Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ArNZnMXmK73jEmnf66XCu8Od2sXO9yHCA//Rw+/sNEE=
Subject key identifier: F5:97:7F:16:8F:A0:C8:75:A0:2B:80:E7:FA:62:3D:F1:39:48:80:3E
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 289281D30D21CA69C78A75408B6C9471F4A7C09F
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20383334.roa
Signing time: Tue 23 Jan 2024 06:20:38 +0000
ROA not before: Tue 23 Jan 2024 06:15:38 +0000
ROA not after: Tue 21 Jan 2025 06:20:38 +0000
asID: 834
IP address blocks: 159.253.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:92:81:d3:0d:21:ca:69:c7:8a:75:40:8b:6c:94:71:f4:a7:c0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Jan 23 06:15:38 2024 GMT
Not After : Jan 21 06:20:38 2025 GMT
Subject: CN=F5977F168FA0C875A02B80E7FA623DF13948803E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ec:f3:64:25:5d:2e:a8:05:11:8e:b7:23:2b:
86:53:7c:5a:58:50:8f:bd:aa:e4:9c:a2:98:67:ff:
d7:2c:ab:ef:d2:50:cd:f2:a7:f9:de:19:d1:93:9f:
46:a1:97:dd:d6:1e:b0:63:ae:b6:af:db:e7:e4:3d:
2b:47:19:67:25:69:7a:1c:fb:f5:af:6f:11:eb:6b:
11:20:b7:7a:53:c8:66:4d:bc:b1:3b:e8:7d:43:e7:
f9:53:a1:fc:0b:f2:ec:94:8a:88:6f:99:41:6f:77:
05:71:07:ac:c5:98:97:35:e0:ad:7a:2a:6e:6c:73:
db:40:fa:26:73:d2:e6:a2:4f:a5:56:50:21:f5:b6:
db:eb:92:df:81:4d:87:3f:b4:d9:56:83:32:43:c0:
c7:02:ed:ba:78:e1:19:22:07:09:a0:02:7f:6f:ef:
48:7d:b2:02:d0:77:80:59:d2:2b:66:2f:2d:54:de:
00:37:57:fe:a1:a0:48:77:3b:17:aa:35:91:67:5d:
3f:bd:79:be:cd:0c:d7:82:96:08:f3:70:ce:b7:43:
54:74:62:c6:5c:ec:fa:fd:32:60:4c:bd:ee:5f:bf:
f3:90:1c:21:77:07:e8:e9:93:e0:69:88:a5:10:0f:
e3:71:fe:65:cc:ba:55:38:ae:82:e4:2b:66:f6:e1:
e0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:97:7F:16:8F:A0:C8:75:A0:2B:80:E7:FA:62:3D:F1:39:48:80:3E
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ba:55:07:ce:01:7d:93:9e:92:1f:26:c3:0a:49:63:34:09:
4e:ba:74:46:ac:14:3c:4b:c0:eb:04:8c:11:ba:29:8f:f9:9e:
c4:73:2c:08:a0:f1:6c:52:e8:0d:88:5c:fa:a6:3c:b9:74:44:
24:e8:b4:53:89:ea:40:fb:56:08:2d:87:52:95:b2:e8:3f:d8:
91:d4:da:9c:50:58:b3:54:c1:6b:60:db:d5:a6:fc:37:b4:3f:
49:70:58:de:89:fc:1a:e7:55:36:c4:35:83:42:3c:be:96:67:
7c:c1:9f:5a:ca:72:ad:ce:09:ea:2f:58:49:dd:0a:55:74:a7:
dc:0e:82:6c:0d:d1:d8:cf:34:7a:ec:28:86:03:21:d8:e8:c4:
97:56:05:e9:3b:ed:b4:5c:48:b1:d5:85:46:1a:22:9a:70:c2:
8a:11:81:fd:08:97:e5:22:58:1c:95:b5:ca:00:20:f9:48:51:
ad:ca:36:1f:be:20:0e:39:30:67:97:bc:69:85:ba:80:4d:81:
f1:e0:9e:e2:43:8d:ee:b9:44:a6:c0:58:2e:fc:ee:53:56:c8:
f5:af:2f:84:a4:03:92:89:c6:cd:32:ec:13:1d:55:4d:15:09:
3c:28:10:e3:c6:3e:3f:0a:42:73:41:ec:22:19:c6:eb:43:42:
32:fe:c3:63
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUKJKB0w0hymnHinVAi2yUcfSnwJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDAxMjMwNjE1MzhaFw0yNTAxMjEwNjIwMzhaMDMxMTAvBgNV
BAMTKEY1OTc3RjE2OEZBMEM4NzVBMDJCODBFN0ZBNjIzREYxMzk0ODgwM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC87PNkJV0uqAURjrcjK4ZTfFpY
UI+9quScophn/9csq+/SUM3yp/neGdGTn0ahl93WHrBjrrav2+fkPStHGWclaXoc
+/WvbxHraxEgt3pTyGZNvLE76H1D5/lTofwL8uyUiohvmUFvdwVxB6zFmJc14K16
Km5sc9tA+iZz0uaiT6VWUCH1ttvrkt+BTYc/tNlWgzJDwMcC7bp44RkiBwmgAn9v
70h9sgLQd4BZ0itmLy1U3gA3V/6hoEh3OxeqNZFnXT+9eb7NDNeClgjzcM63Q1R0
YsZc7Pr9MmBMve5fv/OQHCF3B+jpk+BpiKUQD+Nx/mXMulU4roLkK2b24eChAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU9Zd/Fo+gyHWgK4Dn+mI98TlIgD4wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0CMA0G
CSqGSIb3DQEBCwUAA4IBAQCRulUHzgF9k56SHybDCkljNAlOunRGrBQ8S8DrBIwR
uimP+Z7EcywIoPFsUugNiFz6pjy5dEQk6LRTiepA+1YILYdSlbLoP9iR1NqcUFiz
VMFrYNvVpvw3tD9JcFjeifwa51U2xDWDQjy+lmd8wZ9aynKtzgnqL1hJ3QpVdKfc
DoJsDdHYzzR67CiGAyHY6MSXVgXpO+20XEix1YVGGiKacMKKEYH9CJflIlgclbXK
ACD5SFGtyjYfviAOOTBnl7xphbqATYHx4J7iQ43uuUSmwFgu/O5TVsj1ry+EpAOS
icbNMuwTHVVNFQk8KBDjxj4/CkJzQewiGcbrQ0Iy/sNj
-----END CERTIFICATE-----
Generated at Thu May 2 16:20:46 2024 by rpki-client on console-ams.rpki-client.org