Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: waXUACsgN8Wl6YSdhbNxp1IQhChdcAsFey2RMrvTHYk=
Subject key identifier: 70:5E:6E:2E:A4:16:1C:D9:1C:08:CE:C4:6D:CE:FC:1D:88:CF:FB:85
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 2303EFB2C01ADE4A0DEFD95313A4D91A298134D0
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:21 +0000
ROA not before: Mon 01 Apr 2024 13:58:21 +0000
ROA not after: Mon 31 Mar 2025 14:03:21 +0000
asID: 136787
IP address blocks: 192.145.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:03:ef:b2:c0:1a:de:4a:0d:ef:d9:53:13:a4:d9:1a:29:81:34:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:21 2024 GMT
Not After : Mar 31 14:03:21 2025 GMT
Subject: CN=705E6E2EA4161CD91C08CEC46DCEFC1D88CFFB85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:56:9e:0a:e0:ab:2d:07:ef:f3:13:b8:62:
22:32:83:75:11:e7:6a:29:21:ef:c8:f1:bb:aa:a7:
ca:f2:d7:3d:e4:b6:9d:6b:7e:e6:2d:22:ad:6e:9d:
f8:e0:1e:4b:4e:57:b1:b2:0d:a6:6c:cf:b3:1c:19:
90:d1:dd:1a:9e:1c:e0:26:89:4b:11:94:a2:cc:c2:
68:38:d6:b7:5a:c1:42:aa:56:cb:10:7a:22:f1:8e:
0f:de:9e:e9:27:a4:c7:b4:b6:96:62:fc:19:67:19:
70:c3:58:dc:d4:87:4f:02:24:c3:03:ae:27:06:81:
a5:9d:df:a1:19:75:0a:01:e9:20:d2:88:93:b2:92:
4f:d2:41:1b:8e:dc:a7:e4:12:24:5c:11:c3:76:d0:
cf:bf:c3:72:ff:73:3e:7d:92:0d:c3:b8:4b:b1:4a:
b4:75:77:34:00:74:51:74:ff:45:ad:c9:cd:58:04:
5a:82:87:2a:ec:74:77:34:c3:b3:a5:29:b5:62:1a:
f3:bc:b3:04:f3:00:48:0f:e0:dc:3f:9f:94:5d:88:
fd:e7:2d:9d:a5:78:c3:df:81:cd:2e:e5:fe:94:c6:
2e:a8:3f:52:d5:99:0e:49:56:79:25:78:8b:95:fb:
e0:ce:81:e1:52:b6:3f:c7:25:04:26:f6:3f:ae:6c:
ca:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5E:6E:2E:A4:16:1C:D9:1C:08:CE:C4:6D:CE:FC:1D:88:CF:FB:85
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.39.0/24
Signature Algorithm: sha256WithRSAEncryption
af:84:53:80:8e:e6:89:0b:23:6e:51:65:31:78:3c:a0:c1:a2:
e0:29:25:85:ff:1f:60:90:b5:ac:f6:21:ce:cb:cb:e3:ff:3d:
0e:3f:43:ee:52:2c:bd:2e:83:79:25:68:7d:a0:f1:b8:d9:31:
1a:a4:78:3c:ae:b9:33:64:c5:14:8c:7f:4e:03:aa:b6:b1:b4:
73:6e:a4:46:ae:a3:11:af:d2:ec:1c:81:ee:97:6d:4c:cb:a9:
48:6f:55:0b:01:c1:f5:e3:ef:b8:34:d2:ac:da:48:4d:3b:f4:
c1:d3:e3:af:b5:44:38:08:c3:76:32:89:4a:85:bc:8e:3c:78:
e3:20:f7:43:b1:dc:ca:10:e4:61:43:a0:61:cb:93:34:2f:f2:
36:bf:89:53:1f:56:3a:58:5c:15:09:c9:37:e0:48:f7:9b:eb:
b7:51:48:48:6e:17:eb:08:e1:20:1b:89:06:10:1d:a8:c1:ed:
65:36:44:fa:33:05:c3:e3:10:b4:a6:fa:61:e5:9d:5c:f6:c0:
7a:23:c5:74:28:2a:bc:49:3b:38:b6:57:86:47:ce:11:ad:b3:
08:56:a0:80:89:ad:1f:88:25:ae:41:b6:59:59:99:8d:58:17:
3b:da:29:ec:49:23:2a:c2:b4:ff:d8:e2:93:2b:10:d4:40:e9:
1d:3f:d1:90
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIwPvssAa3koN79lTE6TZGimBNNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjFaFw0yNTAzMzExNDAzMjFaMDMxMTAvBgNV
BAMTKDcwNUU2RTJFQTQxNjFDRDkxQzA4Q0VDNDZEQ0VGQzFEODhDRkZCODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67FaeCuCrLQfv8xO4YiIyg3UR
52opIe/I8buqp8ry1z3ktp1rfuYtIq1unfjgHktOV7GyDaZsz7McGZDR3RqeHOAm
iUsRlKLMwmg41rdawUKqVssQeiLxjg/enuknpMe0tpZi/BlnGXDDWNzUh08CJMMD
ricGgaWd36EZdQoB6SDSiJOykk/SQRuO3KfkEiRcEcN20M+/w3L/cz59kg3DuEux
SrR1dzQAdFF0/0Wtyc1YBFqChyrsdHc0w7OlKbViGvO8swTzAEgP4Nw/n5RdiP3n
LZ2leMPfgc0u5f6Uxi6oP1LVmQ5JVnkleIuV++DOgeFStj/HJQQm9j+ubMo/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcF5uLqQWHNkcCM7Ebc78HYjP+4UwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMyMmUzMTM0MzUyZTMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkScwDQYJKoZIhvcNAQELBQADggEBAK+EU4CO5okLI25RZTF4PKDBouApJYX/
H2CQtaz2Ic7Ly+P/PQ4/Q+5SLL0ug3klaH2g8bjZMRqkeDyuuTNkxRSMf04Dqrax
tHNupEauoxGv0uwcge6XbUzLqUhvVQsBwfXj77g00qzaSE079MHT46+1RDgIw3Yy
iUqFvI48eOMg90Ox3MoQ5GFDoGHLkzQv8ja/iVMfVjpYXBUJyTfgSPeb67dRSEhu
F+sI4SAbiQYQHajB7WU2RPozBcPjELSm+mHlnVz2wHojxXQoKrxJOzi2V4ZHzhGt
swhWoICJrR+IJa5BtllZmY1YFzvaKexJIyrCtP/Y4pMrENRA6R0/0ZA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org