Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EOjaa6xGr+LVEtagxeJgnfObTtV4h20rxgkampsk0VE=
Subject key identifier: 33:DD:B2:01:53:D2:3B:35:76:3B:FC:53:3A:23:D0:06:53:BA:B5:86
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 7F129D5214035F4D563448A0C2834711D6771BE9
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:15 +0000
ROA not before: Sun 27 Oct 2024 20:00:15 +0000
ROA not after: Sun 26 Oct 2025 20:05:15 +0000
asID: 136787
IP address blocks: 95.214.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:12:9d:52:14:03:5f:4d:56:34:48:a0:c2:83:47:11:d6:77:1b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Oct 27 20:00:15 2024 GMT
Not After : Oct 26 20:05:15 2025 GMT
Subject: CN=33DDB20153D23B35763BFC533A23D00653BAB586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:be:d7:37:45:66:e6:88:12:59:9e:5e:c3:
e4:58:e3:37:f0:9c:62:93:87:2c:09:c6:ab:b8:19:
fc:7c:12:a9:a2:0f:94:59:78:b9:5e:ac:a4:62:cd:
49:45:31:55:17:30:72:dc:2d:50:13:7a:23:d1:d7:
2b:3b:07:05:8e:24:b4:1e:b5:64:a5:f8:1e:c3:4f:
f7:00:78:62:85:ed:4b:6f:f0:1a:89:18:41:9e:01:
cf:d0:71:85:a5:db:ce:02:02:23:54:16:46:17:15:
13:6d:b5:a0:bd:49:08:19:5e:e0:ef:b5:e6:95:9f:
b6:85:56:2e:a3:b3:11:cc:85:cd:af:69:97:31:40:
6d:46:37:cf:7c:ac:05:87:8b:6a:f1:d5:a8:49:2c:
fe:6f:5a:77:27:21:1e:c2:dd:a9:49:43:41:d5:d4:
4d:68:16:54:e9:ab:83:4f:31:6d:4f:26:9d:60:3f:
33:50:b9:2e:1e:50:93:94:b4:85:a1:53:6f:48:07:
ca:d8:87:96:19:c9:cf:ab:44:ab:54:02:5a:8d:65:
52:6b:e5:de:12:4c:e2:17:8b:a9:c8:93:81:6e:30:
78:4d:33:d2:ec:5c:4d:19:d8:5c:58:ca:19:20:d0:
11:9b:85:91:e0:83:5f:95:67:85:c8:23:78:92:c5:
ab:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DD:B2:01:53:D2:3B:35:76:3B:FC:53:3A:23:D0:06:53:BA:B5:86
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.218.0/24
Signature Algorithm: sha256WithRSAEncryption
82:da:69:7a:43:39:de:b2:a0:37:7b:cf:22:55:0a:f4:29:00:
50:d3:a0:65:33:8b:89:1c:7f:77:f8:47:eb:f9:00:85:f1:e5:
aa:e3:97:6a:a9:f1:4a:cd:52:d1:9e:f4:4f:7d:0e:84:ff:43:
21:84:bb:64:98:37:9d:0a:a0:61:3f:a6:26:f1:0c:2e:50:7b:
9c:2f:26:2a:cb:fd:2a:7c:60:6a:13:02:9e:aa:41:5c:f5:f4:
f2:d2:bb:f2:d5:c6:41:38:30:7c:7f:89:85:60:36:72:92:69:
16:fe:97:2c:d8:41:2d:c9:ad:03:f3:73:c2:4e:c7:a8:0e:fe:
7e:b1:70:cd:8d:2f:a7:55:d1:a1:3e:18:dc:f9:40:d6:f4:67:
d8:c5:19:00:39:69:e0:c6:37:76:05:21:75:cb:e2:e1:b8:a4:
f1:0a:5e:b5:5b:6b:ac:93:b0:fb:ba:ee:9f:40:9f:06:17:ce:
b8:36:d9:23:67:5f:f1:dd:9f:9b:ed:f3:56:4c:11:af:9d:64:
c5:09:9c:e8:dc:8f:ff:12:2b:6f:df:26:40:dd:2e:ed:7a:d8:
8d:99:af:b8:13:f8:95:ca:d4:a1:48:ba:55:7f:9c:94:3a:6a:
4d:0c:bf:77:a1:79:d7:6d:af:e3:f5:5d:35:96:e7:7d:f3:bb:
ec:f9:81:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfxKdUhQDX01WNEigwoNHEdZ3G+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDEwMjcyMDAwMTVaFw0yNTEwMjYyMDA1MTVaMDMxMTAvBgNV
BAMTKDMzRERCMjAxNTNEMjNCMzU3NjNCRkM1MzNBMjNEMDA2NTNCQUI1ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFhL7XN0Vm5ogSWZ5ew+RY4zfw
nGKThywJxqu4Gfx8EqmiD5RZeLlerKRizUlFMVUXMHLcLVATeiPR1ys7BwWOJLQe
tWSl+B7DT/cAeGKF7Utv8BqJGEGeAc/QcYWl284CAiNUFkYXFRNttaC9SQgZXuDv
teaVn7aFVi6jsxHMhc2vaZcxQG1GN898rAWHi2rx1ahJLP5vWncnIR7C3alJQ0HV
1E1oFlTpq4NPMW1PJp1gPzNQuS4eUJOUtIWhU29IB8rYh5YZyc+rRKtUAlqNZVJr
5d4STOIXi6nIk4FuMHhNM9LsXE0Z2FxYyhkg0BGbhZHgg1+VZ4XII3iSxatTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM92yAVPSOzV2O/xTOiPQBlO6tYYwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNTJlMzIzMTM0MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1towDQYJKoZIhvcNAQELBQADggEBAILaaXpDOd6yoDd7zyJVCvQpAFDToGUz
i4kcf3f4R+v5AIXx5arjl2qp8UrNUtGe9E99DoT/QyGEu2SYN50KoGE/pibxDC5Q
e5wvJirL/Sp8YGoTAp6qQVz19PLSu/LVxkE4MHx/iYVgNnKSaRb+lyzYQS3JrQPz
c8JOx6gO/n6xcM2NL6dV0aE+GNz5QNb0Z9jFGQA5aeDGN3YFIXXL4uG4pPEKXrVb
a6yTsPu67p9AnwYXzrg22SNnX/Hdn5vt81ZMEa+dZMUJnOjcj/8SK2/fJkDdLu16
2I2Zr7gT+JXK1KFIulV/nJQ6ak0Mv3eheddtr+P1XTWW533zu+z5gTM=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:35 2024 by rpki-client on console-fra.rpki-client.org