Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134382e37332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zvXg7KbSOj3kZgIYvpQjGtWbFNOf2isLpkcggMCWZmI=
Subject key identifier: 2F:09:66:EF:AF:C4:F9:4A:4C:50:61:65:91:44:1F:39:20:E1:2D:0E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 679955C090D951CFC6CBB05CD282F287352313A5
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 08 Mar 2024 12:58:24 +0000
ROA not before: Fri 08 Mar 2024 12:53:24 +0000
ROA not after: Fri 07 Mar 2025 12:58:24 +0000
asID: 136787
IP address blocks: 193.148.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:99:55:c0:90:d9:51:cf:c6:cb:b0:5c:d2:82:f2:87:35:23:13:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 8 12:53:24 2024 GMT
Not After : Mar 7 12:58:24 2025 GMT
Subject: CN=2F0966EFAFC4F94A4C50616591441F3920E12D0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:31:ce:81:41:fa:4e:25:da:be:66:4a:3f:97:
06:07:78:91:8b:fc:8d:a3:7e:f4:ee:b2:ee:49:56:
61:1d:76:77:9d:c8:41:77:04:df:6a:fa:8a:ba:ab:
a0:cc:d9:ca:d7:cd:80:e6:14:71:4e:1d:b5:6f:5a:
0e:99:50:19:3d:7a:e5:d9:65:37:5e:10:0d:9f:31:
7c:c0:b2:c6:a4:22:c9:7a:c6:7a:e4:91:5e:4e:99:
67:c1:af:20:51:a6:c1:58:89:9c:aa:4f:87:9e:ad:
42:41:46:b3:3c:e3:41:d7:75:3a:90:a4:9b:1a:0d:
40:07:ca:98:f7:62:ee:df:88:b3:30:4d:6f:fd:3c:
92:41:1a:2f:ce:45:98:2f:e2:dd:dc:1e:9b:45:04:
8d:64:1b:57:c4:1d:7b:90:b0:fc:fd:51:cc:1d:a5:
d7:60:c2:5a:83:ad:68:4c:dc:63:6a:ca:3d:fa:b9:
58:c7:ae:a0:c3:0f:31:68:20:91:43:2a:73:d3:c8:
db:27:6d:41:37:9e:29:75:17:f0:9f:58:0a:b5:9f:
d6:00:41:cf:66:28:07:d0:30:41:f3:7a:6d:1c:20:
27:54:ef:65:59:1f:32:d9:e8:65:01:7b:81:c6:a2:
eb:dc:4a:f8:89:25:a8:85:70:5e:ab:3d:33:64:12:
d1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:09:66:EF:AF:C4:F9:4A:4C:50:61:65:91:44:1F:39:20:E1:2D:0E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.73.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ae:3d:4b:60:0b:fe:23:ab:92:cf:b9:49:65:c8:85:ee:8d:
4a:e1:f6:53:30:31:c9:d1:e0:44:ed:a4:f1:bd:ee:2f:2e:fd:
00:d4:3f:fe:75:09:35:88:b3:a7:bf:6a:3c:a6:9f:19:6e:70:
ed:74:95:ab:97:6d:43:89:fe:6c:4c:db:d1:7b:e9:47:2e:2a:
e2:51:b0:60:34:1f:e6:cc:e0:87:e7:09:e5:b0:2d:39:df:8d:
48:fa:c0:07:f5:d9:0e:f5:f1:f8:60:46:8c:fa:4a:cc:35:08:
c2:d2:3e:a3:bc:5d:00:73:bb:8b:40:73:e4:b6:8b:d4:a4:33:
d0:8b:b3:1a:d1:9c:f3:be:88:e0:ad:9d:ba:25:f8:27:59:ba:
45:3d:83:10:7f:ce:b7:4d:52:0a:e3:64:d9:2d:7e:05:f6:a7:
1f:b4:58:42:58:28:52:a6:88:8f:cc:83:c6:06:f4:6c:8a:0a:
9c:9f:0f:9b:d7:29:23:f2:11:5f:2d:a1:07:8f:61:db:83:88:
d6:f8:1c:71:5c:ff:e4:8f:b7:eb:1f:a9:2b:0b:15:30:54:02:
76:ec:9c:fa:4e:c1:64:b1:55:7e:e2:68:e8:0b:1f:4b:79:c7:
39:26:7d:94:97:01:4b:81:4c:84:7b:44:48:f8:39:1f:8b:a1:
21:5b:d2:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZ5lVwJDZUc/Gy7Bc0oLyhzUjE6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAzMDgxMjUzMjRaFw0yNTAzMDcxMjU4MjRaMDMxMTAvBgNV
BAMTKDJGMDk2NkVGQUZDNEY5NEE0QzUwNjE2NTkxNDQxRjM5MjBFMTJEMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdMc6BQfpOJdq+Zko/lwYHeJGL
/I2jfvTusu5JVmEddnedyEF3BN9q+oq6q6DM2crXzYDmFHFOHbVvWg6ZUBk9euXZ
ZTdeEA2fMXzAssakIsl6xnrkkV5OmWfBryBRpsFYiZyqT4eerUJBRrM840HXdTqQ
pJsaDUAHypj3Yu7fiLMwTW/9PJJBGi/ORZgv4t3cHptFBI1kG1fEHXuQsPz9Ucwd
pddgwlqDrWhM3GNqyj36uVjHrqDDDzFoIJFDKnPTyNsnbUE3nil1F/CfWAq1n9YA
Qc9mKAfQMEHzem0cICdU72VZHzLZ6GUBe4HGouvcSviJJaiFcF6rPTNkEtHTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULwlm76/E+UpMUGFlkUQfOSDhLQ4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzMTM0MzgyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBlEkwDQYJKoZIhvcNAQELBQADggEBAByuPUtgC/4jq5LPuUllyIXujUrh9lMw
McnR4ETtpPG97i8u/QDUP/51CTWIs6e/ajymnxlucO10lauXbUOJ/mxM29F76Ucu
KuJRsGA0H+bM4IfnCeWwLTnfjUj6wAf12Q718fhgRoz6Ssw1CMLSPqO8XQBzu4tA
c+S2i9SkM9CLsxrRnPO+iOCtnbol+CdZukU9gxB/zrdNUgrjZNktfgX2px+0WEJY
KFKmiI/Mg8YG9GyKCpyfD5vXKSPyEV8toQePYduDiNb4HHFc/+SPt+sfqSsLFTBU
AnbsnPpOwWSxVX7iaOgLH0t5xzkmfZSXAUuBTIR7REj4OR+LoSFb0gk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:35 2024 by rpki-client on console-fra.rpki-client.org