Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 18YZ7lurCxeWoVxhocWl2HZLEwJo2fVbJx0hPEuoP2w=
Subject key identifier: 18:CB:CC:6E:FB:10:75:D2:09:B3:A8:54:0A:A0:07:E1:F7:54:B6:9C
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 70F3E981703F61F1045B2939D9E98056A21AB1AC
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:46:52 +0000
ROA not before: Sun 26 Nov 2023 19:41:52 +0000
ROA not after: Sun 24 Nov 2024 19:46:52 +0000
asID: 136787
IP address blocks: 194.180.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f3:e9:81:70:3f:61:f1:04:5b:29:39:d9:e9:80:56:a2:1a:b1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Nov 26 19:41:52 2023 GMT
Not After : Nov 24 19:46:52 2024 GMT
Subject: CN=18CBCC6EFB1075D209B3A8540AA007E1F754B69C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:70:8f:97:1d:26:3f:74:36:e2:a2:6f:17:a0:
e3:fe:16:ca:fe:b6:7c:0b:de:ee:90:75:21:ba:b3:
94:e9:47:30:d1:6c:bf:11:86:0e:0b:9e:68:8e:07:
44:c6:50:93:87:69:98:91:b8:1e:11:3a:0a:6f:0c:
79:95:0e:bf:93:63:80:49:d5:54:3a:1d:30:27:36:
57:fb:82:0d:f7:be:91:02:4b:01:08:c4:7d:97:e7:
5e:aa:3e:df:a7:f2:ac:6f:86:5c:3a:69:62:80:28:
92:7f:e8:cc:a8:19:b7:38:54:88:ad:42:95:97:45:
83:e6:b8:4f:a8:f8:7d:24:8e:77:4b:ae:92:78:58:
67:ef:c3:c1:7b:d9:12:07:52:1e:61:90:a5:ce:d4:
79:d9:ed:17:58:56:93:cf:93:a4:ab:e0:ea:29:66:
81:fd:35:97:12:bf:a3:16:20:73:09:92:d8:52:6c:
c6:2d:90:8a:21:8f:2d:6e:4d:62:39:5b:cc:03:29:
71:ef:22:0c:d9:72:1f:ac:ce:d6:8e:d0:6c:fc:54:
72:74:88:ef:9f:3f:bd:8f:d5:d6:90:de:3c:97:4a:
76:7c:52:93:0c:ba:ed:a1:3c:6f:1b:cf:af:ae:7a:
34:07:8b:2e:b4:2c:a5:ec:ba:12:93:ec:8d:06:de:
0a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CB:CC:6E:FB:10:75:D2:09:B3:A8:54:0A:A0:07:E1:F7:54:B6:9C
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.178.0/24
Signature Algorithm: sha256WithRSAEncryption
36:c5:36:7b:eb:36:79:f6:21:40:4e:d8:64:97:9d:9b:7a:a2:
06:9f:fe:88:e4:bf:cc:56:8f:2c:ef:86:9b:5f:ef:06:2b:bd:
21:d1:c7:65:a0:67:66:d5:2a:34:b9:c5:62:00:53:33:00:39:
0d:e6:c9:fb:ff:af:94:25:7d:23:10:26:0a:03:35:4a:de:ae:
ce:bc:f2:98:8a:19:42:c6:5b:f5:f8:67:38:ab:ec:cc:fc:e9:
5d:8a:b7:ae:ef:de:24:dc:58:8e:66:b3:cb:24:2a:a5:47:f6:
88:de:9e:36:5d:4d:f7:a8:8c:9a:37:0c:17:b5:54:cb:20:ac:
34:98:a9:a1:a9:d4:76:d9:3b:6e:8f:37:d9:39:62:e7:c8:6f:
1b:23:1e:9d:51:33:a1:77:61:2a:86:11:b1:97:4e:1d:97:0f:
6b:10:75:96:c1:48:eb:c7:9d:b4:b3:83:d7:0e:b2:08:d2:c1:
c9:05:d1:58:46:81:a1:b0:03:97:3e:51:9d:49:0a:40:a4:33:
42:1d:f3:60:c3:33:7c:32:87:47:ac:9a:7b:bd:3e:25:a1:78:
5a:96:24:9b:4c:95:ba:19:2d:84:c7:03:70:12:f5:d0:91:a6:
e4:55:6e:3d:9a:0d:6f:a2:b5:36:c2:12:ab:c2:73:99:0c:4e:
6d:45:b1:d2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcPPpgXA/YfEEWyk52emAVqIasawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzExMjYxOTQxNTJaFw0yNDExMjQxOTQ2NTJaMDMxMTAvBgNV
BAMTKDE4Q0JDQzZFRkIxMDc1RDIwOUIzQTg1NDBBQTAwN0UxRjc1NEI2OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYcI+XHSY/dDbiom8XoOP+Fsr+
tnwL3u6QdSG6s5TpRzDRbL8Rhg4LnmiOB0TGUJOHaZiRuB4ROgpvDHmVDr+TY4BJ
1VQ6HTAnNlf7gg33vpECSwEIxH2X516qPt+n8qxvhlw6aWKAKJJ/6MyoGbc4VIit
QpWXRYPmuE+o+H0kjndLrpJ4WGfvw8F72RIHUh5hkKXO1HnZ7RdYVpPPk6Sr4Oop
ZoH9NZcSv6MWIHMJkthSbMYtkIohjy1uTWI5W8wDKXHvIgzZch+sztaO0Gz8VHJ0
iO+fP72P1daQ3jyXSnZ8UpMMuu2hPG8bz6+uejQHiy60LKXsuhKT7I0G3gprAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGMvMbvsQddIJs6hUCqAH4fdUtpwwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM4MzAyZTMx
MzczODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMK0sjANBgkqhkiG9w0BAQsFAAOCAQEANsU2e+s2efYhQE7YZJedm3qiBp/+
iOS/zFaPLO+Gm1/vBiu9IdHHZaBnZtUqNLnFYgBTMwA5DebJ+/+vlCV9IxAmCgM1
St6uzrzymIoZQsZb9fhnOKvszPzpXYq3ru/eJNxYjmazyyQqpUf2iN6eNl1N96iM
mjcMF7VUyyCsNJipoanUdtk7bo832Tli58hvGyMenVEzoXdhKoYRsZdOHZcPaxB1
lsFI68edtLOD1w6yCNLByQXRWEaBobADlz5RnUkKQKQzQh3zYMMzfDKHR6yae70+
JaF4WpYkm0yVuhkthMcDcBL10JGm5FVuPZoNb6K1NsISq8JzmQxObUWx0g==
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:00 2024 by rpki-client on console-ams.rpki-client.org