Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134392e32352e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134392e32352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Rdn65Obe1j8XRQ6CpE2P+IGjDcacp6ngtMCxQWeZLOs=
Subject key identifier: DD:28:DC:63:6D:C9:E9:A3:B8:21:57:68:36:99:19:5B:D2:72:47:ED
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 691436F04E4633642D34F8658D551C74909840EB
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134392e32352e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:06 +0000
ROA not before: Tue 13 Feb 2024 12:49:06 +0000
ROA not after: Tue 11 Feb 2025 12:54:06 +0000
asID: 136787
IP address blocks: 193.149.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:14:36:f0:4e:46:33:64:2d:34:f8:65:8d:55:1c:74:90:98:40:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:06 2024 GMT
Not After : Feb 11 12:54:06 2025 GMT
Subject: CN=DD28DC636DC9E9A3B82157683699195BD27247ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:41:07:ff:5b:1e:c2:32:0b:b9:11:0e:8e:ee:
74:98:bd:2f:5c:15:0f:fe:94:a2:c9:ae:49:e4:90:
61:e0:a8:40:08:f2:a8:25:1c:4d:61:95:1c:a7:35:
ab:e6:0e:37:cd:4c:2c:ab:fd:b4:27:8b:28:26:1a:
af:36:1c:b7:b8:92:23:a4:9b:49:22:37:9c:bc:96:
31:ec:70:06:b8:05:04:e5:aa:a4:8b:c4:f8:19:c6:
e4:00:44:88:31:65:cc:ec:6c:b4:30:a0:41:19:b8:
26:6c:33:70:34:1c:66:84:f4:c9:d4:e7:14:70:a7:
a3:ed:5e:08:a5:9d:6f:f2:5b:6a:a0:88:09:54:a8:
8b:8e:7e:26:a7:3a:91:86:71:44:a7:7c:f3:72:50:
1c:fe:9f:35:5c:40:0b:f0:0e:7b:7f:ae:aa:77:a9:
69:85:28:31:50:4b:99:47:db:8d:17:d4:78:f8:ed:
60:05:27:36:9f:c8:65:23:a6:2f:33:f3:44:b5:17:
5e:f4:ca:83:73:e1:fb:95:dd:e8:15:df:b2:60:db:
20:14:e3:4f:71:ca:85:62:5e:e5:86:3f:65:4b:04:
49:d8:57:b1:6c:ba:c4:85:aa:f1:82:54:3a:51:99:
d1:ac:d4:4c:66:39:d8:2a:82:88:f2:7b:de:1a:1e:
e7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:28:DC:63:6D:C9:E9:A3:B8:21:57:68:36:99:19:5B:D2:72:47:ED
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134392e32352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.25.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a0:3e:ce:04:67:f0:47:46:2c:61:86:01:d9:52:a4:be:70:
7f:29:bf:4f:96:da:3c:ab:c3:75:f6:d0:9f:70:78:59:d9:6e:
c3:c0:b6:4e:be:56:de:bf:0a:bd:5d:28:ac:05:5c:1a:df:77:
e5:cb:40:46:61:0e:e9:83:30:69:49:46:c5:9c:68:88:fb:46:
99:a3:93:e9:49:d0:33:5f:e6:d4:5e:68:d3:1c:01:da:b7:6c:
94:a1:74:46:9a:2a:40:3d:b0:94:9a:70:c6:92:4d:76:b5:6f:
17:d1:e1:1b:a1:17:c7:cc:5f:1e:3e:f0:0e:25:9f:2f:29:fc:
b3:9f:ba:d5:c1:8b:c2:80:47:21:ce:64:31:e0:63:1e:c1:ff:
d3:d5:0d:17:9d:4b:7e:f4:09:7e:fc:81:37:95:8e:34:66:d5:
37:3a:c5:c3:0c:31:06:6a:11:3d:97:69:e9:44:4b:0a:6b:31:
f6:1d:cf:f5:5c:32:4f:58:c3:f9:ab:8c:ef:ad:47:82:fb:c2:
d4:8c:ca:9c:55:7e:62:6a:7b:8e:15:5f:f5:f9:50:b3:ed:45:
e6:7a:1f:e1:22:9b:12:04:74:78:4c:3c:ac:e7:7e:47:2a:e1:
96:35:90:bf:2a:a0:34:13:88:40:92:4a:d7:d9:a8:29:d5:9b:
ea:ff:16:e3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaRQ28E5GM2QtNPhljVUcdJCYQOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MDZaFw0yNTAyMTExMjU0MDZaMDMxMTAvBgNV
BAMTKEREMjhEQzYzNkRDOUU5QTNCODIxNTc2ODM2OTkxOTVCRDI3MjQ3RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClQQf/Wx7CMgu5EQ6O7nSYvS9c
FQ/+lKLJrknkkGHgqEAI8qglHE1hlRynNavmDjfNTCyr/bQniygmGq82HLe4kiOk
m0kiN5y8ljHscAa4BQTlqqSLxPgZxuQARIgxZczsbLQwoEEZuCZsM3A0HGaE9MnU
5xRwp6PtXgilnW/yW2qgiAlUqIuOfianOpGGcUSnfPNyUBz+nzVcQAvwDnt/rqp3
qWmFKDFQS5lH240X1Hj47WAFJzafyGUjpi8z80S1F170yoNz4fuV3egV37Jg2yAU
409xyoViXuWGP2VLBEnYV7FsusSFqvGCVDpRmdGs1ExmOdgqgojye94aHuezAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3SjcY23J6aO4IVdoNpkZW9JyR+0wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzMTM0MzkyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBlRkwDQYJKoZIhvcNAQELBQADggEBAJugPs4EZ/BHRixhhgHZUqS+cH8pv0+W
2jyrw3X20J9weFnZbsPAtk6+Vt6/Cr1dKKwFXBrfd+XLQEZhDumDMGlJRsWcaIj7
Rpmjk+lJ0DNf5tReaNMcAdq3bJShdEaaKkA9sJSacMaSTXa1bxfR4RuhF8fMXx4+
8A4lny8p/LOfutXBi8KARyHOZDHgYx7B/9PVDRedS370CX78gTeVjjRm1Tc6xcMM
MQZqET2XaelESwprMfYdz/VcMk9Yw/mrjO+tR4L7wtSMypxVfmJqe44VX/X5ULPt
ReZ6H+EimxIEdHhMPKznfkcq4ZY1kL8qoDQTiECSStfZqCnVm+r/FuM=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org