Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
File: 3139342e36312e32392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: A9sIp2cFERoXoVPR+bfyHMq8q6JU/ZeTQCmcSJLcnas=
Subject key identifier: 90:CD:13:4D:A2:9E:1F:C5:DC:AA:EF:40:EE:C9:B9:9B:7B:2F:91:9F
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 5D5CE02AA0495C82C52FD783CD59B49A31EDACEE
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 08 Mar 2024 12:58:25 +0000
ROA not before: Fri 08 Mar 2024 12:53:25 +0000
ROA not after: Fri 07 Mar 2025 12:58:25 +0000
asID: 136787
IP address blocks: 194.61.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:5c:e0:2a:a0:49:5c:82:c5:2f:d7:83:cd:59:b4:9a:31:ed:ac:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 8 12:53:25 2024 GMT
Not After : Mar 7 12:58:25 2025 GMT
Subject: CN=90CD134DA29E1FC5DCAAEF40EEC9B99B7B2F919F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:b2:fe:37:aa:31:d7:bd:c4:22:5b:e2:73:
c5:f7:a6:15:1b:c6:c3:a6:3e:22:cb:ec:d4:90:1c:
87:47:3a:f8:f3:9d:be:ce:eb:9b:fb:04:b3:d0:e0:
e2:41:e1:b9:7f:bd:ff:04:61:3b:72:f0:40:03:7a:
09:42:11:bb:ae:1b:12:b0:5a:6b:87:4d:8f:bc:2b:
03:9c:06:6f:73:9d:7c:59:cb:17:5b:50:1b:57:79:
1b:e9:bb:dd:84:35:a3:5b:aa:dc:71:2a:f6:88:ab:
73:0f:e7:1a:5d:d3:3a:8a:8b:25:f4:15:fe:2f:af:
85:39:04:ed:cf:f3:d7:bd:d2:c0:f5:5d:54:f8:11:
01:b6:c7:7a:48:5c:3a:2d:2e:f7:63:4f:f3:0b:db:
99:37:42:f6:a9:03:29:ec:78:8b:60:c2:76:cc:29:
2d:ad:ce:fe:01:e2:30:fc:b2:1d:e1:99:d7:34:bf:
6b:35:58:fd:62:2b:a3:01:98:db:db:6f:24:11:63:
7e:91:3e:b0:52:fa:5d:bb:f2:3a:68:82:b1:cc:d5:
68:c2:7f:c0:0f:8e:ee:74:34:da:ec:79:3c:66:ed:
eb:27:e6:a4:92:9a:7e:4f:69:ac:24:95:d6:67:d3:
b6:5f:ef:46:4e:14:09:96:76:f7:ee:9a:0c:03:01:
f0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CD:13:4D:A2:9E:1F:C5:DC:AA:EF:40:EE:C9:B9:9B:7B:2F:91:9F
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.29.0/24
Signature Algorithm: sha256WithRSAEncryption
00:95:4e:3c:41:b8:74:a2:f5:89:f4:7d:02:71:f9:f9:5c:9f:
13:ac:a9:9b:dd:0a:71:80:4f:83:90:b9:c4:1c:86:55:e7:03:
d4:d0:45:46:ef:c6:d4:3a:68:74:42:43:d1:7c:e7:3d:62:55:
e2:d0:f6:b6:e9:be:ae:4b:bf:2c:6e:13:f2:e9:91:26:39:ff:
9e:5b:a5:5b:a1:b1:bb:e4:ac:39:8b:ca:7c:d2:f4:4b:42:9b:
d9:2f:d6:ce:7e:e1:77:61:b3:9a:43:76:c0:1e:71:ed:17:82:
bc:56:56:fd:99:db:2f:c9:ab:37:53:35:54:5b:59:6c:30:b6:
19:6c:c8:6f:0a:5f:be:37:b1:1d:13:78:6e:20:c4:ea:68:37:
d6:a7:66:e3:a7:57:90:40:c7:03:8e:b1:fa:93:25:43:36:cd:
c9:94:b0:29:8d:1a:db:16:fc:c2:fd:1e:df:9b:1f:18:1b:d4:
2a:73:03:ec:0d:1b:82:b4:9e:bb:8b:db:21:f3:8a:17:0e:12:
ab:b1:12:7c:d2:67:91:3e:91:03:98:4d:a4:1d:c2:a0:bf:e1:
9f:07:23:88:e0:eb:4a:29:fc:8a:5f:30:6c:20:2d:ab:0a:a6:
40:28:6a:5d:4a:bb:60:24:f9:2a:a5:c5:7f:ec:f3:13:c9:df:
7e:92:e4:16
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXVzgKqBJXILFL9eDzVm0mjHtrO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAzMDgxMjUzMjVaFw0yNTAzMDcxMjU4MjVaMDMxMTAvBgNV
BAMTKDkwQ0QxMzREQTI5RTFGQzVEQ0FBRUY0MEVFQzlCOTlCN0IyRjkxOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiqLL+N6ox173EIlvic8X3phUb
xsOmPiLL7NSQHIdHOvjznb7O65v7BLPQ4OJB4bl/vf8EYTty8EADeglCEbuuGxKw
WmuHTY+8KwOcBm9znXxZyxdbUBtXeRvpu92ENaNbqtxxKvaIq3MP5xpd0zqKiyX0
Ff4vr4U5BO3P89e90sD1XVT4EQG2x3pIXDotLvdjT/ML25k3QvapAynseItgwnbM
KS2tzv4B4jD8sh3hmdc0v2s1WP1iK6MBmNvbbyQRY36RPrBS+l278jpogrHM1WjC
f8APju50NNrseTxm7esn5qSSmn5PaawkldZn07Zf70ZOFAmWdvfumgwDAfA/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkM0TTaKeH8Xcqu9A7sm5m3svkZ8wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNjMxMmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wj0dMA0GCSqGSIb3DQEBCwUAA4IBAQAAlU48Qbh0ovWJ9H0Ccfn5XJ8TrKmb3Qpx
gE+DkLnEHIZV5wPU0EVG78bUOmh0QkPRfOc9YlXi0Pa26b6uS78sbhPy6ZEmOf+e
W6VbobG75Kw5i8p80vRLQpvZL9bOfuF3YbOaQ3bAHnHtF4K8Vlb9mdsvyas3UzVU
W1lsMLYZbMhvCl++N7EdE3huIMTqaDfWp2bjp1eQQMcDjrH6kyVDNs3JlLApjRrb
FvzC/R7fmx8YG9QqcwPsDRuCtJ67i9sh84oXDhKrsRJ80meRPpEDmE2kHcKgv+Gf
ByOI4OtKKfyKXzBsIC2rCqZAKGpdSrtgJPkqpcV/7PMTyd9+kuQW
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org