Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203430303231.roa
File: 39342e3130312e3131332e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: QMi8ZHCmqRiOOK8bjDiSESFokrgVJn9fLuQjwt8rces=
Subject key identifier: 32:89:08:17:EB:93:BF:79:76:87:53:9A:79:38:DB:66:43:AE:52:6E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 186D0756DA4252E9CFDB5070563A28E1C1E085EB
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203430303231.roa
Signing time: Tue 12 Mar 2024 20:00:12 +0000
ROA not before: Tue 12 Mar 2024 19:55:12 +0000
ROA not after: Tue 11 Mar 2025 20:00:12 +0000
asID: 40021
IP address blocks: 94.101.113.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:6d:07:56:da:42:52:e9:cf:db:50:70:56:3a:28:e1:c1:e0:85:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 12 19:55:12 2024 GMT
Not After : Mar 11 20:00:12 2025 GMT
Subject: CN=32890817EB93BF797687539A7938DB6643AE526E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:65:0b:d0:fc:c3:49:c4:5b:ad:2d:3a:e2:4b:
f7:87:56:37:c0:38:7c:05:00:38:78:a1:ff:bd:ee:
fd:bd:0a:48:f5:fa:3c:33:94:45:c4:f5:5a:09:22:
ec:2c:c2:2a:9e:23:a5:56:31:8c:c0:a8:09:ca:62:
a8:9c:d4:c4:be:28:da:3e:f5:2a:81:1b:8f:24:1c:
dd:88:5d:b1:da:a0:55:72:64:e9:39:99:b0:76:59:
6e:da:36:e0:65:fd:ff:a3:f2:0d:34:30:e9:19:6f:
c2:86:6c:2b:54:59:62:39:9f:ba:9a:ab:50:25:0c:
6c:98:36:de:e0:c6:72:70:df:aa:c2:d6:ad:77:7f:
00:93:f3:17:c7:3c:4d:99:35:b7:ee:7f:70:e9:d9:
47:ba:da:dc:fb:07:57:43:ba:84:96:f4:b8:b5:ec:
b0:e0:53:e7:b5:a6:f1:ee:ba:b2:85:5a:96:d2:f4:
81:c3:31:9b:a2:1d:c9:bd:9d:a4:f2:ae:d9:94:88:
bf:5e:b1:71:d9:c2:01:bd:6a:a0:ed:f9:5b:47:02:
2b:05:25:63:9f:d3:74:3e:7a:27:40:03:3f:64:7d:
a7:25:a9:d3:f6:c0:9b:a9:14:80:2a:94:0a:a3:5e:
36:94:b0:76:82:c4:b5:89:c6:9a:9a:70:bb:82:58:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:89:08:17:EB:93:BF:79:76:87:53:9A:79:38:DB:66:43:AE:52:6E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.113.0/24
Signature Algorithm: sha256WithRSAEncryption
75:fb:df:1c:a8:1a:a1:93:e3:8b:6a:33:c5:09:f9:dc:7a:9c:
fd:d1:8d:83:fd:1e:35:59:de:6b:8b:8c:4a:cd:9d:ce:59:1f:
34:f8:95:41:2f:9c:c3:33:29:4a:ff:78:94:e7:ff:58:2c:e5:
14:e5:13:08:54:ac:ed:bd:44:3d:9e:1c:5f:e0:7b:1e:e6:76:
0d:31:0e:aa:d2:76:57:41:ab:54:6c:93:05:f8:f9:cb:ab:e3:
53:40:d2:de:cf:8e:c0:54:f3:4e:4c:d7:c1:c8:a6:57:5b:3d:
b4:dd:ca:85:85:0a:78:bf:5f:9f:c5:7f:c8:31:27:a3:00:53:
54:01:92:2e:f0:7a:5a:5e:99:d4:69:c9:56:88:36:67:7b:08:
17:f3:f7:59:ff:34:72:32:10:3c:9b:64:af:6b:bb:60:8f:cd:
51:f7:ff:87:a3:16:15:7b:d9:05:a4:8d:b2:94:fe:10:1e:95:
97:e4:dd:69:53:46:68:a5:c6:6d:48:a6:01:7e:9d:2b:81:88:
9f:aa:6e:19:94:28:68:30:fc:50:80:41:31:05:4c:ee:c9:70:
48:2b:78:4e:de:86:5e:25:9c:a4:0c:8a:19:b1:27:5e:c8:3f:
d8:a4:63:f6:24:51:dd:fa:d7:d2:44:23:06:2b:79:7f:68:99:
a7:fe:3b:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGG0HVtpCUunP21BwVjoo4cHgheswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAzMTIxOTU1MTJaFw0yNTAzMTEyMDAwMTJaMDMxMTAvBgNV
BAMTKDMyODkwODE3RUI5M0JGNzk3Njg3NTM5QTc5MzhEQjY2NDNBRTUyNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ZQvQ/MNJxFutLTriS/eHVjfA
OHwFADh4of+97v29Ckj1+jwzlEXE9VoJIuwswiqeI6VWMYzAqAnKYqic1MS+KNo+
9SqBG48kHN2IXbHaoFVyZOk5mbB2WW7aNuBl/f+j8g00MOkZb8KGbCtUWWI5n7qa
q1AlDGyYNt7gxnJw36rC1q13fwCT8xfHPE2ZNbfuf3Dp2Ue62tz7B1dDuoSW9Li1
7LDgU+e1pvHuurKFWpbS9IHDMZuiHcm9naTyrtmUiL9esXHZwgG9aqDt+VtHAisF
JWOf03Q+eidAAz9kfaclqdP2wJupFIAqlAqjXjaUsHaCxLWJxpqacLuCWGuLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMokIF+uTv3l2h1OaeTjbZkOuUm4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNDJlMzEzMDMxMmUzMTMx
MzMyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XmVxMA0GCSqGSIb3DQEBCwUAA4IBAQB1+98cqBqhk+OLajPFCfncepz90Y2D/R41
Wd5ri4xKzZ3OWR80+JVBL5zDMylK/3iU5/9YLOUU5RMIVKztvUQ9nhxf4Hse5nYN
MQ6q0nZXQatUbJMF+PnLq+NTQNLez47AVPNOTNfByKZXWz203cqFhQp4v1+fxX/I
MSejAFNUAZIu8HpaXpnUaclWiDZnewgX8/dZ/zRyMhA8m2Sva7tgj81R9/+HoxYV
e9kFpI2ylP4QHpWX5N1pU0ZopcZtSKYBfp0rgYifqm4ZlChoMPxQgEExBUzuyXBI
K3hO3oZeJZykDIoZsSdeyD/YpGP2JFHd+tfSRCMGK3l/aJmn/juD
-----END CERTIFICATE-----
Generated at Sat May 11 08:34:17 2024 by rpki-client on console-fra.rpki-client.org