Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
File: 3139342e36312e33302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: BvBAzBouIHNQNa0p7Wmdpt2nkquXDF8LR2c08l/90x4=
Subject key identifier: D1:69:D5:FC:EA:67:26:B5:E5:65:D3:B7:54:80:39:95:CC:4A:5D:79
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 73F5E20C65ABFA00B29F01E2DC048FC3F2EC2EFD
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:15 +0000
ROA not before: Sun 27 Oct 2024 20:00:15 +0000
ROA not after: Sun 26 Oct 2025 20:05:15 +0000
asID: 136787
IP address blocks: 194.61.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f5:e2:0c:65:ab:fa:00:b2:9f:01:e2:dc:04:8f:c3:f2:ec:2e:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Oct 27 20:00:15 2024 GMT
Not After : Oct 26 20:05:15 2025 GMT
Subject: CN=D169D5FCEA6726B5E565D3B754803995CC4A5D79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7f:b3:64:a4:60:fb:56:bb:a0:e4:b9:6e:13:
0a:1c:a1:2f:3b:6a:42:80:c8:c2:cc:40:da:6c:62:
bd:30:02:79:f2:6c:50:a1:f3:bd:6b:41:26:56:fc:
33:0f:1c:4e:fb:58:bb:83:e4:91:c5:c0:1a:2f:e8:
d5:93:4d:9f:eb:aa:b2:fc:19:56:1a:f2:ec:ca:5d:
ed:31:67:86:ab:48:c0:12:14:09:16:08:63:40:55:
57:8e:05:da:4f:00:88:a0:17:19:69:75:0e:1d:56:
3e:07:ea:46:46:69:8f:27:42:fc:12:42:3a:99:84:
2f:35:a7:16:8a:8b:a8:bc:60:19:d9:71:26:d8:b6:
59:d0:1f:9e:39:92:1c:cf:19:77:fc:4f:49:6f:b0:
75:bd:3a:96:71:39:9d:ba:cc:ba:83:5b:7f:eb:76:
8d:f0:91:a1:2d:d7:84:96:59:cc:13:8e:88:e7:12:
88:e0:ae:2b:ae:c6:a0:5a:36:99:1c:f2:2f:1a:90:
ff:c9:1c:3b:df:cd:a2:e0:ee:e1:52:54:36:67:d3:
c5:4c:89:55:c7:ca:a8:58:4f:4a:9f:12:b9:e5:1b:
fb:c9:18:96:81:14:dd:6a:6d:83:71:6e:79:2f:49:
66:66:99:03:3f:09:c3:c6:f8:34:94:6f:75:6c:0b:
13:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:69:D5:FC:EA:67:26:B5:E5:65:D3:B7:54:80:39:95:CC:4A:5D:79
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.30.0/24
Signature Algorithm: sha256WithRSAEncryption
33:37:b6:b3:ad:2c:15:19:0e:e2:b4:39:02:bc:56:9c:f2:d1:
14:3a:00:8d:ee:1d:bb:97:57:70:ca:12:66:05:21:0d:88:57:
b3:18:8b:8b:bc:cc:d3:9c:02:6e:4a:c3:42:d2:58:fa:60:c2:
06:d7:fb:5f:b3:49:a7:22:d8:0e:b4:d3:56:ef:cd:06:04:44:
85:91:97:9d:59:08:d4:bc:4e:76:25:8f:15:c0:9a:10:4c:c3:
91:f0:eb:52:10:c5:45:f0:dd:e2:a9:f7:2f:4f:33:c5:ee:d0:
b1:49:7a:5b:92:73:8d:2d:2b:d3:17:43:fd:69:b7:2d:56:d7:
8d:0a:d1:bb:af:7b:ed:d6:ff:ab:00:04:67:3d:cb:83:45:61:
92:71:a7:1d:02:6b:aa:59:0b:43:aa:9d:4e:9b:61:3b:c7:5a:
0e:89:0a:8b:e1:b5:3f:da:9c:1b:6e:22:ca:bc:5c:a0:a9:86:
45:37:a0:95:da:5d:d1:6a:f9:3a:f7:66:93:e8:d7:cd:3a:59:
b5:a6:9d:3f:f3:b0:88:25:c2:8c:09:6a:37:d2:da:64:e2:5d:
05:f4:73:9c:0f:ac:e0:92:61:3b:95:0a:a5:d7:1a:73:36:fb:
7f:20:41:4d:11:c4:4a:83:24:87:87:27:5c:e7:f7:1e:5d:83:
25:36:0a:32
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc/XiDGWr+gCynwHi3ASPw/LsLv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDEwMjcyMDAwMTVaFw0yNTEwMjYyMDA1MTVaMDMxMTAvBgNV
BAMTKEQxNjlENUZDRUE2NzI2QjVFNTY1RDNCNzU0ODAzOTk1Q0M0QTVENzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDf7NkpGD7Vrug5LluEwocoS87
akKAyMLMQNpsYr0wAnnybFCh871rQSZW/DMPHE77WLuD5JHFwBov6NWTTZ/rqrL8
GVYa8uzKXe0xZ4arSMASFAkWCGNAVVeOBdpPAIigFxlpdQ4dVj4H6kZGaY8nQvwS
QjqZhC81pxaKi6i8YBnZcSbYtlnQH545khzPGXf8T0lvsHW9OpZxOZ26zLqDW3/r
do3wkaEt14SWWcwTjojnEojgriuuxqBaNpkc8i8akP/JHDvfzaLg7uFSVDZn08VM
iVXHyqhYT0qfErnlG/vJGJaBFN1qbYNxbnkvSWZmmQM/CcPG+DSUb3VsCxO7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0WnV/OpnJrXlZdO3VIA5lcxKXXkwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNjMxMmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wj0eMA0GCSqGSIb3DQEBCwUAA4IBAQAzN7azrSwVGQ7itDkCvFac8tEUOgCN7h27
l1dwyhJmBSENiFezGIuLvMzTnAJuSsNC0lj6YMIG1/tfs0mnItgOtNNW780GBESF
kZedWQjUvE52JY8VwJoQTMOR8OtSEMVF8N3iqfcvTzPF7tCxSXpbknONLSvTF0P9
abctVteNCtG7r3vt1v+rAARnPcuDRWGScacdAmuqWQtDqp1Om2E7x1oOiQqL4bU/
2pwbbiLKvFygqYZFN6CV2l3Ravk692aT6NfNOlm1pp0/87CIJcKMCWo30tpk4l0F
9HOcD6zgkmE7lQql1xpzNvt/IEFNEcRKgySHhydc5/ceXYMlNgoy
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org