Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: k6IAE5iLuXbcOqEK8bOkG+EJ4UMTb4uEZgCFfuVF5vM=
Subject key identifier: 75:25:24:FA:81:2C:30:C3:F6:D6:3B:AE:26:B3:8F:6D:AD:D9:36:6C
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3D55E51AC2A449991A16130188E6C10C36F174C6
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:15 +0000
ROA not before: Sun 27 Oct 2024 20:00:15 +0000
ROA not after: Sun 26 Oct 2025 20:05:15 +0000
asID: 136787
IP address blocks: 194.180.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:55:e5:1a:c2:a4:49:99:1a:16:13:01:88:e6:c1:0c:36:f1:74:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Oct 27 20:00:15 2024 GMT
Not After : Oct 26 20:05:15 2025 GMT
Subject: CN=752524FA812C30C3F6D63BAE26B38F6DADD9366C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:de:f0:da:17:bf:63:af:06:f5:c3:cc:d5:a9:
10:db:d8:f1:7c:1e:2e:41:a8:57:fb:4a:59:c6:54:
4c:05:93:bd:e7:81:3a:cb:2c:c9:a2:a4:a4:d1:12:
61:c2:ca:7b:f4:77:77:12:27:42:df:7d:e3:e3:6b:
b6:65:18:66:ba:ce:47:32:ef:af:d4:97:82:9f:18:
39:b7:98:4d:5b:86:ca:0b:e6:b3:db:53:ec:ff:66:
ac:2d:70:df:26:6b:d2:9c:94:37:c1:d5:26:6a:cd:
05:7a:50:73:b6:1c:c3:41:75:d2:32:a3:ef:60:c1:
ab:d0:ce:ab:64:9f:f8:95:37:98:63:33:2b:2d:03:
2c:74:95:75:bd:0b:03:4d:ff:c2:3f:b0:54:eb:4f:
01:0f:7f:fe:f0:36:f9:fb:76:ef:12:2d:e3:c4:9d:
62:30:ac:ac:e7:a0:35:45:a0:0e:50:61:3c:fc:70:
05:b6:cf:d6:b1:ad:7d:e6:e1:d9:ad:bd:b7:a9:66:
02:f7:f2:68:b4:5c:06:03:c4:74:7b:5b:8a:2f:1f:
14:82:0b:ed:1a:c6:77:1d:88:d0:73:72:c3:0b:49:
6b:57:04:7b:49:eb:1d:6e:0c:55:28:46:87:20:60:
82:ee:37:9c:8d:26:12:5f:08:3f:49:f9:0b:ea:c9:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:25:24:FA:81:2C:30:C3:F6:D6:3B:AE:26:B3:8F:6D:AD:D9:36:6C
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e3138302e3137382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.178.0/24
Signature Algorithm: sha256WithRSAEncryption
91:8f:af:ad:cf:7c:6b:45:74:28:e2:dd:5c:5b:33:b4:7a:22:
98:43:58:9d:28:aa:fe:45:c9:8c:ee:95:d6:2c:11:c5:8e:2d:
18:4a:1b:63:71:91:7e:be:74:fa:28:b5:9f:90:25:aa:0d:0b:
2a:4f:a9:88:44:f8:98:0f:6d:77:3f:22:4f:c4:fe:3e:b9:78:
fc:76:ca:30:83:67:b1:c6:5d:c5:4c:9a:9b:4c:3d:d5:9c:72:
c5:25:ca:8d:c9:13:fa:4c:b4:dd:e4:04:68:55:d3:69:a7:95:
40:c8:d3:f4:51:01:78:1e:6b:33:8c:b5:e1:04:2f:da:2e:e2:
f6:05:35:67:8a:85:bf:e8:ed:ca:91:7f:16:5e:b8:55:73:1a:
71:fc:56:cf:14:62:f2:78:86:41:93:bf:32:78:31:a9:32:17:
86:89:9f:cd:7e:3e:84:c4:0c:f7:53:5a:ce:17:ea:29:2e:43:
78:42:3b:32:b8:d6:48:a8:fa:f0:4f:ce:0d:e4:ee:59:ef:b8:
75:4e:d1:41:8f:87:21:d3:bb:81:5e:e7:a9:6c:b3:e5:3a:30:
90:08:8c:b1:8c:77:0d:ad:a7:df:26:66:97:ac:1d:80:16:9a:
9a:93:e6:7d:10:50:7b:21:de:7c:5f:57:45:b5:7b:8b:f6:92:
fb:95:fe:6c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPVXlGsKkSZkaFhMBiObBDDbxdMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDEwMjcyMDAwMTVaFw0yNTEwMjYyMDA1MTVaMDMxMTAvBgNV
BAMTKDc1MjUyNEZBODEyQzMwQzNGNkQ2M0JBRTI2QjM4RjZEQUREOTM2NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU3vDaF79jrwb1w8zVqRDb2PF8
Hi5BqFf7SlnGVEwFk73ngTrLLMmipKTREmHCynv0d3cSJ0LffePja7ZlGGa6zkcy
76/Ul4KfGDm3mE1bhsoL5rPbU+z/ZqwtcN8ma9KclDfB1SZqzQV6UHO2HMNBddIy
o+9gwavQzqtkn/iVN5hjMystAyx0lXW9CwNN/8I/sFTrTwEPf/7wNvn7du8SLePE
nWIwrKznoDVFoA5QYTz8cAW2z9axrX3m4dmtvbepZgL38mi0XAYDxHR7W4ovHxSC
C+0axncdiNBzcsMLSWtXBHtJ6x1uDFUoRocgYILuN5yNJhJfCD9J+QvqyXMDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdSUk+oEsMMP21juuJrOPba3ZNmwwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM4MzAyZTMx
MzczODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMK0sjANBgkqhkiG9w0BAQsFAAOCAQEAkY+vrc98a0V0KOLdXFsztHoimENY
nSiq/kXJjO6V1iwRxY4tGEobY3GRfr50+ii1n5Alqg0LKk+piET4mA9tdz8iT8T+
Prl4/HbKMINnscZdxUyam0w91ZxyxSXKjckT+ky03eQEaFXTaaeVQMjT9FEBeB5r
M4y14QQv2i7i9gU1Z4qFv+jtypF/Fl64VXMacfxWzxRi8niGQZO/MngxqTIXhomf
zX4+hMQM91NazhfqKS5DeEI7MrjWSKj68E/ODeTuWe+4dU7RQY+HIdO7gV7nqWyz
5TowkAiMsYx3Da2n3yZml6wdgBaampPmfRBQeyHefF9XRbV7i/aS+5X+bA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org