Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7ZQF854UvXCX/nbGb2iSw6FIXO00p53to73DZmSyFyw=
Subject key identifier: AB:29:9A:6F:4B:5F:82:CC:8D:35:2A:7A:2D:61:8B:53:34:5C:08:20
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3C0D2F023AA8E1467D69805E1FC7AA06B386D552
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:46:58 +0000
ROA not before: Sun 26 Nov 2023 19:41:58 +0000
ROA not after: Sun 24 Nov 2024 19:46:58 +0000
asID: 136787
IP address blocks: 193.148.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:0d:2f:02:3a:a8:e1:46:7d:69:80:5e:1f:c7:aa:06:b3:86:d5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Nov 26 19:41:58 2023 GMT
Not After : Nov 24 19:46:58 2024 GMT
Subject: CN=AB299A6F4B5F82CC8D352A7A2D618B53345C0820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7f:08:d5:24:87:83:87:22:74:6c:c4:74:6d:
f3:6d:c7:9a:83:eb:a6:da:c7:ef:76:6b:8b:03:e6:
ef:1b:72:27:46:56:9b:9b:bd:91:94:d0:3b:7e:d5:
59:11:37:de:9b:f5:6c:40:78:f5:9d:33:94:a3:b3:
c6:56:bf:58:2d:49:83:e9:cf:40:9b:d1:8b:11:ae:
1a:0f:bd:f8:7e:86:79:d7:04:ce:8a:2f:1d:5a:44:
f9:d8:54:a7:f2:74:9a:8a:bd:dc:6a:b9:2a:2f:fc:
96:6b:d2:1f:8f:53:c4:de:4b:a8:82:5f:ef:d0:a2:
3d:dc:42:9e:8c:ca:11:d3:31:11:3a:2c:69:7b:a9:
09:7e:c3:28:b2:99:2b:8a:3e:40:c3:7a:eb:ee:72:
3d:72:d2:46:8c:9f:aa:a2:5d:30:8b:49:7c:15:6a:
64:a7:1d:02:8e:fc:9d:e6:6f:b4:78:d4:0b:73:87:
d4:2b:31:d1:a7:90:93:5c:08:b6:d9:b1:fb:40:f3:
a7:48:69:b0:a6:ff:4f:f1:31:b7:4a:67:9c:32:5b:
f7:f0:9f:85:38:61:0c:44:4c:25:2d:e0:51:2f:14:
8c:7d:76:6c:0e:f2:20:16:8e:84:72:38:5d:d7:97:
97:73:af:7d:d9:43:5b:6d:8a:b6:31:b3:2b:24:c2:
2a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:29:9A:6F:4B:5F:82:CC:8D:35:2A:7A:2D:61:8B:53:34:5C:08:20
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.74.0/24
Signature Algorithm: sha256WithRSAEncryption
47:54:59:4a:ca:94:f1:3d:09:0e:a6:8a:6a:2b:09:46:d3:51:
6e:56:97:2c:be:2a:21:5e:ae:51:fd:fb:9f:ed:22:94:3e:56:
dd:c1:6d:65:65:81:ea:33:77:92:e7:dc:9f:57:98:db:08:72:
7f:05:79:11:19:a6:12:d4:8f:aa:db:d6:b3:0d:47:5a:09:ac:
57:45:14:ce:13:48:bd:8f:e3:9a:be:0d:6c:b7:03:a2:34:25:
66:5b:2f:ad:91:57:47:ee:7c:9f:16:b1:b6:54:3f:c0:98:e8:
cc:01:14:cb:fa:6f:34:e6:8a:55:93:5d:38:7d:bb:d2:40:ca:
62:20:a1:a8:9a:4a:8b:43:6b:90:76:51:db:74:08:93:b3:31:
db:c3:7b:c5:06:91:2e:5e:13:e1:ce:c7:a1:f4:18:9b:00:80:
e7:73:af:0e:ee:1b:2c:d2:aa:aa:d1:57:7b:9d:c8:0c:92:68:
43:ec:1b:58:04:25:23:9d:3a:3f:ac:88:6c:da:9e:e5:db:bc:
c4:d5:21:73:01:0f:eb:32:9d:59:79:de:dc:50:c3:a5:ac:40:
b1:e5:38:32:c0:ee:ba:6e:ec:6c:18:bc:e5:ea:af:4b:98:20:
c7:c7:f3:49:7d:b1:5e:45:2d:15:27:50:2d:54:b6:af:02:3e:
30:46:14:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPA0vAjqo4UZ9aYBeH8eqBrOG1VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzExMjYxOTQxNThaFw0yNDExMjQxOTQ2NThaMDMxMTAvBgNV
BAMTKEFCMjk5QTZGNEI1RjgyQ0M4RDM1MkE3QTJENjE4QjUzMzQ1QzA4MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDafwjVJIeDhyJ0bMR0bfNtx5qD
66bax+92a4sD5u8bcidGVpubvZGU0Dt+1VkRN96b9WxAePWdM5Sjs8ZWv1gtSYPp
z0Cb0YsRrhoPvfh+hnnXBM6KLx1aRPnYVKfydJqKvdxquSov/JZr0h+PU8TeS6iC
X+/Qoj3cQp6MyhHTMRE6LGl7qQl+wyiymSuKPkDDeuvucj1y0kaMn6qiXTCLSXwV
amSnHQKO/J3mb7R41Atzh9QrMdGnkJNcCLbZsftA86dIabCm/0/xMbdKZ5wyW/fw
n4U4YQxETCUt4FEvFIx9dmwO8iAWjoRyOF3Xl5dzr33ZQ1ttirYxsyskwio1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqymab0tfgsyNNSp6LWGLUzRcCCAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzMTM0MzgyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBlEowDQYJKoZIhvcNAQELBQADggEBAEdUWUrKlPE9CQ6mimorCUbTUW5Wlyy+
KiFerlH9+5/tIpQ+Vt3BbWVlgeozd5Ln3J9XmNsIcn8FeREZphLUj6rb1rMNR1oJ
rFdFFM4TSL2P45q+DWy3A6I0JWZbL62RV0fufJ8WsbZUP8CY6MwBFMv6bzTmilWT
XTh9u9JAymIgoaiaSotDa5B2Udt0CJOzMdvDe8UGkS5eE+HOx6H0GJsAgOdzrw7u
GyzSqqrRV3udyAySaEPsG1gEJSOdOj+siGzanuXbvMTVIXMBD+synVl53txQw6Ws
QLHlODLA7rpu7GwYvOXqr0uYIMfH80l9sV5FLRUnUC1Utq8CPjBGFNg=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org