Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
File: 3135392e3235332e302e302f32342d3234203d3e20323036323831.roa (raw, json)
Hash identifier: O9DkXZ3QfwXJxA/fDSeWMv1TDtqw/shezqgDfWDIcPU=
Subject key identifier: 10:14:E8:18:3C:42:92:8C:4C:FC:A7:B6:34:51:4C:99:8B:F8:A3:49
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: A581FC44D318218C0A940255F6688BFAE14CC6
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
Signing time: Tue 23 Jan 2024 06:20:28 +0000
ROA not before: Tue 23 Jan 2024 06:15:28 +0000
ROA not after: Tue 21 Jan 2025 06:20:28 +0000
asID: 206281
IP address blocks: 159.253.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a5:81:fc:44:d3:18:21:8c:0a:94:02:55:f6:68:8b:fa:e1:4c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Jan 23 06:15:28 2024 GMT
Not After : Jan 21 06:20:28 2025 GMT
Subject: CN=1014E8183C42928C4CFCA7B634514C998BF8A349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ec:59:78:cb:2f:75:77:3f:3c:4c:f8:d2:8b:
46:ae:8b:85:72:fc:4f:06:49:e6:b2:fa:c7:24:63:
0f:3e:fe:48:6e:b4:9b:19:be:fd:12:06:68:a9:e2:
8e:e6:a0:ba:be:38:4a:f0:ee:48:bf:ea:80:d6:f4:
ad:3f:09:4a:86:9e:99:94:32:0f:82:3b:ea:eb:b8:
92:ae:29:4c:c6:c9:97:3d:d8:32:d0:f8:6d:35:36:
e5:b8:b4:34:9c:b6:1e:a2:ca:52:a3:3a:1c:73:69:
9f:19:a9:b2:4f:c6:10:1c:14:91:34:aa:83:69:6e:
75:db:bf:9e:42:c6:85:58:8b:d9:ca:0b:f6:61:15:
58:9c:3d:f6:79:7b:9d:49:13:5f:63:14:0f:3d:55:
d6:f5:4b:46:e3:ae:8a:a1:36:17:22:da:b0:75:a3:
b3:a0:04:c3:a5:ad:72:0d:37:ac:10:0a:95:c4:0e:
9c:99:93:d6:a5:73:46:ba:4a:c2:6e:fb:da:17:36:
9b:8e:de:e6:28:b2:f4:6d:be:5d:cf:7e:4f:92:21:
05:1e:8f:b0:d2:8a:33:5a:27:29:20:86:6c:34:51:
74:7e:3a:e6:11:54:9a:e2:80:05:81:34:39:51:5a:
59:b1:9f:08:ad:92:c3:1b:e1:ff:fd:21:39:fc:2a:
b1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:14:E8:18:3C:42:92:8C:4C:FC:A7:B6:34:51:4C:99:8B:F8:A3:49
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.0.0/24
Signature Algorithm: sha256WithRSAEncryption
48:24:97:5c:b3:f5:ba:a3:43:58:fa:29:60:ac:28:a5:95:69:
dc:84:56:f3:70:ee:0c:cd:81:58:ec:9d:fa:e4:eb:64:7c:15:
9a:65:9f:78:b1:6c:cb:9e:77:bd:a4:5f:f4:b3:e6:65:35:59:
45:97:0a:cd:a5:8f:f4:f3:2b:72:73:82:4f:79:82:ba:d9:b5:
bd:7f:90:88:d2:a3:7c:01:62:bc:6e:cf:f9:cf:68:6d:aa:9a:
3b:62:06:6e:c5:d7:33:4c:4c:b5:2b:d9:0a:18:82:01:59:ac:
23:ef:9a:17:51:b1:13:9b:46:72:fd:bb:ad:5f:22:09:2e:cb:
30:4d:7a:e0:ef:16:54:fe:f9:8b:69:83:31:06:0e:50:6e:5f:
15:75:83:c4:a9:ff:9e:6e:cc:c8:74:be:9d:ec:43:a5:8e:68:
b9:9c:69:00:3a:81:ae:c8:cf:4c:30:a9:58:b4:a5:ed:ac:e8:
35:12:dc:17:2f:78:a8:49:84:a9:83:46:59:99:67:85:4b:09:
df:99:7a:1b:e3:02:1d:f7:5f:c7:be:78:84:d4:23:91:cc:34:
8a:2a:dc:42:58:00:1f:01:80:82:bf:b3:b4:d8:08:39:4f:88:
1d:ed:84:43:89:35:f8:ab:74:e9:c5:8f:8e:65:8a:fe:4b:b4:
3d:c5:cb:c3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAKWB/ETTGCGMCpQCVfZoi/rhTMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDAxMjMwNjE1MjhaFw0yNTAxMjEwNjIwMjhaMDMxMTAvBgNV
BAMTKDEwMTRFODE4M0M0MjkyOEM0Q0ZDQTdCNjM0NTE0Qzk5OEJGOEEzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG7Fl4yy91dz88TPjSi0aui4Vy
/E8GSeay+sckYw8+/khutJsZvv0SBmip4o7moLq+OErw7ki/6oDW9K0/CUqGnpmU
Mg+CO+rruJKuKUzGyZc92DLQ+G01NuW4tDScth6iylKjOhxzaZ8ZqbJPxhAcFJE0
qoNpbnXbv55CxoVYi9nKC/ZhFVicPfZ5e51JE19jFA89Vdb1S0bjroqhNhci2rB1
o7OgBMOlrXINN6wQCpXEDpyZk9alc0a6SsJu+9oXNpuO3uYosvRtvl3Pfk+SIQUe
j7DSijNaJykghmw0UXR+OuYRVJrigAWBNDlRWlmxnwitksMb4f/9ITn8KrFFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEBToGDxCkoxM/Ke2NFFMmYv4o0kwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0AMA0GCSqGSIb3DQEBCwUAA4IBAQBIJJdcs/W6o0NY+ilgrCillWnchFbzcO4M
zYFY7J365OtkfBWaZZ94sWzLnne9pF/0s+ZlNVlFlwrNpY/08ytyc4JPeYK62bW9
f5CI0qN8AWK8bs/5z2htqpo7YgZuxdczTEy1K9kKGIIBWawj75oXUbETm0Zy/but
XyIJLsswTXrg7xZU/vmLaYMxBg5Qbl8VdYPEqf+ebszIdL6d7EOljmi5nGkAOoGu
yM9MMKlYtKXtrOg1EtwXL3ioSYSpg0ZZmWeFSwnfmXob4wId91/HvniE1CORzDSK
KtxCWAAfAYCCv7O02Ag5T4gd7YRDiTX4q3TpxY+OZYr+S7Q9xcvD
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:28:07 2024 by rpki-client on console-ams.rpki-client.org