Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: PY8NObpnksEy4Gap1Hc7MyHqiFU62dabk5L2A/Q0beE=
Subject key identifier: 2F:C0:BD:0D:0A:44:B4:14:26:BF:45:96:B8:3A:4A:5F:23:9E:FC:B5
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 1EA86A0CF4EE6E3BEA3EF8CA8A5517AAE4B55AAB
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
Signing time: Tue 12 Nov 2024 12:43:27 +0000
ROA not before: Tue 12 Nov 2024 12:38:27 +0000
ROA not after: Tue 11 Nov 2025 12:43:27 +0000
asID: 142111
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a8:6a:0c:f4:ee:6e:3b:ea:3e:f8:ca:8a:55:17:aa:e4:b5:5a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 12 12:38:27 2024 GMT
Not After : Nov 11 12:43:27 2025 GMT
Subject: CN=2FC0BD0D0A44B41426BF4596B83A4A5F239EFCB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:71:0b:f6:7a:0c:3c:e2:1e:25:12:7a:80:5c:
b4:7f:d9:35:6d:05:99:31:48:9e:29:b6:27:57:1a:
c7:72:4c:2e:ce:a3:ca:57:f2:19:db:9c:37:c8:b7:
27:cf:39:50:c8:aa:04:d9:cc:da:2e:e1:c0:04:26:
58:83:88:47:a8:60:0c:1c:bd:02:20:59:67:64:fe:
3e:eb:f1:01:53:e9:86:d8:56:79:e4:d2:fc:b7:26:
f4:4c:db:73:bc:c0:9c:f3:a7:ae:16:b2:26:68:7f:
52:84:06:b8:76:6c:b0:a6:97:c2:55:52:3a:ce:df:
d8:a8:87:d0:ff:9c:94:75:1b:04:9d:14:9b:7d:74:
c2:80:da:d8:33:b0:82:92:ec:69:10:bc:38:a2:e1:
b5:08:09:39:23:57:aa:a3:90:1b:97:3d:5b:ac:71:
41:63:de:e0:86:7a:98:04:df:7f:8e:7c:3b:09:e7:
7b:5e:72:d2:fa:07:d0:73:aa:94:d9:cc:13:41:03:
22:c5:00:8e:23:f7:13:14:81:6b:63:9b:98:ba:3a:
80:20:57:34:23:05:8c:ea:5f:a1:6b:ca:4e:eb:0f:
92:9d:f8:a6:be:a9:3d:d0:be:a4:0e:49:ad:c7:d3:
d5:34:43:2f:47:ab:e6:14:01:4c:ce:4c:e0:a0:3d:
01:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C0:BD:0D:0A:44:B4:14:26:BF:45:96:B8:3A:4A:5F:23:9E:FC:B5
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d5:b6:06:9c:52:17:c1:45:13:84:d3:19:de:c8:7a:ec:67:
9d:95:a8:ba:9d:f0:8c:64:17:b7:c5:82:02:11:cc:29:8d:5e:
de:8a:b5:5f:53:22:be:3e:bf:e5:20:12:28:31:2e:f4:e5:3b:
e9:50:e2:14:69:d5:e1:1a:70:37:e7:90:0f:21:34:83:70:68:
94:2f:dd:f5:35:46:55:ae:cf:9e:c8:f3:fe:28:91:4d:80:e6:
fc:e4:e7:f5:26:3b:c6:e4:d7:64:c4:05:64:4c:dc:13:bb:d8:
f3:72:73:af:67:97:5b:4c:6b:10:75:47:ac:7a:6e:39:d9:5e:
8d:77:31:2a:57:b3:7c:25:62:86:a4:8a:5e:75:28:d9:63:38:
65:c3:03:04:e1:a9:09:af:2f:c7:5b:c4:d8:99:56:35:70:05:
39:5d:c1:b2:08:f3:e1:e1:6a:2e:a5:66:b0:68:ae:ce:be:83:
ad:bf:3d:9b:6b:9f:11:73:89:b3:47:02:3c:49:8d:9e:03:b3:
ec:01:2e:15:0b:46:2b:92:33:fc:28:45:1f:e1:84:9b:02:1a:
60:f6:92:d0:72:cd:65:dc:10:22:44:2b:fb:c0:fc:23:77:62:
a8:ee:1d:74:2c:8c:32:6f:09:15:3c:8d:f5:53:10:5b:95:24:
09:4e:8b:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHqhqDPTubjvqPvjKilUXquS1WqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMTIxMjM4MjdaFw0yNTExMTExMjQzMjdaMDMxMTAvBgNV
BAMTKDJGQzBCRDBEMEE0NEI0MTQyNkJGNDU5NkI4M0E0QTVGMjM5RUZDQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+cQv2egw84h4lEnqAXLR/2TVt
BZkxSJ4ptidXGsdyTC7Oo8pX8hnbnDfItyfPOVDIqgTZzNou4cAEJliDiEeoYAwc
vQIgWWdk/j7r8QFT6YbYVnnk0vy3JvRM23O8wJzzp64WsiZof1KEBrh2bLCml8JV
UjrO39ioh9D/nJR1GwSdFJt9dMKA2tgzsIKS7GkQvDii4bUICTkjV6qjkBuXPVus
cUFj3uCGepgE33+OfDsJ53tectL6B9BzqpTZzBNBAyLFAI4j9xMUgWtjm5i6OoAg
VzQjBYzqX6Fryk7rD5Kd+Ka+qT3QvqQOSa3H09U0Qy9Hq+YUAUzOTOCgPQFvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL8C9DQpEtBQmv0WWuDpKXyOe/LUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTMxMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE6cwDQYJKoZIhvcNAQELBQADggEBAFvVtgacUhfBRROE0xneyHrsZ52VqLqd
8IxkF7fFggIRzCmNXt6KtV9TIr4+v+UgEigxLvTlO+lQ4hRp1eEacDfnkA8hNINw
aJQv3fU1RlWuz57I8/4okU2A5vzk5/UmO8bk12TEBWRM3BO72PNyc69nl1tMaxB1
R6x6bjnZXo13MSpXs3wlYoakil51KNljOGXDAwThqQmvL8dbxNiZVjVwBTldwbII
8+Hhai6lZrBors6+g62/PZtrnxFzibNHAjxJjZ4Ds+wBLhULRiuSM/woRR/hhJsC
GmD2ktByzWXcECJEK/vA/CN3YqjuHXQsjDJvCRU8jfVTEFuVJAlOizM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:00 2024 by rpki-client on console-fra.rpki-client.org