Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3131302e3139332e302f32342d3234203d3e20323034313730.roa
File: 3139342e3131302e3139332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: NDSZBEgz0q+3C64uToaf5pbyfijbPzu+tdIt6TXflDA=
Subject key identifier: B7:2C:4C:70:1C:8B:3A:34:66:9F:3A:E0:A4:83:1A:74:2D:D1:9C:11
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 7D3757AB1A48E5D39FBB2F05506F3EAB6C3430B9
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3131302e3139332e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:32 +0000
ROA not before: Tue 25 Jun 2024 21:42:32 +0000
ROA not after: Tue 24 Jun 2025 21:47:32 +0000
asID: 204170
IP address blocks: 194.110.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:37:57:ab:1a:48:e5:d3:9f:bb:2f:05:50:6f:3e:ab:6c:34:30:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 25 21:42:32 2024 GMT
Not After : Jun 24 21:47:32 2025 GMT
Subject: CN=B72C4C701C8B3A34669F3AE0A4831A742DD19C11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:be:c0:81:e8:6e:7c:8f:d0:e6:49:d2:9e:
0b:29:93:c9:f3:00:e5:12:a4:9d:df:02:d9:f1:82:
12:5d:54:3b:2d:85:5e:3e:60:09:c7:e7:13:de:37:
94:d9:44:e2:ea:70:9c:22:5c:46:32:7e:79:a1:40:
7f:18:ed:14:e5:11:15:59:53:d0:4b:c0:c3:7f:80:
01:c6:78:f5:87:ee:71:3b:12:84:18:b1:98:7a:ed:
3e:9a:86:ac:73:50:cf:a0:dc:2d:f1:dd:d3:2a:b5:
c0:1f:ab:de:c5:9d:dc:c3:5f:c2:6b:d2:84:0e:6a:
37:33:e4:b9:94:ec:86:ca:14:78:6e:eb:c3:a9:5d:
e3:1a:aa:6b:de:6d:ad:aa:c7:ac:e3:65:72:eb:fb:
3c:c9:c5:c9:5c:5b:9c:0f:44:4b:fc:be:4b:e6:60:
c7:64:1a:40:5e:f2:24:dd:5e:de:70:b9:4c:1f:17:
f9:52:c8:2b:ec:bf:88:76:1e:2e:42:1d:21:13:12:
d0:bb:7b:f9:7e:95:33:56:35:dc:2f:5b:a4:53:88:
f4:90:cb:57:95:12:34:61:62:19:e2:20:5e:96:2b:
ee:d8:33:f5:55:d4:cc:24:2d:f6:84:5d:56:dc:e6:
32:dd:a0:b9:45:a2:e0:78:56:ac:ed:46:e5:15:d4:
f8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2C:4C:70:1C:8B:3A:34:66:9F:3A:E0:A4:83:1A:74:2D:D1:9C:11
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3131302e3139332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.193.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:2c:b9:a8:7b:9c:20:b0:7e:29:93:3e:b6:45:73:2c:f5:e3:
cc:df:f1:7c:c4:82:48:41:df:ab:76:f4:fd:4c:05:b0:c4:c9:
e1:82:b9:2d:60:5f:38:dd:be:f6:42:89:7b:0e:e2:78:4b:f0:
6a:42:c5:55:c9:41:a0:cb:76:4f:16:42:97:38:6b:22:27:2e:
d2:9b:22:11:21:28:f4:0a:9e:48:f1:33:2c:32:03:8a:ec:b3:
25:fa:ed:e6:04:8b:27:66:85:47:ce:57:31:fa:e2:74:9f:2e:
19:86:1f:a4:c8:ed:c3:f0:c2:b9:0f:65:34:5e:e4:99:b8:91:
ad:c9:c7:c3:9a:0e:53:d4:6f:14:ae:95:e4:5d:91:10:b2:5b:
5e:74:57:21:dc:d5:3e:21:ca:ab:43:55:43:f3:4f:b0:4c:2e:
f9:45:5e:4a:50:de:c7:a5:a5:fc:18:0a:8d:9b:ee:4a:ef:e4:
fc:66:c3:ca:d2:c2:1b:23:34:08:c0:5f:14:bd:7b:85:26:c2:
e7:9e:ae:8c:b3:ac:12:0f:a1:8f:85:59:ae:48:d7:ee:52:58:
bc:e5:f4:78:64:f6:7e:c5:df:3d:2c:a8:bd:26:04:bd:2e:17:
34:5b:79:bd:e3:34:5e:cc:3f:5f:c9:fb:47:8b:5f:c4:42:eb:
90:aa:ba:3f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfTdXqxpI5dOfuy8FUG8+q2w0MLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MjUyMTQyMzJaFw0yNTA2MjQyMTQ3MzJaMDMxMTAvBgNV
BAMTKEI3MkM0QzcwMUM4QjNBMzQ2NjlGM0FFMEE0ODMxQTc0MkREMTlDMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0gb7AgehufI/Q5knSngspk8nz
AOUSpJ3fAtnxghJdVDsthV4+YAnH5xPeN5TZROLqcJwiXEYyfnmhQH8Y7RTlERVZ
U9BLwMN/gAHGePWH7nE7EoQYsZh67T6ahqxzUM+g3C3x3dMqtcAfq97FndzDX8Jr
0oQOajcz5LmU7IbKFHhu68OpXeMaqmveba2qx6zjZXLr+zzJxclcW5wPREv8vkvm
YMdkGkBe8iTdXt5wuUwfF/lSyCvsv4h2Hi5CHSETEtC7e/l+lTNWNdwvW6RTiPSQ
y1eVEjRhYhniIF6WK+7YM/VV1MwkLfaEXVbc5jLdoLlFouB4VqztRuUV1PjvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtyxMcByLOjRmnzrgpIMadC3RnBEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTMxMzAyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJuwTANBgkqhkiG9w0BAQsFAAOCAQEAaiy5qHucILB+KZM+tkVzLPXjzN/x
fMSCSEHfq3b0/UwFsMTJ4YK5LWBfON2+9kKJew7ieEvwakLFVclBoMt2TxZClzhr
Iicu0psiESEo9AqeSPEzLDIDiuyzJfrt5gSLJ2aFR85XMfridJ8uGYYfpMjtw/DC
uQ9lNF7kmbiRrcnHw5oOU9RvFK6V5F2RELJbXnRXIdzVPiHKq0NVQ/NPsEwu+UVe
SlDex6Wl/BgKjZvuSu/k/GbDytLCGyM0CMBfFL17hSbC556ujLOsEg+hj4VZrkjX
7lJYvOX0eGT2fsXfPSyovSYEvS4XNFt5veM0Xsw/X8n7R4tfxELrkKq6Pw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:35 2024 by rpki-client on console-fra.rpki-client.org