Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
File: 3139342e352e3135332e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: Qwq0KqCFquBjfN71HyaQvWBcDdWHMmp7b+xS+YBtrjY=
Subject key identifier: C9:C7:39:89:5E:49:57:EE:67:4F:8F:33:68:90:8B:EC:85:1B:C9:02
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 13E3D3010B1DEA276E779F5DCD58575996DE64F8
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
Signing time: Tue 12 Mar 2024 20:00:11 +0000
ROA not before: Tue 12 Mar 2024 19:55:11 +0000
ROA not after: Tue 11 Mar 2025 20:00:11 +0000
asID: 141995
IP address blocks: 194.5.153.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:e3:d3:01:0b:1d:ea:27:6e:77:9f:5d:cd:58:57:59:96:de:64:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 12 19:55:11 2024 GMT
Not After : Mar 11 20:00:11 2025 GMT
Subject: CN=C9C739895E4957EE674F8F3368908BEC851BC902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:28:e4:e1:75:00:f9:e4:2c:1f:61:c7:ba:2b:
df:ac:e0:ba:d3:19:14:f2:9d:53:04:ef:3d:43:86:
47:d7:96:1f:9a:ed:81:b4:8c:fb:59:86:a2:88:8a:
24:51:4a:df:62:67:26:c6:98:f5:02:e0:cf:d9:11:
9a:0a:5d:1b:7e:65:5b:c1:d8:10:e1:9d:72:58:3f:
7c:76:09:73:6b:4f:93:ec:1d:85:ba:67:fc:08:fa:
2e:8e:28:38:a8:f0:73:50:06:e1:71:75:b0:d6:a3:
71:67:9b:62:12:d5:82:02:61:7a:af:91:43:82:a8:
6a:4a:2a:b7:24:9a:f8:71:83:c3:ad:b4:17:1e:6d:
0d:67:ae:8b:83:6e:ba:30:3d:26:69:69:36:9a:a7:
ad:ac:c1:03:a3:51:51:29:15:2d:02:fb:a2:86:a6:
d9:23:0d:b1:7b:ec:97:76:b7:d0:9c:46:c8:9b:6b:
3b:9a:b9:e5:65:e4:a8:78:3d:cc:a3:e8:46:78:1b:
70:bf:1f:e0:15:a3:64:d5:41:07:33:94:f8:26:17:
a9:37:85:e0:94:6f:f3:86:c9:af:9d:b7:92:e4:ad:
3a:24:ff:97:b0:96:dd:03:b2:0d:73:56:56:28:98:
5b:04:94:36:b2:3c:61:44:38:2e:73:51:c1:48:ec:
a7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C7:39:89:5E:49:57:EE:67:4F:8F:33:68:90:8B:EC:85:1B:C9:02
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.153.0/24
Signature Algorithm: sha256WithRSAEncryption
51:a9:5f:8e:eb:8b:0f:fa:5a:94:9b:aa:84:6f:da:05:74:0e:
f5:fa:55:55:f8:16:a7:3a:ef:36:25:28:0d:f3:46:b2:5e:50:
10:5a:eb:95:46:cd:39:25:19:16:44:81:26:f2:a2:11:3f:5e:
54:bd:81:31:17:8c:09:3c:f8:8e:9f:4f:5d:c6:f6:32:ac:fb:
ca:b6:bc:30:3c:a5:5c:47:99:e9:5c:e3:65:20:54:e7:50:25:
2c:09:ce:6c:b9:08:eb:c2:79:b8:50:9c:e3:c8:96:bd:6f:e6:
fb:41:5a:d8:cf:07:8f:a6:a9:3a:81:c2:ee:9c:11:e2:45:2c:
6c:54:1a:74:34:59:c4:36:27:09:ef:30:a9:73:b8:20:3b:bd:
bf:01:d5:d5:e4:2e:85:c5:a2:47:bd:2a:bf:a7:9c:1d:3c:11:
df:97:d8:44:48:7e:ad:02:3f:df:f4:fd:90:bf:ce:7e:0b:db:
6e:56:1b:6e:02:73:f7:18:7c:75:33:ca:44:a0:f1:b0:d1:2b:
46:ff:09:16:8c:bd:f7:6c:8c:6d:0c:6a:26:b6:52:07:60:3b:
50:09:ca:5f:6b:53:1b:67:7b:88:fe:c9:2a:b0:95:51:7a:1e:
9f:bb:f5:09:10:be:65:c0:a2:f0:69:9b:03:38:67:a2:d3:40:
ee:b9:2b:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE+PTAQsd6idud59dzVhXWZbeZPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAzMTIxOTU1MTFaFw0yNTAzMTEyMDAwMTFaMDMxMTAvBgNV
BAMTKEM5QzczOTg5NUU0OTU3RUU2NzRGOEYzMzY4OTA4QkVDODUxQkM5MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmKOThdQD55CwfYce6K9+s4LrT
GRTynVME7z1DhkfXlh+a7YG0jPtZhqKIiiRRSt9iZybGmPUC4M/ZEZoKXRt+ZVvB
2BDhnXJYP3x2CXNrT5PsHYW6Z/wI+i6OKDio8HNQBuFxdbDWo3Fnm2IS1YICYXqv
kUOCqGpKKrckmvhxg8OttBcebQ1nrouDbrowPSZpaTaap62swQOjUVEpFS0C+6KG
ptkjDbF77Jd2t9CcRsibazuaueVl5Kh4Pcyj6EZ4G3C/H+AVo2TVQQczlPgmF6k3
heCUb/OGya+dt5LkrTok/5ewlt0Dsg1zVlYomFsElDayPGFEOC5zUcFI7Kf5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUycc5iV5JV+5nT48zaJCL7IUbyQIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTJlMzEzNTMz
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzNDMxMzkzOTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wgWZMA0GCSqGSIb3DQEBCwUAA4IBAQBRqV+O64sP+lqUm6qEb9oFdA71+lVV+Ban
Ou82JSgN80ayXlAQWuuVRs05JRkWRIEm8qIRP15UvYExF4wJPPiOn09dxvYyrPvK
trwwPKVcR5npXONlIFTnUCUsCc5suQjrwnm4UJzjyJa9b+b7QVrYzwePpqk6gcLu
nBHiRSxsVBp0NFnENicJ7zCpc7ggO72/AdXV5C6FxaJHvSq/p5wdPBHfl9hESH6t
Aj/f9P2Qv85+C9tuVhtuAnP3GHx1M8pEoPGw0StG/wkWjL33bIxtDGomtlIHYDtQ
Ccpfa1MbZ3uI/skqsJVReh6fu/UJEL5lwKLwaZsDOGei00DuuSt1
-----END CERTIFICATE-----
Generated at Fri May 10 15:37:17 2024 by rpki-client on console-ams.rpki-client.org