Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32342d3234203d3e20313336373837.roa
File: 3139342e352e3135342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: X8UbEYYaN+LX2XO/SJmsEmotZue+UlC7usjM3ZFWLOo=
Subject key identifier: 5D:59:CB:D2:D6:49:E6:1E:49:1E:EB:78:25:14:32:05:AC:20:36:32
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 68171068947E94DB053D78AEABA9C07C5B3FE171
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:20 +0000
ROA not before: Mon 01 Apr 2024 13:58:20 +0000
ROA not after: Mon 31 Mar 2025 14:03:20 +0000
asID: 136787
IP address blocks: 194.5.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:17:10:68:94:7e:94:db:05:3d:78:ae:ab:a9:c0:7c:5b:3f:e1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:20 2024 GMT
Not After : Mar 31 14:03:20 2025 GMT
Subject: CN=5D59CBD2D649E61E491EEB7825143205AC203632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:24:9b:8c:b2:e3:fd:a0:2e:c4:33:18:ed:
f6:1f:ba:75:7d:a8:fe:42:1d:8f:69:d4:07:31:92:
db:3c:93:af:21:97:0d:ff:04:b8:bf:15:15:ee:2b:
3e:c6:92:a6:f8:76:d3:6e:5e:aa:48:1b:c6:93:24:
6e:f1:d1:94:a1:32:17:7d:12:25:85:f5:5d:95:1e:
e5:f1:6b:ad:1f:7a:c7:a1:82:b5:54:d8:f6:b2:82:
37:fa:2e:8c:ff:49:9d:39:41:7d:70:23:fd:46:b2:
0c:2b:7e:9b:2e:cc:43:7d:0f:ec:6e:1f:e6:66:51:
51:5c:25:8f:cc:4d:e0:fe:eb:3a:ba:44:f1:ad:09:
24:8e:76:66:31:dc:6d:cd:07:1d:07:bd:8d:de:30:
91:4a:b1:7b:4a:f5:34:77:f3:c6:14:5b:40:d8:0d:
00:59:dd:31:13:ac:36:d8:73:f9:bc:21:87:8c:83:
42:22:38:91:4a:36:ff:83:62:bd:06:64:f0:51:fd:
83:b2:76:e8:27:b9:69:5b:a3:7f:69:cb:ae:16:af:
b8:49:23:9a:86:49:c9:20:4e:c4:5f:70:e3:37:f0:
59:4d:51:a8:2f:e1:5a:e1:af:e4:d0:e8:6f:7f:43:
b4:c0:1b:fe:4f:52:bf:43:91:03:11:32:8e:aa:0c:
5d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:59:CB:D2:D6:49:E6:1E:49:1E:EB:78:25:14:32:05:AC:20:36:32
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.154.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:4a:b6:34:bc:18:05:ea:1f:84:61:9a:74:6e:f2:eb:f1:66:
78:27:c4:73:d5:47:e9:be:62:2b:32:73:82:b4:e1:9c:bc:3d:
41:2f:27:97:9f:0c:e8:ad:0d:26:54:76:c9:70:93:08:aa:ae:
65:67:5d:83:51:38:c2:ea:5a:de:a2:9d:21:ad:d4:ac:2e:1a:
3d:4f:38:92:27:09:45:73:d8:c3:43:13:1b:0e:e6:00:2e:3b:
5b:61:71:f2:c0:21:23:41:63:c1:c2:c1:08:fa:64:56:37:59:
91:1a:4f:4f:bd:15:43:bb:ea:7a:e3:72:82:04:b0:27:c2:87:
13:5b:e5:26:50:cf:dc:3c:28:13:1f:2f:9c:0c:4a:90:d2:66:
fa:a3:20:0c:6f:e9:16:d5:95:ab:bb:ed:fb:31:cc:3a:e7:5e:
7f:87:c0:a7:06:50:5a:f3:09:ab:45:03:ea:39:30:ca:94:0a:
93:f4:2e:1b:95:9e:af:66:c2:f3:f0:19:c5:39:57:dc:e9:01:
89:fd:24:23:96:48:e8:7a:02:d3:0b:49:d9:26:5f:98:e7:3f:
73:68:fb:21:bf:c5:7c:4c:3e:2d:9f:a1:2f:71:17:ad:8a:63:
47:45:f3:ba:c9:62:97:7b:44:21:80:4d:1f:04:3c:13:15:1f:
d4:2a:d2:be
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaBcQaJR+lNsFPXiuq6nAfFs/4XEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjBaFw0yNTAzMzExNDAzMjBaMDMxMTAvBgNV
BAMTKDVENTlDQkQyRDY0OUU2MUU0OTFFRUI3ODI1MTQzMjA1QUMyMDM2MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBzCSbjLLj/aAuxDMY7fYfunV9
qP5CHY9p1Acxkts8k68hlw3/BLi/FRXuKz7Gkqb4dtNuXqpIG8aTJG7x0ZShMhd9
EiWF9V2VHuXxa60fesehgrVU2Paygjf6Loz/SZ05QX1wI/1GsgwrfpsuzEN9D+xu
H+ZmUVFcJY/MTeD+6zq6RPGtCSSOdmYx3G3NBx0HvY3eMJFKsXtK9TR388YUW0DY
DQBZ3TETrDbYc/m8IYeMg0IiOJFKNv+DYr0GZPBR/YOydugnuWlbo39py64Wr7hJ
I5qGSckgTsRfcOM38FlNUagv4Vrhr+TQ6G9/Q7TAG/5PUr9DkQMRMo6qDF2XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXVnL0tZJ5h5JHut4JRQyBawgNjIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTJlMzEzNTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wgWaMA0GCSqGSIb3DQEBCwUAA4IBAQBfSrY0vBgF6h+EYZp0bvLr8WZ4J8Rz1Ufp
vmIrMnOCtOGcvD1BLyeXnwzorQ0mVHbJcJMIqq5lZ12DUTjC6lreop0hrdSsLho9
TziSJwlFc9jDQxMbDuYALjtbYXHywCEjQWPBwsEI+mRWN1mRGk9PvRVDu+p643KC
BLAnwocTW+UmUM/cPCgTHy+cDEqQ0mb6oyAMb+kW1ZWru+37Mcw6515/h8CnBlBa
8wmrRQPqOTDKlAqT9C4blZ6vZsLz8BnFOVfc6QGJ/SQjlkjoegLTC0nZJl+Y5z9z
aPshv8V8TD4tn6EvcRetimNHRfO6yWKXe0QhgE0fBDwTFR/UKtK+
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:35 2024 by rpki-client on console-fra.rpki-client.org