Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137362e302f32342d3332203d3e203531313637.roa
File: 3139342e3138302e3137362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 2RzMNvT0W5MF2Y77ehMED6Kf+cyjxTmUb4upNzY+HK8=
Subject key identifier: 45:3B:C5:57:E4:B8:36:DF:68:6D:E8:27:37:1A:2C:53:42:D1:68:7E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4317BFA429C29240E8209968401A03EAC2F6C2F5
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137362e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:49 +0000
ROA not before: Mon 26 Feb 2024 08:48:49 +0000
ROA not after: Mon 24 Feb 2025 08:53:49 +0000
asID: 51167
IP address blocks: 194.180.176.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:17:bf:a4:29:c2:92:40:e8:20:99:68:40:1a:03:ea:c2:f6:c2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:49 2024 GMT
Not After : Feb 24 08:53:49 2025 GMT
Subject: CN=453BC557E4B836DF686DE827371A2C5342D1687E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:97:c8:64:b4:3c:47:50:ba:75:c0:f6:73:f9:
9f:54:9a:9a:e8:48:ce:01:25:28:84:9f:07:e4:14:
ea:2d:56:70:80:34:5f:5a:47:c9:ea:30:90:31:13:
a1:2b:e7:a8:33:50:4d:e2:13:69:0e:ae:92:17:c4:
56:be:6a:1d:ca:c6:77:f5:b7:d1:77:62:24:a0:61:
71:5e:ad:25:09:41:fa:9b:fe:59:3b:ec:5e:ae:a8:
08:9e:8e:ce:b8:b5:65:f8:80:b8:e2:95:1e:a7:da:
a1:07:ee:12:21:a7:9f:df:e8:2a:64:52:48:f1:a8:
e2:af:dd:68:cf:66:13:39:c7:f5:b7:a7:2e:e1:76:
50:76:d9:87:94:8e:af:49:30:2a:91:32:26:71:fb:
a0:d2:00:77:43:33:92:ba:3b:2a:e5:33:57:4a:68:
0e:51:93:21:61:ec:5d:9b:40:25:44:c1:00:8b:17:
e1:84:4e:85:2f:b2:e2:8a:c7:db:60:e0:02:9b:07:
e5:63:97:f7:c0:1d:a8:0d:6d:c8:5d:96:09:d0:a4:
2e:48:4a:ff:a1:ce:b9:9d:8a:e7:e8:2a:56:0b:9a:
73:85:5b:dc:13:53:11:0b:ab:a9:fd:b7:57:e1:34:
85:fe:02:5f:58:d5:d2:2c:85:c8:a9:9e:a3:55:f9:
f5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3B:C5:57:E4:B8:36:DF:68:6D:E8:27:37:1A:2C:53:42:D1:68:7E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ed:55:c9:83:7f:45:d2:42:98:7f:58:12:8d:42:89:b3:77:
29:04:e1:8e:f0:ca:7d:a9:bf:f0:8c:e4:f6:7e:a4:63:68:81:
ad:6b:56:3f:ef:99:b9:ea:06:a4:56:bb:5c:0d:71:37:86:9f:
13:3a:dc:cd:55:0a:9c:42:02:f6:3d:12:19:7e:58:7d:b1:52:
31:fc:4b:e2:c0:cb:a3:f5:56:4d:05:64:1b:a1:fb:f7:e0:d1:
18:e2:9e:75:2a:a8:95:7e:dd:07:73:04:d2:34:4d:09:01:01:
50:14:1a:d9:94:c6:fc:15:ea:4e:1c:23:c0:ad:52:48:66:41:
bc:8e:be:17:e1:40:7a:70:02:5a:61:51:a6:da:31:8e:63:a6:
48:62:5c:81:4d:f6:78:bd:d4:b1:49:db:f5:97:2d:f1:b0:21:
8a:2d:d0:95:ce:5e:c2:53:64:53:68:61:81:3e:94:c5:dc:9f:
b4:d0:12:59:29:12:0f:4e:fa:44:e4:2b:a3:8a:1c:ae:63:48:
5b:36:ff:fe:75:f6:07:16:e8:14:bc:58:34:4b:93:f6:30:5d:
de:0a:dd:e2:ec:3a:cd:4e:bb:62:30:16:79:e2:b3:a5:40:11:
44:7e:5c:92:8d:d7:27:46:37:4a:28:5e:8f:aa:3a:ea:51:98:
56:03:f9:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQxe/pCnCkkDoIJloQBoD6sL2wvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NDlaFw0yNTAyMjQwODUzNDlaMDMxMTAvBgNV
BAMTKDQ1M0JDNTU3RTRCODM2REY2ODZERTgyNzM3MUEyQzUzNDJEMTY4N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCol8hktDxHULp1wPZz+Z9Umpro
SM4BJSiEnwfkFOotVnCANF9aR8nqMJAxE6Er56gzUE3iE2kOrpIXxFa+ah3Kxnf1
t9F3YiSgYXFerSUJQfqb/lk77F6uqAiejs64tWX4gLjilR6n2qEH7hIhp5/f6Cpk
UkjxqOKv3WjPZhM5x/W3py7hdlB22YeUjq9JMCqRMiZx+6DSAHdDM5K6OyrlM1dK
aA5RkyFh7F2bQCVEwQCLF+GEToUvsuKKx9tg4AKbB+Vjl/fAHagNbchdlgnQpC5I
Sv+hzrmdiufoKlYLmnOFW9wTUxELq6n9t1fhNIX+Al9Y1dIshcipnqNV+fV9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURTvFV+S4Nt9obegnNxosU0LRaH4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM4MzAyZTMx
MzczNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCtLAwDQYJKoZIhvcNAQELBQADggEBAEztVcmDf0XSQph/WBKNQomzdykE4Y7w
yn2pv/CM5PZ+pGNoga1rVj/vmbnqBqRWu1wNcTeGnxM63M1VCpxCAvY9Ehl+WH2x
UjH8S+LAy6P1Vk0FZBuh+/fg0RjinnUqqJV+3QdzBNI0TQkBAVAUGtmUxvwV6k4c
I8CtUkhmQbyOvhfhQHpwAlphUabaMY5jpkhiXIFN9ni91LFJ2/WXLfGwIYot0JXO
XsJTZFNoYYE+lMXcn7TQElkpEg9O+kTkK6OKHK5jSFs2//519gcW6BS8WDRLk/Yw
Xd4K3eLsOs1Ou2IwFnnis6VAEUR+XJKN1ydGN0ooXo+qOupRmFYD+Sk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org