Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35382e302f32342d3234203d3e20323036353035.roa
File: 3134362e3234372e35382e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier: cKxBn3h9mC/Jmv4vx/BvvqI3wImOGjHyJbCKcyOl1Sc=
Subject key identifier: 42:61:11:4C:52:F9:D4:FA:D9:2F:97:0A:8A:0C:70:52:A7:0E:1E:05
Certificate issuer: /CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Certificate serial: 480B61B4C6C0D41EFF9077AD796A935822E3BA22
Authority key identifier: A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35382e302f32342d3234203d3e20323036353035.roa
Signing time: Thu 17 Oct 2024 19:43:54 +0000
ROA not before: Thu 17 Oct 2024 19:38:54 +0000
ROA not after: Thu 16 Oct 2025 19:43:54 +0000
asID: 206505
IP address blocks: 146.247.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.mft
rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:0b:61:b4:c6:c0:d4:1e:ff:90:77:ad:79:6a:93:58:22:e3:ba:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Validity
Not Before: Oct 17 19:38:54 2024 GMT
Not After : Oct 16 19:43:54 2025 GMT
Subject: CN=4261114C52F9D4FAD92F970A8A0C7052A70E1E05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:c0:fc:16:e2:65:f4:c5:f9:5e:67:b3:83:
d3:8c:22:c0:1c:6d:ba:61:19:f1:b7:af:45:6f:11:
f9:15:bc:79:79:78:c2:b1:90:c6:17:b9:5f:45:cb:
64:f6:d8:37:73:46:98:e8:cf:b4:23:0f:7a:a6:40:
1d:f5:5c:7d:2c:41:32:00:49:76:0c:5a:a4:1c:c2:
83:5a:e1:b4:4d:f1:c3:04:b8:f6:ea:65:89:e9:ed:
e3:51:47:32:4d:7b:42:29:32:5e:a8:1e:04:1d:b7:
51:a9:5a:e4:5a:32:4c:d1:3e:c2:5d:01:55:38:80:
ef:12:0d:7e:78:8f:61:19:10:69:8d:30:f6:43:50:
5a:90:9b:19:3f:a7:01:b3:6c:a4:5e:55:b1:d5:3b:
80:67:7c:b7:6e:fa:55:66:d8:8d:c8:7b:44:88:52:
a6:29:0d:aa:5a:cd:48:bf:db:01:f3:b0:44:e4:08:
37:46:1b:af:c6:56:77:42:99:5f:86:dc:44:83:b4:
e3:b6:19:58:e0:20:d0:39:9b:75:61:74:e1:c0:55:
cf:1c:5d:96:b0:06:2e:3d:67:cb:de:1b:ba:67:3e:
31:34:e4:79:56:ee:4a:72:eb:24:2e:2e:66:5e:32:
25:b7:62:6c:6d:1e:ac:96:98:61:de:ea:3b:28:24:
74:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:61:11:4C:52:F9:D4:FA:D9:2F:97:0A:8A:0C:70:52:A7:0E:1E:05
X509v3 Authority Key Identifier:
keyid:A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35382e302f32342d3234203d3e20323036353035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.58.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:81:aa:96:7c:be:33:26:59:cd:b6:b8:c6:56:72:e8:c1:b5:
6d:a3:db:58:58:71:95:b8:24:04:4c:72:5a:97:a1:9d:37:23:
a3:c7:e4:28:60:7f:0e:e5:c9:1f:86:49:e5:19:16:79:30:99:
f3:1a:8a:3e:99:62:9d:49:6d:7d:d7:b9:72:c9:49:61:e8:e9:
b4:20:46:91:0b:b9:00:0b:51:9a:74:39:ba:f3:74:02:e5:da:
91:f2:5a:16:3f:44:7a:00:1a:63:88:2c:62:04:c9:d4:e9:c6:
e2:d9:bd:0c:8a:20:a1:bc:92:bd:39:fa:44:8c:48:65:a5:66:
d8:68:d0:01:7f:ee:9a:d1:6a:16:d3:39:c1:9a:0d:ef:dc:57:
35:47:1b:26:34:92:f1:14:be:c2:b1:65:d9:bf:da:db:50:71:
f4:ce:c6:96:67:71:16:32:44:8d:06:a9:9d:51:98:c3:b8:e0:
06:74:78:53:33:83:90:01:b4:16:70:b3:3b:fd:53:e7:b6:0b:
ed:d3:ef:8b:a8:1e:b9:5d:8f:1b:0b:f6:6c:4a:ba:cc:00:6c:
7e:21:d3:d9:2b:f2:f4:50:d8:f1:8f:0c:5c:bd:73:19:df:59:
94:6c:05:2f:08:42:f7:44:d2:14:55:81:b5:26:3f:d3:69:09:
85:e3:fa:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSAthtMbA1B7/kHeteWqTWCLjuiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZjNTA5YmE0OGU1YjUwNDk0NTcyZTA1YzQ1YzU4ZTdl
MTZkODdmYjAeFw0yNDEwMTcxOTM4NTRaFw0yNTEwMTYxOTQzNTRaMDMxMTAvBgNV
BAMTKDQyNjExMTRDNTJGOUQ0RkFEOTJGOTcwQThBMEM3MDUyQTcwRTFFMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsh8D8FuJl9MX5Xmezg9OMIsAc
bbphGfG3r0VvEfkVvHl5eMKxkMYXuV9Fy2T22DdzRpjoz7QjD3qmQB31XH0sQTIA
SXYMWqQcwoNa4bRN8cMEuPbqZYnp7eNRRzJNe0IpMl6oHgQdt1GpWuRaMkzRPsJd
AVU4gO8SDX54j2EZEGmNMPZDUFqQmxk/pwGzbKReVbHVO4BnfLdu+lVm2I3Ie0SI
UqYpDapazUi/2wHzsETkCDdGG6/GVndCmV+G3ESDtOO2GVjgINA5m3VhdOHAVc8c
XZawBi49Z8veG7pnPjE05HlW7kpy6yQuLmZeMiW3YmxtHqyWmGHe6jsoJHTjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQmERTFL51PrZL5cKigxwUqcOHgUwHwYDVR0j
BBgwFoAUpsUJukjltQSUVy4FxFxY5+Fth/swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYtOTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1
NWM1LzEvQTZDNTA5QkE0OEU1QjUwNDk0NTcyRTA1QzQ1QzU4RTdFMTZEODdGQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3BzVUp1a2psdFFTVVZ5NEZ4RnhZNS1G
dGhfcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYt
OTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1NWM1LzEvMzEzNDM2MmUzMjM0MzcyZTM1
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACS9zowDQYJKoZIhvcNAQELBQADggEBALCBqpZ8vjMmWc22uMZWcujBtW2j21hY
cZW4JARMclqXoZ03I6PH5Chgfw7lyR+GSeUZFnkwmfMaij6ZYp1JbX3XuXLJSWHo
6bQgRpELuQALUZp0ObrzdALl2pHyWhY/RHoAGmOILGIEydTpxuLZvQyKIKG8kr05
+kSMSGWlZtho0AF/7prRahbTOcGaDe/cVzVHGyY0kvEUvsKxZdm/2ttQcfTOxpZn
cRYyRI0GqZ1RmMO44AZ0eFMzg5ABtBZwszv9U+e2C+3T74uoHrldjxsL9mxKuswA
bH4h09kr8vRQ2PGPDFy9cxnfWZRsBS8IQvdE0hRVgbUmP9NpCYXj+jg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org