Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
File: 3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa (raw, json)
Hash identifier: sHVggPmJB8U/ZiheXJo6xOdwgsTz0Po5WPmeN1wcuYc=
Subject key identifier: EF:63:49:AA:1F:79:9F:2F:63:28:AF:BE:68:C7:A1:61:F7:A4:D3:D6
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2A3853146F1F6D7FB6C08E06A94265039AE1C7D1
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
Signing time: Mon 16 Oct 2023 10:25:56 +0000
ROA not before: Mon 16 Oct 2023 10:20:56 +0000
ROA not after: Mon 14 Oct 2024 10:25:56 +0000
asID: 216159
IP address blocks: 130.193.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:38:53:14:6f:1f:6d:7f:b6:c0:8e:06:a9:42:65:03:9a:e1:c7:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Oct 16 10:20:56 2023 GMT
Not After : Oct 14 10:25:56 2024 GMT
Subject: CN=EF6349AA1F799F2F6328AFBE68C7A161F7A4D3D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:c4:92:f3:36:76:a1:36:cc:c2:b4:c3:1a:
2a:7f:c0:cf:c9:c6:7b:8c:c0:80:21:c2:ec:a6:97:
47:bb:2f:7a:c1:3b:92:43:fe:76:c4:2b:53:e7:2b:
4d:39:45:d4:9e:89:1c:d8:cb:53:7d:75:04:64:c8:
58:df:0b:ae:5a:9e:96:ae:47:ca:1f:10:95:f9:6b:
7c:5c:30:2f:f7:fe:c3:fe:38:b9:10:08:a4:e3:fe:
24:46:84:a1:f0:41:46:33:40:14:26:77:e6:2a:a1:
f2:d8:4c:59:3a:78:d8:da:ac:52:e1:d0:cd:8c:8f:
ee:34:70:a3:76:9e:99:1a:86:a4:71:c1:72:ee:5f:
43:79:2b:97:31:c0:e5:0a:a7:6a:0d:7f:e7:d1:20:
fb:72:59:4c:f4:73:22:58:85:97:1a:16:e6:cd:65:
56:dc:fd:82:66:ed:46:10:40:a8:b2:f7:3c:d3:75:
f6:ff:9c:99:ec:9b:57:97:98:50:af:0f:27:28:f1:
f0:0a:27:94:83:67:21:21:c1:68:43:f6:33:99:33:
ab:e8:a9:87:03:55:2b:d9:a7:09:15:89:1e:8e:53:
5b:a7:a4:19:a6:94:9c:f7:c2:48:5a:8c:bf:a8:cb:
ba:61:69:dd:47:03:da:de:5e:89:8b:56:58:20:cf:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:63:49:AA:1F:79:9F:2F:63:28:AF:BE:68:C7:A1:61:F7:A4:D3:D6
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.75.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ee:77:b3:8a:34:4f:fa:2c:9a:cd:22:45:c2:91:67:da:8c:
5f:60:9b:79:27:c5:ea:d3:83:c6:a3:50:5d:9b:f6:6e:1a:17:
ec:aa:4f:e1:78:1e:ac:8c:0f:e3:e1:f4:6c:9a:c6:29:5d:c3:
e6:c1:9e:c1:f7:5e:c6:00:06:84:69:7b:13:7f:97:ec:72:5a:
0c:87:9e:a0:1a:6c:5d:de:8b:8a:ec:fb:a5:66:08:7d:e7:b5:
77:0d:e1:44:95:1f:fb:4c:04:e7:f0:8a:db:1a:73:7f:5b:0d:
70:06:2e:48:03:97:67:0d:a2:f6:97:31:b4:16:a8:94:03:cf:
58:71:e8:d6:6f:34:3e:15:b2:f8:73:a7:45:f7:e0:be:ad:2c:
bc:e7:1a:e2:8a:a2:93:c3:a7:29:84:87:55:90:6f:8d:53:19:
15:84:a3:79:ed:b2:5e:f6:9e:9d:5e:76:8f:1c:68:33:66:15:
58:7e:0a:4f:50:c0:59:6e:c6:97:db:83:27:bc:b8:c3:f9:78:
f9:66:ef:88:89:dd:5c:43:1a:1e:47:4a:7a:cf:25:bd:f4:b2:
f9:88:30:25:81:4c:e0:5e:96:f7:09:4b:50:ee:74:b9:58:9d:
e0:b8:87:1b:f3:88:1f:3c:11:52:c0:e6:52:1a:28:e7:55:94:
0f:b6:18:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKjhTFG8fbX+2wI4GqUJlA5rhx9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzEwMTYxMDIwNTZaFw0yNDEwMTQxMDI1NTZaMDMxMTAvBgNV
BAMTKEVGNjM0OUFBMUY3OTlGMkY2MzI4QUZCRTY4QzdBMTYxRjdBNEQzRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg9cSS8zZ2oTbMwrTDGip/wM/J
xnuMwIAhwuyml0e7L3rBO5JD/nbEK1PnK005RdSeiRzYy1N9dQRkyFjfC65anpau
R8ofEJX5a3xcMC/3/sP+OLkQCKTj/iRGhKHwQUYzQBQmd+YqofLYTFk6eNjarFLh
0M2Mj+40cKN2npkahqRxwXLuX0N5K5cxwOUKp2oNf+fRIPtyWUz0cyJYhZcaFubN
ZVbc/YJm7UYQQKiy9zzTdfb/nJnsm1eXmFCvDyco8fAKJ5SDZyEhwWhD9jOZM6vo
qYcDVSvZpwkViR6OU1unpBmmlJz3wkhajL+oy7phad1HA9reXomLVlggz4HPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU72NJqh95ny9jKK++aMehYfek09YwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzMzMwMmUzMTM5MzMyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACCwUswDQYJKoZIhvcNAQELBQADggEBAF3ud7OKNE/6LJrNIkXCkWfajF9gm3kn
xerTg8ajUF2b9m4aF+yqT+F4HqyMD+Ph9Gyaxildw+bBnsH3XsYABoRpexN/l+xy
WgyHnqAabF3ei4rs+6VmCH3ntXcN4USVH/tMBOfwitsac39bDXAGLkgDl2cNovaX
MbQWqJQDz1hx6NZvND4Vsvhzp0X34L6tLLznGuKKopPDpymEh1WQb41TGRWEo3nt
sl72np1edo8caDNmFVh+Ck9QwFluxpfbgye8uMP5ePlm74iJ3VxDGh5HSnrPJb30
svmIMCWBTOBelvcJS1DudLlYneC4hxvziB88EVLA5lIaKOdVlA+2GNg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:56:00 2024 by rpki-client on console-fra.rpki-client.org