Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e20313336373837.roa
File: 3139332e34362e3234322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ycq+oDYvtiZkW1t7f9MOFeqh9FPurr3gOGQAuYpZ/pE=
Subject key identifier: 3A:2F:53:07:B2:7A:80:99:22:E2:87:DF:14:D3:D5:D8:CF:DA:00:F1
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3D2FB1BCAE60EA0E1CC04F5ECDE7529BDD0B3443
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:21 +0000
ROA not before: Mon 01 Apr 2024 13:58:21 +0000
ROA not after: Mon 31 Mar 2025 14:03:21 +0000
asID: 136787
IP address blocks: 193.46.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:2f:b1:bc:ae:60:ea:0e:1c:c0:4f:5e:cd:e7:52:9b:dd:0b:34:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:21 2024 GMT
Not After : Mar 31 14:03:21 2025 GMT
Subject: CN=3A2F5307B27A809922E287DF14D3D5D8CFDA00F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1f:d4:4c:e3:6c:d5:ff:e2:a0:51:a1:58:e8:
09:06:d3:d0:8a:06:40:62:41:66:ae:82:5c:1b:ce:
84:d7:d2:b3:aa:ac:cd:c6:08:bf:2a:45:14:c3:25:
b8:55:c5:c1:ad:b1:c5:ea:cc:54:95:03:bb:a9:12:
a7:ed:d0:e5:e1:e5:11:ab:4e:05:75:1a:0c:a2:5b:
73:04:60:8d:f6:86:a7:22:b7:15:14:24:dc:7e:35:
fe:d7:fc:ec:02:40:e2:44:17:34:d9:bd:f6:57:b4:
71:7b:c7:ba:75:41:92:41:c4:9e:a5:6f:f9:2a:08:
51:f3:2f:db:f3:e6:84:30:c7:d7:69:ef:5f:07:a7:
0b:a8:10:74:12:1d:e1:bd:15:aa:23:41:67:03:97:
b2:84:b6:ee:07:48:b1:3f:bc:45:2b:1c:ec:2b:33:
a5:c2:e2:4b:97:b6:1a:9d:00:92:d9:e3:54:d6:7d:
f6:9b:13:ae:8e:e9:89:cf:45:7d:ad:14:52:db:90:
57:65:95:22:fe:a2:0b:8a:85:31:70:a8:c4:1b:ae:
58:29:9a:ef:0e:fd:bc:f2:62:7f:d2:d6:56:5c:06:
a6:00:89:b5:45:72:32:fe:51:72:a3:90:f0:00:d8:
08:55:6d:74:23:f2:63:02:ed:81:fc:b8:81:a4:ad:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:53:07:B2:7A:80:99:22:E2:87:DF:14:D3:D5:D8:CF:DA:00:F1
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.242.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5c:81:08:b1:6b:82:14:f1:18:fc:31:86:d6:81:d8:97:a4:
ec:18:7e:ce:24:8c:44:0a:58:53:c3:19:85:a4:9c:6c:18:1a:
8a:51:32:7d:eb:31:fa:eb:02:f6:05:c1:17:b3:ca:55:87:63:
c9:dc:6a:7f:68:c9:91:06:4b:af:b1:79:e6:e2:5b:a5:74:b0:
40:f8:d1:71:3f:0b:cc:77:b3:9a:c1:08:af:7a:2e:66:69:0f:
78:25:95:a1:9a:6c:82:3c:d0:07:95:1f:aa:c9:7a:1d:f3:27:
8e:7c:d3:68:07:57:d6:e7:0a:2e:b2:ec:2b:f1:0e:26:5f:58:
cc:fe:a0:82:da:50:8b:47:d1:2e:c3:c6:9d:c3:47:cb:fc:22:
a1:bf:b4:c9:de:85:a9:5e:d7:17:4d:34:87:1e:ab:7f:90:28:
4c:5a:a7:4c:e9:68:19:ac:a5:b7:8b:72:65:1a:32:a0:af:2a:
57:2c:1b:19:44:a1:7b:35:72:91:07:91:f6:c0:72:59:60:e7:
50:55:6b:36:f4:bd:69:64:1d:4e:33:64:13:a5:5d:4b:e2:c5:
eb:1f:0a:b4:44:6b:b2:d7:8c:b5:9b:52:9a:15:f2:a8:87:02:
25:1a:62:7f:2f:d7:4c:86:08:62:df:fe:19:26:46:d3:d3:08:
e2:d6:e4:08
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPS+xvK5g6g4cwE9ezedSm90LNEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjFaFw0yNTAzMzExNDAzMjFaMDMxMTAvBgNV
BAMTKDNBMkY1MzA3QjI3QTgwOTkyMkUyODdERjE0RDNENUQ4Q0ZEQTAwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5H9RM42zV/+KgUaFY6AkG09CK
BkBiQWauglwbzoTX0rOqrM3GCL8qRRTDJbhVxcGtscXqzFSVA7upEqft0OXh5RGr
TgV1GgyiW3MEYI32hqcitxUUJNx+Nf7X/OwCQOJEFzTZvfZXtHF7x7p1QZJBxJ6l
b/kqCFHzL9vz5oQwx9dp718HpwuoEHQSHeG9FaojQWcDl7KEtu4HSLE/vEUrHOwr
M6XC4kuXthqdAJLZ41TWffabE66O6YnPRX2tFFLbkFdllSL+oguKhTFwqMQbrlgp
mu8O/bzyYn/S1lZcBqYAibVFcjL+UXKjkPAA2AhVbXQj8mMC7YH8uIGkrdIRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOi9TB7J6gJki4offFNPV2M/aAPEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzNDM2MmUzMjM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBLvIwDQYJKoZIhvcNAQELBQADggEBADdcgQixa4IU8Rj8MYbWgdiXpOwYfs4k
jEQKWFPDGYWknGwYGopRMn3rMfrrAvYFwRezylWHY8ncan9oyZEGS6+xeebiW6V0
sED40XE/C8x3s5rBCK96LmZpD3gllaGabII80AeVH6rJeh3zJ45802gHV9bnCi6y
7CvxDiZfWMz+oILaUItH0S7Dxp3DR8v8IqG/tMnehale1xdNNIceq3+QKExap0zp
aBmspbeLcmUaMqCvKlcsGxlEoXs1cpEHkfbAcllg51BVazb0vWlkHU4zZBOlXUvi
xesfCrREa7LXjLWbUpoV8qiHAiUaYn8v10yGCGLf/hkmRtPTCOLW5Ag=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:27 2024 by rpki-client on console-fra.rpki-client.org