Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231392e302f32342d3234203d3e20323034313730.roa
File: 39352e3231342e3231392e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: OyBwpnUm7s0ELewYXBKP+T1C3wXDcesltr06fzK0R0w=
Subject key identifier: 6E:BD:94:98:0E:88:D3:40:F3:D8:3E:6B:6C:23:6E:F8:D6:08:61:70
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 093E8B1117992B5914EB9EF5EBA65CDCB867E1FF
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231392e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:06 +0000
ROA not before: Tue 25 Jun 2024 21:42:06 +0000
ROA not after: Tue 24 Jun 2025 21:47:06 +0000
asID: 204170
IP address blocks: 95.214.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:3e:8b:11:17:99:2b:59:14:eb:9e:f5:eb:a6:5c:dc:b8:67:e1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 25 21:42:06 2024 GMT
Not After : Jun 24 21:47:06 2025 GMT
Subject: CN=6EBD94980E88D340F3D83E6B6C236EF8D6086170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c3:03:d7:a7:60:8d:5a:42:4f:de:74:a5:0e:
b8:0e:0b:2d:4e:24:aa:3a:03:02:aa:00:38:01:2e:
3e:a3:34:64:cc:64:f6:16:54:f0:4a:15:44:f1:63:
00:e6:e0:cf:11:1c:2f:9d:1d:e6:87:db:ff:fe:38:
cf:9e:04:1c:5e:56:05:0e:63:dd:54:71:42:e6:9a:
bc:42:b4:18:d6:84:be:e3:fb:ae:23:50:78:c2:50:
7b:9f:5a:00:96:d4:e4:92:97:d4:9b:5f:4f:c3:da:
78:ad:d3:c5:1d:f5:b8:57:c9:20:e7:34:4d:22:a4:
f2:e5:85:de:83:e4:9f:9d:66:c9:8a:cb:41:79:90:
75:13:a7:25:c3:c8:d5:3b:4d:f6:9b:c9:4a:10:ca:
d9:ee:21:f3:39:9d:fb:16:c9:39:81:bb:7f:9c:2f:
c5:7c:50:38:e1:2f:ff:0a:ef:97:63:41:f6:c0:65:
ac:ee:2d:e0:83:a1:8a:44:dd:da:32:f1:80:27:32:
02:65:03:0d:41:dd:51:cb:3e:19:c9:af:6d:06:a2:
22:e6:85:87:bb:c4:39:cf:6f:f1:71:86:75:8d:51:
7b:bf:44:00:a7:1c:fc:6b:e0:7a:ac:80:7f:36:21:
e5:e3:56:e2:05:78:e9:e1:23:15:c9:61:7c:24:ed:
0a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BD:94:98:0E:88:D3:40:F3:D8:3E:6B:6C:23:6E:F8:D6:08:61:70
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231392e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.219.0/24
Signature Algorithm: sha256WithRSAEncryption
60:05:b7:d0:3b:21:4e:d3:e8:ba:ba:7e:c8:42:73:66:56:53:
8b:ca:5f:23:0c:dd:3a:e2:d8:c0:3d:f8:36:35:ce:32:ce:a3:
d0:a2:92:92:7f:54:1e:94:c2:b9:50:7f:b4:53:57:94:8d:8e:
d0:ce:aa:e0:5c:de:87:d4:2f:fd:5c:29:54:38:15:50:ad:72:
a2:a8:42:11:60:cf:c3:7b:33:7d:c1:4c:2e:a5:25:52:11:18:
b7:30:b1:cc:71:6b:57:8d:ba:0f:f1:11:14:06:35:13:d9:a2:
a4:95:36:fe:a8:29:4d:66:e7:fa:a3:bf:ef:bd:af:8b:0e:ce:
bf:d3:b8:6e:95:b8:4a:c7:21:b1:62:80:d3:33:01:97:45:8b:
f6:4c:6c:4f:ee:0f:8a:1b:22:f6:59:9a:4c:7f:98:3d:12:a3:
cf:4d:ae:e3:5f:65:5c:da:06:bd:cf:b5:64:25:a1:92:ac:cb:
33:30:8f:bd:dc:d3:0f:0f:63:28:ec:78:4f:18:13:5c:66:6b:
4d:75:43:67:d4:4d:d6:72:8c:66:c6:ce:8b:34:17:76:37:af:
e8:e5:65:de:0d:99:2b:95:2d:89:ed:10:fa:12:d2:73:5f:9f:
a9:2a:6d:4e:34:cb:96:d8:56:9a:72:62:d0:f3:ca:94:51:22:
35:08:cf:51
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCT6LEReZK1kU657166Zc3Lhn4f8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA2MjUyMTQyMDZaFw0yNTA2MjQyMTQ3MDZaMDMxMTAvBgNV
BAMTKDZFQkQ5NDk4MEU4OEQzNDBGM0Q4M0U2QjZDMjM2RUY4RDYwODYxNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOwwPXp2CNWkJP3nSlDrgOCy1O
JKo6AwKqADgBLj6jNGTMZPYWVPBKFUTxYwDm4M8RHC+dHeaH2//+OM+eBBxeVgUO
Y91UcULmmrxCtBjWhL7j+64jUHjCUHufWgCW1OSSl9SbX0/D2nit08Ud9bhXySDn
NE0ipPLlhd6D5J+dZsmKy0F5kHUTpyXDyNU7TfabyUoQytnuIfM5nfsWyTmBu3+c
L8V8UDjhL/8K75djQfbAZazuLeCDoYpE3doy8YAnMgJlAw1B3VHLPhnJr20GoiLm
hYe7xDnPb/FxhnWNUXu/RACnHPxr4HqsgH82IeXjVuIFeOnhIxXJYXwk7QoHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbr2UmA6I00Dz2D5rbCNu+NYIYXAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNTJlMzIzMTM0MmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1tswDQYJKoZIhvcNAQELBQADggEBAGAFt9A7IU7T6Lq6fshCc2ZWU4vKXyMM
3Tri2MA9+DY1zjLOo9CikpJ/VB6UwrlQf7RTV5SNjtDOquBc3ofUL/1cKVQ4FVCt
cqKoQhFgz8N7M33BTC6lJVIRGLcwscxxa1eNug/xERQGNRPZoqSVNv6oKU1m5/qj
v++9r4sOzr/TuG6VuErHIbFigNMzAZdFi/ZMbE/uD4obIvZZmkx/mD0So89NruNf
ZVzaBr3PtWQloZKsyzMwj73c0w8PYyjseE8YE1xma011Q2fUTdZyjGbGzos0F3Y3
r+jlZd4NmSuVLYntEPoS0nNfn6kqbU40y5bYVppyYtDzypRRIjUIz1E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org