Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3131302e302f32342d3234203d3e20313336373837.roa
File: 3139342e35332e3131302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JboZA+/LuJxxH23oD6HShdjd1cZlICk02I8KE9kSdCY=
Subject key identifier: 30:7E:4F:37:53:D4:F6:A8:E8:7B:70:59:DB:EF:D5:48:8F:BA:91:55
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4854DE6C1C3B35E34D117A1CA0E6B13E2C938011
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3131302e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:01 +0000
ROA not before: Tue 13 Feb 2024 12:49:01 +0000
ROA not after: Tue 11 Feb 2025 12:54:01 +0000
asID: 136787
IP address blocks: 194.53.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:54:de:6c:1c:3b:35:e3:4d:11:7a:1c:a0:e6:b1:3e:2c:93:80:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 13 12:49:01 2024 GMT
Not After : Feb 11 12:54:01 2025 GMT
Subject: CN=307E4F3753D4F6A8E87B7059DBEFD5488FBA9155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:37:f5:47:7b:b6:c7:ff:26:c1:88:0b:b5:d6:
76:ef:8f:ce:72:02:55:e0:f6:9c:7c:7c:40:15:7c:
a6:c5:95:a9:ce:b4:c2:d1:c4:49:aa:fb:4a:51:87:
78:16:07:3c:df:99:e6:95:28:a7:48:d0:b3:ec:32:
c1:11:a3:59:65:93:f5:c0:61:2e:52:6c:4b:64:97:
35:d8:26:66:30:ff:1d:6f:51:79:a0:88:43:fb:b3:
3b:83:ea:49:ae:cb:3a:b4:c3:c5:98:a8:37:e0:17:
81:e4:f7:5d:76:03:75:5d:66:bb:f6:11:8c:0a:1b:
08:ea:cb:e2:d2:6c:21:a8:f8:e3:cf:75:fb:5f:9e:
96:70:45:b0:da:7a:9b:f0:a2:6c:fd:22:d9:58:15:
4e:69:ca:d8:3a:d7:d3:d1:d4:bb:a2:91:7c:fe:8b:
ff:aa:1b:0b:49:be:32:96:33:3b:71:b8:28:3d:7f:
46:ef:c7:25:0c:d2:3c:ae:4d:32:c6:56:0e:46:0f:
8f:51:ec:be:22:af:da:d0:2e:ae:d1:ce:80:38:4d:
ac:c0:5b:57:07:3d:c9:6c:f0:3f:b6:4f:50:af:ac:
81:7d:31:ef:e1:bd:f1:d1:7e:9e:9a:5c:dc:78:02:
81:1c:df:33:f3:44:07:bb:be:25:42:6e:4e:c4:51:
3f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7E:4F:37:53:D4:F6:A8:E8:7B:70:59:DB:EF:D5:48:8F:BA:91:55
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3131302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.110.0/24
Signature Algorithm: sha256WithRSAEncryption
49:29:75:8a:e0:23:9b:ff:12:db:d1:fb:bc:ba:cc:dd:b2:f5:
b2:f8:c7:18:2c:02:e0:c9:35:ce:ff:00:d6:19:7c:1d:8f:6d:
cd:b1:1f:21:d2:80:9c:3b:be:9c:4e:1e:53:7f:cf:02:84:00:
04:c0:63:af:92:c7:57:dd:5a:27:f0:bb:3f:61:87:47:91:fd:
22:fc:fa:86:68:74:8b:88:f9:10:bf:65:df:1f:3c:be:cc:d8:
e5:0e:5f:40:08:e9:a1:0c:40:ef:12:6c:20:27:9f:2b:b1:97:
77:b7:f6:77:0b:6c:df:b6:ad:a5:76:c3:0a:b9:c3:87:93:6f:
8a:15:e3:b4:84:37:08:af:9b:64:17:a7:c4:d6:ca:0c:22:f2:
b3:2a:4e:39:27:76:39:3b:77:bf:1c:6c:7d:bf:4f:b2:b9:3b:
13:95:ba:c2:4a:42:9f:8e:45:f2:3f:70:2b:b3:56:90:9f:ee:
f6:ae:e1:83:c6:03:7c:ef:59:b1:48:55:cb:9b:5d:d8:18:65:
93:11:df:45:98:90:50:06:bb:90:ae:10:51:e5:a2:50:23:5a:
9a:ee:16:22:03:0b:4b:d9:ad:52:65:ee:9b:3f:cf:8a:ec:e1:
46:88:53:c5:9e:17:1e:51:ad:8b:9f:83:e6:49:ac:da:5b:48:
dc:12:bc:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSFTebBw7NeNNEXocoOaxPiyTgBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMTMxMjQ5MDFaFw0yNTAyMTExMjU0MDFaMDMxMTAvBgNV
BAMTKDMwN0U0RjM3NTNENEY2QThFODdCNzA1OURCRUZENTQ4OEZCQTkxNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdN/VHe7bH/ybBiAu11nbvj85y
AlXg9px8fEAVfKbFlanOtMLRxEmq+0pRh3gWBzzfmeaVKKdI0LPsMsERo1llk/XA
YS5SbEtklzXYJmYw/x1vUXmgiEP7szuD6kmuyzq0w8WYqDfgF4Hk9112A3VdZrv2
EYwKGwjqy+LSbCGo+OPPdftfnpZwRbDaepvwomz9ItlYFU5pytg619PR1LuikXz+
i/+qGwtJvjKWMztxuCg9f0bvxyUM0jyuTTLGVg5GD49R7L4ir9rQLq7RzoA4TazA
W1cHPcls8D+2T1CvrIF9Me/hvfHRfp6aXNx4AoEc3zPzRAe7viVCbk7EUT+BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMH5PN1PU9qjoe3BZ2+/VSI+6kVUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTMzMmUzMTMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCNW4wDQYJKoZIhvcNAQELBQADggEBAEkpdYrgI5v/EtvR+7y6zN2y9bL4xxgs
AuDJNc7/ANYZfB2Pbc2xHyHSgJw7vpxOHlN/zwKEAATAY6+Sx1fdWifwuz9hh0eR
/SL8+oZodIuI+RC/Zd8fPL7M2OUOX0AI6aEMQO8SbCAnnyuxl3e39ncLbN+2raV2
wwq5w4eTb4oV47SENwivm2QXp8TWygwi8rMqTjkndjk7d78cbH2/T7K5OxOVusJK
Qp+ORfI/cCuzVpCf7vau4YPGA3zvWbFIVcubXdgYZZMR30WYkFAGu5CuEFHlolAj
WpruFiIDC0vZrVJl7ps/z4rs4UaIU8WeFx5RrYufg+ZJrNpbSNwSvHE=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org