Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ivEKxTRo3RxqHu/BFi6LcxoUe3J7mJFgLz93wGVHpBs=
Subject key identifier: 47:9F:EF:13:BF:C5:84:F4:A7:EF:B9:13:D3:43:99:AE:D9:F4:48:E8
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 479A0C3B0D1479EA8D505296E7AF294C6B9F9035
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:47:07 +0000
ROA not before: Sun 26 Nov 2023 19:42:07 +0000
ROA not after: Sun 24 Nov 2024 19:47:07 +0000
asID: 136787
IP address blocks: 95.214.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:9a:0c:3b:0d:14:79:ea:8d:50:52:96:e7:af:29:4c:6b:9f:90:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Nov 26 19:42:07 2023 GMT
Not After : Nov 24 19:47:07 2024 GMT
Subject: CN=479FEF13BFC584F4A7EFB913D34399AED9F448E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1d:96:35:f8:14:fa:4d:bc:e9:23:d3:35:c5:
71:ed:e9:f6:8b:c3:ea:bc:c7:03:57:e7:23:6b:d3:
2b:87:f2:19:60:83:2c:82:66:4c:72:c1:c4:0c:85:
fa:71:95:f4:b4:79:66:6c:07:c9:27:e0:36:2b:49:
38:74:40:7b:e3:cb:05:97:35:fa:14:f8:06:36:c4:
ff:dc:e0:a3:11:d9:ab:6d:2e:c3:5d:73:09:f4:e8:
b6:d8:3a:d1:fe:22:a7:2c:e1:81:d0:57:88:e2:1e:
a1:04:bc:90:ee:64:07:77:97:ba:26:08:1a:22:bf:
43:55:44:e9:10:42:dc:8a:1a:88:a8:f0:d1:54:f9:
f5:40:e9:5f:28:4d:dd:64:18:c7:d8:bb:d1:fe:e6:
34:5d:53:87:ee:55:cb:49:27:1a:30:95:c6:2e:ca:
e1:d6:d3:ff:df:18:1a:17:67:67:83:c2:97:c3:33:
a8:b8:3e:66:c0:a8:38:22:fc:16:c2:0a:6a:68:e3:
cf:1b:49:89:2d:02:eb:43:91:ed:0b:c0:f2:40:68:
6e:22:08:ee:28:db:94:c6:d9:27:3e:fb:c5:10:52:
31:e1:0f:df:fa:c1:86:a2:94:97:64:eb:75:84:80:
86:9b:ed:78:1d:d8:a3:1d:bf:4d:63:76:10:ae:f0:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9F:EF:13:BF:C5:84:F4:A7:EF:B9:13:D3:43:99:AE:D9:F4:48:E8
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.218.0/24
Signature Algorithm: sha256WithRSAEncryption
15:44:7a:c4:ee:b5:99:1f:88:ad:c4:5a:60:1f:6a:30:34:b1:
e4:93:5f:de:ec:e8:03:c0:36:e0:54:79:13:c1:60:f1:7a:c1:
d8:a7:bd:7c:77:54:a2:38:ef:03:66:d4:72:60:b4:f6:0d:37:
8c:cd:73:cd:ad:4f:07:9d:73:8c:34:c9:54:67:94:0b:d6:a1:
c3:5e:49:cf:6e:af:22:3f:b4:52:fd:b7:dc:62:0c:22:cd:96:
cf:7e:22:9a:af:67:c2:c9:db:86:71:e7:f7:f6:ef:21:79:86:
9a:c3:33:b6:f4:c5:6e:08:c9:59:52:ef:03:fc:d4:8e:29:69:
fd:56:d0:9e:56:29:b5:65:2a:5e:4f:33:2a:d1:c1:b2:a6:e1:
c9:b7:83:4c:04:2c:89:d6:ba:29:52:dd:b7:47:50:4a:d8:09:
36:8b:fa:22:6b:23:e7:ca:d3:82:4a:db:fd:53:bc:54:e9:89:
f6:ce:c1:a8:e4:92:37:21:77:fb:98:a3:ec:0c:f9:96:4b:3f:
83:51:1b:1b:a8:80:e5:a3:48:38:e2:8e:c1:67:d2:8f:36:04:
97:2b:c8:37:f5:2b:2d:13:83:db:b0:25:15:ad:42:c5:68:0c:
fd:86:9c:d8:7e:e0:ed:21:db:17:7a:bf:43:f4:fa:4a:57:0e:
48:b2:40:3a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUR5oMOw0UeeqNUFKW568pTGufkDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzExMjYxOTQyMDdaFw0yNDExMjQxOTQ3MDdaMDMxMTAvBgNV
BAMTKDQ3OUZFRjEzQkZDNTg0RjRBN0VGQjkxM0QzNDM5OUFFRDlGNDQ4RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAHZY1+BT6TbzpI9M1xXHt6faL
w+q8xwNX5yNr0yuH8hlggyyCZkxywcQMhfpxlfS0eWZsB8kn4DYrSTh0QHvjywWX
NfoU+AY2xP/c4KMR2attLsNdcwn06LbYOtH+Iqcs4YHQV4jiHqEEvJDuZAd3l7om
CBoiv0NVROkQQtyKGoio8NFU+fVA6V8oTd1kGMfYu9H+5jRdU4fuVctJJxowlcYu
yuHW0//fGBoXZ2eDwpfDM6i4PmbAqDgi/BbCCmpo488bSYktAutDke0LwPJAaG4i
CO4o25TG2Sc++8UQUjHhD9/6wYailJdk63WEgIab7Xgd2KMdv01jdhCu8LVfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUR5/vE7/FhPSn77kT00OZrtn0SOgwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNTJlMzIzMTM0MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1towDQYJKoZIhvcNAQELBQADggEBABVEesTutZkfiK3EWmAfajA0seSTX97s
6APANuBUeRPBYPF6wdinvXx3VKI47wNm1HJgtPYNN4zNc82tTwedc4w0yVRnlAvW
ocNeSc9uryI/tFL9t9xiDCLNls9+IpqvZ8LJ24Zx5/f27yF5hprDM7b0xW4IyVlS
7wP81I4paf1W0J5WKbVlKl5PMyrRwbKm4cm3g0wELInWuilS3bdHUErYCTaL+iJr
I+fK04JK2/1TvFTpifbOwajkkjchd/uYo+wM+ZZLP4NRGxuogOWjSDjijsFn0o82
BJcryDf1Ky0Tg9uwJRWtQsVoDP2GnNh+4O0h2xd6v0P0+kpXDkiyQDo=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:55 2024 by rpki-client on console-ams.rpki-client.org