Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3131312e302f32342d3234203d3e20313336373837.roa
File: 3139342e31352e3131312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: YuB0iXKNl5xnfRZeL3m61Xh/LZRFCEkWUhUhVH1EOHs=
Subject key identifier: 8F:B4:65:1F:F2:B1:54:C7:C0:F1:4E:43:FF:7E:C5:E3:D4:20:A2:59
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 33F8F980C3FD8EFAB580E87A2461C3044EFAA006
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3131312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:20 +0000
ROA not before: Mon 01 Apr 2024 13:58:20 +0000
ROA not after: Mon 31 Mar 2025 14:03:20 +0000
asID: 136787
IP address blocks: 194.15.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f8:f9:80:c3:fd:8e:fa:b5:80:e8:7a:24:61:c3:04:4e:fa:a0:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:20 2024 GMT
Not After : Mar 31 14:03:20 2025 GMT
Subject: CN=8FB4651FF2B154C7C0F14E43FF7EC5E3D420A259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:e2:fe:5b:f7:40:cf:d8:a3:4d:dc:8f:f9:
a8:8a:bd:bb:bd:2c:cb:d0:13:f6:77:85:fa:58:85:
31:60:dc:6e:c8:7e:8a:99:b2:28:b6:99:2a:36:5b:
ca:5d:eb:b8:c1:4d:c3:8d:a2:6e:13:b0:54:56:80:
f3:71:cf:e6:0d:8b:8a:e1:85:a6:55:ca:e0:d8:cb:
5d:70:86:b9:27:40:15:58:13:da:7d:c5:c2:d7:29:
d2:1e:31:35:27:a4:e5:31:33:3c:da:3c:b7:1a:54:
5d:59:9d:21:fb:f4:62:9d:40:4b:51:f7:6c:37:e1:
08:46:e3:ad:1b:2b:f3:f9:d8:8d:88:21:5c:f5:a1:
09:6a:9f:5d:e7:a2:41:88:71:d8:9d:eb:07:45:b9:
60:2e:a9:71:8a:4f:12:ad:3d:35:40:25:2a:04:82:
ec:23:0c:c5:29:12:ba:10:72:6f:b7:b0:9c:90:37:
17:d6:f1:54:ad:82:fd:b8:62:a8:8d:04:7c:67:45:
ca:80:e0:a5:96:14:98:77:2f:fc:be:b9:4f:85:8c:
01:ed:58:a9:4d:2d:4f:ce:5d:08:8f:8d:ea:df:2b:
13:ca:17:34:8c:5f:c1:78:d5:56:4e:5f:cc:fb:c4:
2d:4c:89:59:7f:0a:77:ce:74:58:ab:41:e0:0e:3a:
4b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B4:65:1F:F2:B1:54:C7:C0:F1:4E:43:FF:7E:C5:E3:D4:20:A2:59
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3131312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.111.0/24
Signature Algorithm: sha256WithRSAEncryption
63:2c:71:ac:dc:5b:64:5e:4c:0b:c3:83:93:f1:36:df:53:e4:
2d:bb:55:8d:8b:fe:7c:be:5c:14:43:3c:8a:01:b7:73:23:24:
36:b8:06:e1:a0:59:6d:e8:74:18:fa:b3:18:85:2d:89:a4:23:
d9:57:79:56:90:f6:3b:5c:8e:ee:fd:02:21:90:65:79:ee:55:
db:37:b8:5f:8f:83:41:74:f6:f4:9b:6a:97:6b:43:d8:87:fe:
e3:4c:58:e5:83:57:bb:68:f3:40:ef:b3:cf:8e:0b:f1:9d:01:
9c:1b:01:cf:ac:12:be:39:ea:2e:3b:17:4a:ee:80:c9:e0:c1:
c5:c6:67:81:38:4f:87:4d:f0:46:b1:00:51:52:aa:c7:cc:c0:
97:dd:8c:06:34:d3:f0:61:ee:8f:a5:85:4f:fa:03:5c:6f:7d:
8c:2c:4e:71:2e:dd:52:18:5d:f2:5e:26:48:cf:64:95:d5:bf:
a3:56:53:04:ea:d0:21:ba:c6:79:64:26:09:cb:73:33:85:fd:
77:c8:ff:9d:2b:3a:9a:15:28:70:47:e5:14:33:e0:63:7c:1e:
7d:f5:bf:b2:d0:5e:6e:4f:6e:f7:56:47:53:a0:27:8f:85:06:
26:ab:fb:fa:4f:30:c1:d1:b5:88:e6:05:99:ef:b1:81:1e:bb:
f5:ff:e8:85
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM/j5gMP9jvq1gOh6JGHDBE76oAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjBaFw0yNTAzMzExNDAzMjBaMDMxMTAvBgNV
BAMTKDhGQjQ2NTFGRjJCMTU0QzdDMEYxNEU0M0ZGN0VDNUUzRDQyMEEyNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIkuL+W/dAz9ijTdyP+aiKvbu9
LMvQE/Z3hfpYhTFg3G7IfoqZsii2mSo2W8pd67jBTcONom4TsFRWgPNxz+YNi4rh
haZVyuDYy11whrknQBVYE9p9xcLXKdIeMTUnpOUxMzzaPLcaVF1ZnSH79GKdQEtR
92w34QhG460bK/P52I2IIVz1oQlqn13nokGIcdid6wdFuWAuqXGKTxKtPTVAJSoE
guwjDMUpEroQcm+3sJyQNxfW8VStgv24YqiNBHxnRcqA4KWWFJh3L/y+uU+FjAHt
WKlNLU/OXQiPjerfKxPKFzSMX8F41VZOX8z7xC1MiVl/CnfOdFirQeAOOkvhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUj7RlH/KxVMfA8U5D/37F49QgolkwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM1MmUzMTMx
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCD28wDQYJKoZIhvcNAQELBQADggEBAGMscazcW2ReTAvDg5PxNt9T5C27VY2L
/ny+XBRDPIoBt3MjJDa4BuGgWW3odBj6sxiFLYmkI9lXeVaQ9jtcju79AiGQZXnu
Vds3uF+Pg0F09vSbapdrQ9iH/uNMWOWDV7to80Dvs8+OC/GdAZwbAc+sEr456i47
F0rugMngwcXGZ4E4T4dN8EaxAFFSqsfMwJfdjAY00/Bh7o+lhU/6A1xvfYwsTnEu
3VIYXfJeJkjPZJXVv6NWUwTq0CG6xnlkJgnLczOF/XfI/50rOpoVKHBH5RQz4GN8
Hn31v7LQXm5PbvdWR1OgJ4+FBiar+/pPMMHRtYjmBZnvsYEeu/X/6IU=
-----END CERTIFICATE-----
Generated at Wed May 8 00:13:15 2024 by rpki-client on console-fra.rpki-client.org