Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e352e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: lafLru48CeWCEZMOImM0brEGYY9kQdLjb3UEGF6esNE=
Subject key identifier: 17:B0:5D:8D:12:CE:E4:22:E7:8B:C5:0C:FB:ED:F2:83:98:9F:66:26
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 22A1C1ED541DBBD7197EEC666034996D4690ECB6
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e352e302f32342d3234203d3e20383334.roa
Signing time: Tue 23 Jan 2024 06:21:09 +0000
ROA not before: Tue 23 Jan 2024 06:16:09 +0000
ROA not after: Tue 21 Jan 2025 06:21:09 +0000
asID: 834
IP address blocks: 159.253.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:a1:c1:ed:54:1d:bb:d7:19:7e:ec:66:60:34:99:6d:46:90:ec:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Jan 23 06:16:09 2024 GMT
Not After : Jan 21 06:21:09 2025 GMT
Subject: CN=17B05D8D12CEE422E78BC50CFBEDF283989F6626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:f4:1e:04:5c:d4:ff:be:25:39:42:13:47:e7:
c2:a5:47:4c:1f:72:4f:8c:a1:31:bb:1f:9b:84:c1:
26:be:5c:39:bc:38:d7:61:70:3f:0b:a8:f8:92:bd:
76:2b:66:ae:dd:14:3a:f2:37:88:c1:89:ac:ee:87:
1d:9c:8a:63:46:e6:ad:42:1c:95:a5:26:d7:17:0b:
55:fd:5f:fe:a0:77:2b:66:53:d0:87:2a:0f:84:10:
d5:a3:dc:02:91:1f:d8:20:e2:fa:a5:b8:9f:bd:c3:
ad:8f:43:b6:64:c9:01:a2:2a:86:f3:6f:f4:a2:1a:
f1:1b:25:74:47:b6:f9:59:b5:a5:66:bb:ca:db:8b:
79:fb:a8:8d:4e:fb:84:2e:cd:0d:fa:08:6f:c2:2b:
01:cf:d6:6b:ea:94:ca:6c:4c:ad:ef:f2:1e:f8:c5:
36:04:2c:34:74:28:66:71:2c:c1:2b:eb:22:cc:65:
dc:45:7e:1a:1a:c9:38:ea:8b:b0:cd:b4:be:9b:fd:
6b:92:b0:d3:8d:ff:05:98:ff:90:86:7b:9d:d0:e1:
40:2f:03:1b:0b:cb:8c:32:ce:f4:3c:34:fb:65:fb:
51:5b:9a:33:43:12:f5:39:e7:a3:3c:44:9a:de:5d:
8f:64:6c:c7:9e:de:a2:5d:73:21:5e:3b:8d:30:2b:
58:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:5D:8D:12:CE:E4:22:E7:8B:C5:0C:FB:ED:F2:83:98:9F:66:26
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.5.0/24
Signature Algorithm: sha256WithRSAEncryption
09:41:84:2f:3c:0c:70:28:b2:97:d7:8d:a2:71:64:89:aa:86:
a9:20:dc:cc:8b:26:77:e9:b4:5a:14:7a:84:13:c2:21:74:4c:
a8:a9:e2:02:b3:f5:0f:dc:d7:b6:1d:35:2a:37:5f:fb:ca:1f:
7e:4b:41:a8:f3:fd:ea:78:42:ad:b2:eb:73:d4:27:cb:dd:81:
38:36:17:f7:0d:51:13:0f:60:43:86:3c:1c:51:e4:95:73:5b:
79:60:f7:11:eb:8d:57:a7:ec:44:82:e0:09:84:18:d1:90:79:
f0:61:f6:dc:72:1d:28:9a:a7:39:f5:46:97:9c:22:30:8e:77:
f5:53:65:3e:03:98:48:25:33:ae:80:34:90:05:9f:89:85:b2:
b6:58:2f:ca:37:c7:4d:f1:64:b4:45:63:cf:7a:78:be:33:8d:
0e:09:ad:b5:0e:e6:3b:c6:bb:90:f0:45:da:55:20:4d:7f:46:
aa:df:66:01:55:a6:58:3e:e1:7b:d9:92:dd:1f:69:c5:45:2f:
1d:95:30:1e:1e:56:a2:89:2f:f8:dc:8c:64:21:e5:e9:65:b8:
79:7a:42:19:4a:2f:c3:58:f5:07:f5:84:2e:9a:fe:4e:9f:2b:
66:98:b5:25:76:9b:6f:1a:3f:9c:5f:41:d2:aa:08:a2:21:34:
a1:6a:5c:5b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIqHB7VQdu9cZfuxmYDSZbUaQ7LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDAxMjMwNjE2MDlaFw0yNTAxMjEwNjIxMDlaMDMxMTAvBgNV
BAMTKDE3QjA1RDhEMTJDRUU0MjJFNzhCQzUwQ0ZCRURGMjgzOTg5RjY2MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo9B4EXNT/viU5QhNH58KlR0wf
ck+MoTG7H5uEwSa+XDm8ONdhcD8LqPiSvXYrZq7dFDryN4jBiazuhx2cimNG5q1C
HJWlJtcXC1X9X/6gdytmU9CHKg+EENWj3AKRH9gg4vqluJ+9w62PQ7ZkyQGiKobz
b/SiGvEbJXRHtvlZtaVmu8rbi3n7qI1O+4QuzQ36CG/CKwHP1mvqlMpsTK3v8h74
xTYELDR0KGZxLMEr6yLMZdxFfhoayTjqi7DNtL6b/WuSsNON/wWY/5CGe53Q4UAv
AxsLy4wyzvQ8NPtl+1FbmjNDEvU556M8RJreXY9kbMee3qJdcyFeO40wK1gLAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUF7BdjRLO5CLni8UM++3yg5ifZiYwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0FMA0G
CSqGSIb3DQEBCwUAA4IBAQAJQYQvPAxwKLKX142icWSJqoapINzMiyZ36bRaFHqE
E8IhdEyoqeICs/UP3Ne2HTUqN1/7yh9+S0Go8/3qeEKtsutz1CfL3YE4Nhf3DVET
D2BDhjwcUeSVc1t5YPcR641Xp+xEguAJhBjRkHnwYfbcch0omqc59UaXnCIwjnf1
U2U+A5hIJTOugDSQBZ+JhbK2WC/KN8dN8WS0RWPPeni+M40OCa21DuY7xruQ8EXa
VSBNf0aq32YBVaZYPuF72ZLdH2nFRS8dlTAeHlaiiS/43IxkIeXpZbh5ekIZSi/D
WPUH9YQumv5OnytmmLUldptvGj+cX0HSqgiiITShalxb
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:37 2024 by rpki-client on console-fra.rpki-client.org