Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313532363732.roa
File: 3134362e31392e3136372e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: PSvZ/anbcmxBXOGenvyIpDVTGCYRm/N6G0r8w/lsBk0=
Subject key identifier: D9:CF:47:C8:47:3C:A9:D1:B8:8E:54:2B:69:67:94:18:6D:76:12:E9
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2CE2D6E73B02614B9F9F1CEA3DD1705CA95FF7E9
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313532363732.roa
Signing time: Thu 09 May 2024 00:04:05 +0000
ROA not before: Wed 08 May 2024 23:59:05 +0000
ROA not after: Thu 08 May 2025 00:04:05 +0000
asID: 152672
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e2:d6:e7:3b:02:61:4b:9f:9f:1c:ea:3d:d1:70:5c:a9:5f:f7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 8 23:59:05 2024 GMT
Not After : May 8 00:04:05 2025 GMT
Subject: CN=D9CF47C8473CA9D1B88E542B696794186D7612E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:bf:37:58:c3:aa:51:48:79:90:c7:a3:a1:
cf:3c:f9:1c:43:06:cd:83:02:d0:21:f2:e0:93:2e:
42:97:c5:5a:87:a4:32:f3:36:fb:51:9d:eb:52:1b:
da:76:c2:17:12:58:27:3f:17:f9:c1:9c:b1:bb:97:
9b:f8:c9:7d:26:58:69:3d:97:f6:1d:41:7f:bd:6c:
ae:c9:66:e2:c6:8a:5f:f9:4b:dd:d9:51:86:c1:ea:
f3:7c:1a:c2:f5:9d:62:e8:1e:c9:cd:78:d8:d1:2b:
50:8c:bd:0a:74:b8:56:a9:21:00:1e:40:6f:51:da:
5d:40:b1:fc:e3:c6:05:c3:b5:a6:04:ed:ad:d2:59:
9b:a3:ca:73:f4:17:f2:03:24:fa:d3:c2:1c:b8:b3:
81:e8:e5:4d:f0:99:53:b2:d5:64:53:0a:be:77:44:
8f:d3:b7:99:92:2b:21:08:82:f1:de:45:ed:c1:d5:
82:83:93:77:08:c3:cb:7c:86:14:fc:25:56:fb:e1:
8f:f8:86:1f:fd:80:65:29:4d:b5:fa:01:d0:1d:30:
ec:c3:f3:be:95:fd:ce:32:a6:b5:2f:67:ff:94:6d:
17:04:16:fa:1c:89:76:49:61:be:96:26:97:04:84:
f5:d1:68:1f:bd:96:e8:a7:6f:14:ab:b4:07:d6:b7:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CF:47:C8:47:3C:A9:D1:B8:8E:54:2B:69:67:94:18:6D:76:12:E9
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
04:94:1e:ff:ae:3d:36:ab:94:67:b1:38:3b:72:c6:d8:ce:71:
2d:73:70:93:55:eb:e6:db:e4:0b:dd:81:17:af:ab:d7:56:47:
58:57:07:19:92:f9:db:f2:ab:b9:38:38:66:7d:93:d4:36:7d:
88:14:19:fe:7a:87:3c:af:ec:2b:f0:89:0e:d7:0e:f4:3d:a5:
bf:44:7a:cb:6f:3c:6d:3b:06:55:7d:8d:ee:8d:cb:40:b8:17:
dd:d0:cb:03:39:df:45:41:24:3b:00:2a:1a:bd:a2:dc:7c:9a:
d9:2a:44:5a:32:75:5c:28:f6:e0:dc:d5:13:c5:83:78:e1:97:
ce:bc:13:dd:04:90:01:02:02:a6:4c:e1:0a:dc:86:7d:7e:14:
33:e1:8f:b0:89:fa:69:0e:88:a0:01:cf:cf:5c:15:20:cd:36:
f0:44:ec:dc:50:3f:3d:69:ea:ab:b2:c1:24:10:b7:dd:d0:df:
76:22:7b:63:03:de:40:1b:58:78:08:9c:81:3f:06:5b:33:af:
b8:ea:4d:ab:c8:0e:7e:23:36:a6:55:8e:35:88:99:98:fd:69:
5b:e7:2e:f2:35:ec:be:9a:a0:6f:8d:45:af:75:5f:9e:91:d4:
44:02:69:7a:a8:55:a1:78:9f:66:22:92:9c:17:d5:09:f7:d7:
ed:db:f7:14
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULOLW5zsCYUufnxzqPdFwXKlf9+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA1MDgyMzU5MDVaFw0yNTA1MDgwMDA0MDVaMDMxMTAvBgNV
BAMTKEQ5Q0Y0N0M4NDczQ0E5RDFCODhFNTQyQjY5Njc5NDE4NkQ3NjEyRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0NL83WMOqUUh5kMejoc88+RxD
Bs2DAtAh8uCTLkKXxVqHpDLzNvtRnetSG9p2whcSWCc/F/nBnLG7l5v4yX0mWGk9
l/YdQX+9bK7JZuLGil/5S93ZUYbB6vN8GsL1nWLoHsnNeNjRK1CMvQp0uFapIQAe
QG9R2l1AsfzjxgXDtaYE7a3SWZujynP0F/IDJPrTwhy4s4Ho5U3wmVOy1WRTCr53
RI/Tt5mSKyEIgvHeRe3B1YKDk3cIw8t8hhT8JVb74Y/4hh/9gGUpTbX6AdAdMOzD
876V/c4yprUvZ/+UbRcEFvociXZJYb6WJpcEhPXRaB+9luinbxSrtAfWt4RfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2c9HyEc8qdG4jlQraWeUGG12EukwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzIzNjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE6cwDQYJKoZIhvcNAQELBQADggEBAASUHv+uPTarlGexODtyxtjOcS1zcJNV
6+bb5AvdgRevq9dWR1hXBxmS+dvyq7k4OGZ9k9Q2fYgUGf56hzyv7CvwiQ7XDvQ9
pb9EestvPG07BlV9je6Ny0C4F93QywM530VBJDsAKhq9otx8mtkqRFoydVwo9uDc
1RPFg3jhl868E90EkAECAqZM4Qrchn1+FDPhj7CJ+mkOiKABz89cFSDNNvBE7NxQ
Pz1p6quywSQQt93Q33Yie2MD3kAbWHgInIE/Blszr7jqTavIDn4jNqZVjjWImZj9
aVvnLvI17L6aoG+NRa91X56R1EQCaXqoVaF4n2YikpwX1Qn31+3b9xQ=
-----END CERTIFICATE-----
Generated at Mon May 20 08:32:54 2024 by rpki-client on console-fra.rpki-client.org