Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131352e302f32342d3234203d3e203537313732.roa
File: 39342e3130312e3131352e302f32342d3234203d3e203537313732.roa (raw, json)
Hash identifier: rGeN5fBnkXcZCyjfGyDU0ptsQJohTKG5Yb+S5iiK7ds=
Subject key identifier: 22:BB:3B:D1:93:EF:40:04:10:30:24:41:80:CC:F7:EA:6E:8F:93:20
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 5760EF8BFB3E21A822EF2772698B2F8C5D47E60A
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131352e302f32342d3234203d3e203537313732.roa
Signing time: Wed 08 May 2024 08:03:36 +0000
ROA not before: Wed 08 May 2024 07:58:36 +0000
ROA not after: Wed 07 May 2025 08:03:36 +0000
asID: 57172
IP address blocks: 94.101.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:60:ef:8b:fb:3e:21:a8:22:ef:27:72:69:8b:2f:8c:5d:47:e6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: May 8 07:58:36 2024 GMT
Not After : May 7 08:03:36 2025 GMT
Subject: CN=22BB3BD193EF40041030244180CCF7EA6E8F9320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:93:47:9b:37:e2:d9:e5:dd:77:53:94:10:83:
07:33:32:98:96:c8:34:3e:83:97:28:9a:54:60:8b:
1a:7a:61:e4:1e:50:13:bf:97:80:1b:56:c8:59:dd:
69:4b:2d:38:81:52:b9:03:4d:34:76:1b:30:eb:f5:
65:e6:f1:4e:13:27:71:65:09:5a:f3:37:64:2f:02:
db:ed:c7:94:8f:42:4d:aa:75:31:eb:f6:99:a4:e5:
c3:f9:cc:0e:5c:7c:f5:5a:11:8f:80:7b:73:df:aa:
eb:77:a5:b7:9e:c0:3d:97:b3:34:48:9c:08:c9:61:
9d:86:4b:c9:28:39:0d:6f:2b:5b:f0:77:8b:5e:2e:
e6:e5:93:d2:7f:5e:c1:fd:c3:8e:40:aa:61:e9:28:
d9:0a:5c:4a:a7:61:a0:d5:63:b5:81:db:73:b5:04:
97:11:a7:66:5f:2e:93:9a:e3:a3:b6:2e:58:1c:cb:
d6:89:4b:41:51:f8:b1:28:41:c4:80:75:07:67:eb:
2f:b1:8a:3a:99:04:8a:91:12:3c:53:aa:b2:41:e9:
e6:62:63:f8:4f:46:c8:65:c3:d9:47:10:ff:aa:10:
5e:4a:bc:56:95:ad:c8:54:36:59:9b:01:af:70:d8:
ae:04:24:8e:b0:69:36:08:74:c8:34:95:7c:d6:4d:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BB:3B:D1:93:EF:40:04:10:30:24:41:80:CC:F7:EA:6E:8F:93:20
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131352e302f32342d3234203d3e203537313732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.115.0/24
Signature Algorithm: sha256WithRSAEncryption
20:28:a7:9a:f8:bc:ea:84:53:ef:2c:a9:ad:b8:5e:5a:b5:3f:
fb:52:36:7c:87:9b:1f:be:ef:06:01:c0:64:2e:d5:ee:84:d3:
6d:b0:cb:b4:aa:d8:bd:f2:d8:bc:f5:40:2b:ca:87:a0:1b:2e:
d5:6e:2e:b7:df:eb:68:d9:78:c7:e6:5e:c4:95:93:8e:ef:70:
84:d5:ba:41:48:58:df:4c:de:60:d4:99:db:69:34:e0:34:a4:
e7:c7:f4:42:43:0a:73:ad:ba:22:b9:28:69:3a:de:77:8e:39:
e7:5e:c5:8f:1e:2d:a4:3d:0e:b5:4e:c6:60:7c:26:4a:3b:7b:
fe:77:4d:2d:e1:0e:e9:43:d9:b2:e8:be:9d:7b:79:b7:0c:fe:
b5:57:ae:72:74:cc:7b:c5:d0:49:7c:80:98:9b:04:60:04:6f:
73:f1:50:e9:68:43:00:fb:4c:a3:22:7a:4f:4e:54:e9:ee:93:
cb:bc:b2:ac:aa:87:62:0c:9f:40:4b:2e:33:53:97:d7:e5:66:
dc:fc:33:70:91:52:64:cd:6d:97:f1:d9:32:24:2d:b3:9f:17:
0a:47:54:2a:b6:d8:b7:45:0a:c7:be:bf:42:73:18:15:8d:06:
ff:53:13:14:62:e8:23:f2:1b:8d:a9:b6:36:bd:87:0f:ae:27:
03:07:62:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV2Dvi/s+Iagi7ydyaYsvjF1H5gowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA1MDgwNzU4MzZaFw0yNTA1MDcwODAzMzZaMDMxMTAvBgNV
BAMTKDIyQkIzQkQxOTNFRjQwMDQxMDMwMjQ0MTgwQ0NGN0VBNkU4RjkzMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsk0ebN+LZ5d13U5QQgwczMpiW
yDQ+g5comlRgixp6YeQeUBO/l4AbVshZ3WlLLTiBUrkDTTR2GzDr9WXm8U4TJ3Fl
CVrzN2QvAtvtx5SPQk2qdTHr9pmk5cP5zA5cfPVaEY+Ae3Pfqut3pbeewD2XszRI
nAjJYZ2GS8koOQ1vK1vwd4teLublk9J/XsH9w45AqmHpKNkKXEqnYaDVY7WB23O1
BJcRp2ZfLpOa46O2Llgcy9aJS0FR+LEoQcSAdQdn6y+xijqZBIqREjxTqrJB6eZi
Y/hPRshlw9lHEP+qEF5KvFaVrchUNlmbAa9w2K4EJI6waTYIdMg0lXzWTdfXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIrs70ZPvQAQQMCRBgMz36m6PkyAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNDJlMzEzMDMxMmUzMTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM3MzEzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XmVzMA0GCSqGSIb3DQEBCwUAA4IBAQAgKKea+LzqhFPvLKmtuF5atT/7UjZ8h5sf
vu8GAcBkLtXuhNNtsMu0qti98ti89UAryoegGy7Vbi633+to2XjH5l7ElZOO73CE
1bpBSFjfTN5g1JnbaTTgNKTnx/RCQwpzrboiuShpOt53jjnnXsWPHi2kPQ61TsZg
fCZKO3v+d00t4Q7pQ9my6L6de3m3DP61V65ydMx7xdBJfICYmwRgBG9z8VDpaEMA
+0yjInpPTlTp7pPLvLKsqodiDJ9ASy4zU5fX5Wbc/DNwkVJkzW2X8dkyJC2znxcK
R1Qqtti3RQrHvr9CcxgVjQb/UxMUYugj8huNqbY2vYcPricDB2JA
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:05 2024 by rpki-client on console-fra.rpki-client.org