Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234302e302f32342d3234203d3e20313336373837.roa
File: 3139332e34362e3234302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FqDLszzrPsORM6RajiXrkIKZLInE00dqsNCMAFyYlMo=
Subject key identifier: CC:BA:23:DD:5A:8E:B3:5A:9E:91:E8:81:9F:86:53:BB:F9:BB:E4:25
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 0E28A3D460C7551BB2C0D7277CB83E876543A08B
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:40 +0000
ROA not before: Sun 12 May 2024 10:58:40 +0000
ROA not after: Sun 11 May 2025 11:03:40 +0000
asID: 136787
IP address blocks: 193.46.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:28:a3:d4:60:c7:55:1b:b2:c0:d7:27:7c:b8:3e:87:65:43:a0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: May 12 10:58:40 2024 GMT
Not After : May 11 11:03:40 2025 GMT
Subject: CN=CCBA23DD5A8EB35A9E91E8819F8653BBF9BBE425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6b:43:66:67:cd:6d:e3:c4:0d:3d:70:4e:39:
ed:0a:f0:c8:dc:57:a2:3e:51:31:46:45:57:83:dd:
67:a0:13:ae:1f:45:4b:2a:43:aa:b7:91:83:0a:13:
74:c0:d6:cb:d5:86:a9:b4:28:22:cf:79:00:9f:b7:
c5:fc:c8:08:9c:58:f7:e7:b1:7c:65:b2:85:e5:83:
18:17:8c:3e:36:58:57:e2:88:01:fd:31:6b:2c:f6:
ce:1a:66:65:c4:18:8c:d9:7b:07:ea:e3:15:80:3a:
f6:a3:4f:34:7a:aa:fc:2d:a8:f4:51:f5:df:72:68:
f7:6f:4a:5d:32:7d:d1:99:9a:f0:84:6b:63:f1:3f:
dc:33:76:96:63:99:91:eb:7c:1f:5c:b2:5f:44:cc:
23:13:f7:3b:bf:b0:37:c5:37:f8:e0:33:3a:c6:26:
58:98:de:67:9f:9b:2d:f1:f7:6b:a8:bb:81:9b:17:
b0:8b:ad:df:51:5b:95:76:5d:2a:ac:bb:88:c0:1f:
6c:ef:ab:ca:4c:73:a3:6e:fb:38:d5:d6:2b:7a:f7:
0f:14:c1:71:c1:bb:25:74:38:b9:85:60:c3:a1:48:
d6:91:37:15:f8:43:35:1b:f4:75:9d:c1:20:cb:6e:
29:e6:f2:4e:2d:87:db:66:70:cb:c0:e2:dd:23:97:
11:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BA:23:DD:5A:8E:B3:5A:9E:91:E8:81:9F:86:53:BB:F9:BB:E4:25
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.240.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:7f:12:8e:05:ab:0e:e3:a5:5a:f6:10:e6:94:c1:6b:3b:13:
8d:45:23:f7:0d:c3:06:f3:6e:50:dc:51:41:45:44:a7:61:ec:
66:12:44:9b:04:a7:b7:39:fb:de:a1:8e:fe:5d:13:72:bc:b6:
e5:c3:c2:c2:b1:ef:ab:26:9f:5b:dd:2d:3d:fc:d2:31:cd:7b:
e8:b3:73:de:13:ef:90:ed:f4:82:d8:64:b5:46:04:fd:b2:02:
68:c4:fe:6b:9c:d2:47:be:a2:15:84:97:f0:19:91:fe:ec:e3:
b2:37:6d:55:77:9a:c1:34:ed:11:57:7c:8d:e6:ad:e5:25:52:
4e:15:b1:5a:7a:c2:a8:20:7d:6a:fa:b1:0f:16:79:c6:53:37:
11:3c:0b:3d:01:97:2f:65:7e:8e:76:9c:f8:5d:87:a4:8f:a4:
c9:91:de:37:86:73:d2:d4:5e:b1:5c:bd:b7:f3:a9:98:5e:93:
44:51:71:a9:ed:83:2a:fc:97:59:39:93:cd:22:ae:4c:bc:ea:
2b:d5:7c:73:32:9d:5b:57:1d:ff:a5:d2:1b:4b:07:c9:45:0c:
39:77:eb:37:05:93:77:5f:cf:ed:2f:f2:9b:29:43:a0:23:2c:
52:eb:a9:f6:85:a1:72:84:b1:81:d4:68:fe:21:4d:ca:6b:3e:
e7:ea:0a:fd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDiij1GDHVRuywNcnfLg+h2VDoIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA1MTIxMDU4NDBaFw0yNTA1MTExMTAzNDBaMDMxMTAvBgNV
BAMTKENDQkEyM0RENUE4RUIzNUE5RTkxRTg4MTlGODY1M0JCRjlCQkU0MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEa0NmZ81t48QNPXBOOe0K8Mjc
V6I+UTFGRVeD3WegE64fRUsqQ6q3kYMKE3TA1svVhqm0KCLPeQCft8X8yAicWPfn
sXxlsoXlgxgXjD42WFfiiAH9MWss9s4aZmXEGIzZewfq4xWAOvajTzR6qvwtqPRR
9d9yaPdvSl0yfdGZmvCEa2PxP9wzdpZjmZHrfB9csl9EzCMT9zu/sDfFN/jgMzrG
JliY3mefmy3x92uou4GbF7CLrd9RW5V2XSqsu4jAH2zvq8pMc6Nu+zjV1it69w8U
wXHBuyV0OLmFYMOhSNaRNxX4QzUb9HWdwSDLbinm8k4th9tmcMvA4t0jlxG9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzLoj3VqOs1qekeiBn4ZTu/m75CUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzNDM2MmUzMjM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBLvAwDQYJKoZIhvcNAQELBQADggEBAFx/Eo4Fqw7jpVr2EOaUwWs7E41FI/cN
wwbzblDcUUFFRKdh7GYSRJsEp7c5+96hjv5dE3K8tuXDwsKx76smn1vdLT380jHN
e+izc94T75Dt9ILYZLVGBP2yAmjE/muc0ke+ohWEl/AZkf7s47I3bVV3msE07RFX
fI3mreUlUk4VsVp6wqggfWr6sQ8WecZTNxE8Cz0Bly9lfo52nPhdh6SPpMmR3jeG
c9LUXrFcvbfzqZhek0RRcantgyr8l1k5k80irky86ivVfHMynVtXHf+l0htLB8lF
DDl36zcFk3dfz+0v8pspQ6AjLFLrqfaFoXKEsYHUaP4hTcprPufqCv0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org