Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa
File: 3134362e3234372e35392e302f32342d3234203d3e203234383531.roa (raw, json)
Hash identifier: cISB3c/lX6ECxkwGaCM313qUlrkmfGXNHg9Sn5Duu/E=
Subject key identifier: 22:E7:4F:A3:99:34:85:A5:98:4E:89:E3:46:C6:37:B4:F8:69:E5:A2
Certificate issuer: /CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Certificate serial: 557AF18F8896B91B26ED0F269853E2647FC8AF00
Authority key identifier: A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa
Signing time: Mon 25 Nov 2024 12:43:28 +0000
ROA not before: Mon 25 Nov 2024 12:38:28 +0000
ROA not after: Mon 24 Nov 2025 12:43:28 +0000
asID: 24851
IP address blocks: 146.247.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.mft
rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7a:f1:8f:88:96:b9:1b:26:ed:0f:26:98:53:e2:64:7f:c8:af:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Validity
Not Before: Nov 25 12:38:28 2024 GMT
Not After : Nov 24 12:43:28 2025 GMT
Subject: CN=22E74FA3993485A5984E89E346C637B4F869E5A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b2:2d:3c:de:72:5c:37:40:a7:92:b8:9f:5d:
1c:83:d3:14:6e:ee:d9:c8:f9:36:b6:58:3c:0f:ef:
21:d0:95:24:ac:70:23:af:2b:8a:06:b7:fb:42:8d:
46:64:d9:5e:eb:d3:73:9c:0b:62:42:36:3d:63:c0:
96:c5:b3:cc:70:b7:e2:09:0d:d0:b1:8d:52:d5:b7:
54:df:df:61:e0:58:ed:ea:24:a9:8f:b7:c8:e1:03:
39:29:1d:f7:3a:c9:af:f1:79:b1:4f:e7:22:b6:10:
bc:d2:b7:f0:b5:6e:c6:7f:05:30:c0:3d:34:14:d0:
88:f1:bc:ba:98:82:f5:cd:bc:66:eb:9c:41:41:d9:
f2:2f:a3:aa:5a:a7:bf:78:cd:5d:3f:89:39:09:c6:
c8:73:d2:8f:94:d0:d7:2c:b1:8f:55:7b:4d:cb:5a:
b0:a4:98:90:ae:12:b9:67:40:6a:a6:6c:b5:80:7f:
e6:96:af:7e:37:d1:f0:b9:1c:d2:25:14:0f:30:aa:
e8:b9:e6:b6:41:11:12:d7:31:fc:b0:95:b3:31:66:
c2:ee:fb:4b:fe:b0:78:5f:00:64:73:da:e5:e1:a2:
51:06:a4:c0:b1:20:b7:2b:50:20:b2:35:25:3d:92:
88:a5:69:0a:cf:68:6b:c0:31:a3:90:18:61:a6:14:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E7:4F:A3:99:34:85:A5:98:4E:89:E3:46:C6:37:B4:F8:69:E5:A2
X509v3 Authority Key Identifier:
keyid:A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2c:8a:31:69:7f:df:89:d9:4b:d8:53:59:df:9b:16:2d:b1:
74:5d:60:29:d0:19:0a:1a:56:54:02:5b:61:5f:ca:00:06:c8:
94:44:89:be:9d:57:a3:68:14:1f:c5:5d:6c:37:81:dd:64:12:
fe:d0:3e:cd:08:80:a3:91:52:d8:47:38:ab:b1:5d:88:9d:7a:
e0:13:47:bc:20:2a:ec:f3:69:27:da:92:96:20:11:51:8c:8a:
f9:c6:0c:83:34:12:d1:dd:12:29:12:34:bf:1f:e6:69:8e:f3:
4a:4b:af:96:99:dd:e2:e7:8c:38:f1:6f:30:f8:1e:d9:59:c3:
fe:35:3e:2c:00:97:45:f3:a0:8e:a1:1a:1b:2a:b3:97:41:a5:
6c:05:ad:db:8d:da:e7:db:87:78:1c:a3:1d:c8:b8:eb:ba:8c:
8c:e6:fb:af:b7:bf:06:51:f6:7d:88:a0:0c:11:8d:e6:3a:2b:
1f:d7:bd:e9:0e:76:91:75:07:74:5f:88:8e:57:5c:f2:44:07:
c1:ba:41:ce:32:13:ed:37:33:31:f7:69:e4:f6:44:ed:bd:60:
63:5d:36:2c:26:d4:ee:03:09:dc:cd:76:c9:c7:ec:e6:00:7a:
95:2e:c0:67:78:47:14:20:e4:b3:7f:9f:f7:81:66:49:85:f8:
98:6b:75:95
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVXrxj4iWuRsm7Q8mmFPiZH/IrwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZjNTA5YmE0OGU1YjUwNDk0NTcyZTA1YzQ1YzU4ZTdl
MTZkODdmYjAeFw0yNDExMjUxMjM4MjhaFw0yNTExMjQxMjQzMjhaMDMxMTAvBgNV
BAMTKDIyRTc0RkEzOTkzNDg1QTU5ODRFODlFMzQ2QzYzN0I0Rjg2OUU1QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwsi083nJcN0CnkrifXRyD0xRu
7tnI+Ta2WDwP7yHQlSSscCOvK4oGt/tCjUZk2V7r03OcC2JCNj1jwJbFs8xwt+IJ
DdCxjVLVt1Tf32HgWO3qJKmPt8jhAzkpHfc6ya/xebFP5yK2ELzSt/C1bsZ/BTDA
PTQU0IjxvLqYgvXNvGbrnEFB2fIvo6pap794zV0/iTkJxshz0o+U0NcssY9Ve03L
WrCkmJCuErlnQGqmbLWAf+aWr3430fC5HNIlFA8wqui55rZBERLXMfywlbMxZsLu
+0v+sHhfAGRz2uXholEGpMCxILcrUCCyNSU9koilaQrPaGvAMaOQGGGmFLyjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIudPo5k0haWYTonjRsY3tPhp5aIwHwYDVR0j
BBgwFoAUpsUJukjltQSUVy4FxFxY5+Fth/swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYtOTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1
NWM1LzEvQTZDNTA5QkE0OEU1QjUwNDk0NTcyRTA1QzQ1QzU4RTdFMTZEODdGQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3BzVUp1a2psdFFTVVZ5NEZ4RnhZNS1G
dGhfcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYt
OTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1NWM1LzEvMzEzNDM2MmUzMjM0MzcyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM0MzgzNTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kvc7MA0GCSqGSIb3DQEBCwUAA4IBAQBuLIoxaX/fidlL2FNZ35sWLbF0XWAp0BkK
GlZUAlthX8oABsiURIm+nVejaBQfxV1sN4HdZBL+0D7NCICjkVLYRzirsV2InXrg
E0e8ICrs82kn2pKWIBFRjIr5xgyDNBLR3RIpEjS/H+ZpjvNKS6+Wmd3i54w48W8w
+B7ZWcP+NT4sAJdF86COoRobKrOXQaVsBa3bjdrn24d4HKMdyLjruoyM5vuvt78G
UfZ9iKAMEY3mOisf173pDnaRdQd0X4iOV1zyRAfBukHOMhPtNzMx92nk9kTtvWBj
XTYsJtTuAwnczXbJx+zmAHqVLsBneEcUIOSzf5/3gWZJhfiYa3WV
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:30 2024 by rpki-client on console-ams.rpki-client.org