AZfFNsDyzNjZFTmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjBaFw0yNTAzMzExNDAzMjBaMDMxMTAvBgNV
BAMTKDU1NTMxMUYwOEFGRjk1MzVCMTk0NDdFNkM5RTgzNDZDQTNFQzMyREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIS8XKQFIFt6fGDf/2vDBp8CBt
5Lx3DiO4atgm4V+Ra85nWt2SG1bFKkX7gA5F5GdDzlCTJJnpYkmMoMYXGkOOd02U
FY4Zo9MehfXTcZt83n1G2aUz1WxGMV85MxpLBq5erLrTa9ymv1OYlsoz76/xzZ+p
xK5mZ84a8xoRrEvvbqCy9KliFHb2onuGXYpZQVCVxZPJIqT16Xty09V6DDbWwmE+
a94u4Nf7JAWcuwqs2/gIWPBP7GQemVHh2QV93ij2EUZYg+46blUY/8dMzq9vCYur
dzfjwCDTiMjIOSHTZymaMQtirqIg74bbc92jiKwGJomsTrDgKLEFAM+CjCbRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVVMR8Ir/lTWxlEfmyeg0bKPsMtswHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMyMmUzMTM0MzUyZTMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkSYwDQYJKoZIhvcNAQELBQADggEBAGBSQf7eMYulQbTd51CthvHcpLaarKxx
qWsJ+qaHG/yKPKEZxRt+f31r70f6t3Lq8VfmwDodTvJfBAb+NHNbQvAxsrtyMU83
/XKlHTQoHRkWs5zMaApKgNo7es653kNVMJQVR7cakiY6mKFYyBcivUEFKDVqXQSM
CFjEQTk7WfWViMpxvi2xM3p7LpC/+TnbfoIpwpdUNzXGq/71Kuyhw+MUuOPor+BD
+PkiHwQhrM5v3qhTbytaUkql8Y5mmGHvDBi+ZI/IPYEzJl8qVXapE9iOtAp1JeRA
lNxoEyOepYv/FDZykC0mZsNHIL92K1qRzLH1ppef1jpadi75SYzlDVQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:35 2024 by rpki-client on console-fra.rpki-client.org