Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: k1iiBDYJbZ9MyA2UxW/M9Uq5rxChaI1wOAoCUShr+sc=
Subject key identifier: 41:D4:EC:A1:8A:AF:FA:CC:6C:F4:28:23:23:7E:BF:11:F7:03:3F:7E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7F4C8706FF299929831FC746CCC806C1521ABA3B
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
Signing time: Tue 12 Dec 2023 11:43:40 +0000
ROA not before: Tue 12 Dec 2023 11:38:40 +0000
ROA not after: Tue 10 Dec 2024 11:43:40 +0000
asID: 142111
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:4c:87:06:ff:29:99:29:83:1f:c7:46:cc:c8:06:c1:52:1a:ba:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 12 11:38:40 2023 GMT
Not After : Dec 10 11:43:40 2024 GMT
Subject: CN=41D4ECA18AAFFACC6CF42823237EBF11F7033F7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:1c:be:3e:a0:e2:b1:bb:02:b0:d1:d6:50:
62:17:5f:ad:28:36:0f:a4:88:e0:ea:c8:6c:a5:cd:
24:67:26:5e:e5:a4:eb:e1:e9:66:03:87:e6:ee:93:
fc:69:22:88:ea:39:05:51:b3:c7:3a:83:2d:5d:8b:
f4:9a:6c:3f:4f:1c:c2:b0:52:fe:80:a4:ca:b0:9a:
d9:e8:c7:85:03:1f:75:d2:d5:2b:31:1c:ad:ea:25:
e2:ff:22:54:1a:bc:0d:87:9d:3b:55:5f:07:8c:d1:
77:63:ed:29:51:04:f1:82:42:f6:c9:0d:9c:d9:be:
b1:72:a5:2e:de:f8:87:e2:81:95:bf:02:f9:4e:dd:
38:84:21:1d:0e:d4:e9:ed:f5:52:d8:6d:16:d9:bb:
be:80:55:38:cb:b8:2c:f7:34:24:47:00:7a:a3:b7:
d8:cc:f4:e0:9d:76:b2:e3:ec:57:76:0d:64:00:7f:
77:e0:e6:52:b7:fd:06:a5:79:f0:5e:2b:58:d6:ea:
5b:a8:61:60:d9:f9:fa:b4:c2:63:4d:a1:07:48:7a:
09:24:18:64:bc:ad:04:c7:ea:7a:63:46:18:ae:0c:
24:c6:e6:20:85:18:c7:80:8f:0f:12:d3:5f:cb:51:
c2:d6:0f:d3:4d:2e:dc:1d:60:11:ef:4c:a5:5c:69:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D4:EC:A1:8A:AF:FA:CC:6C:F4:28:23:23:7E:BF:11:F7:03:3F:7E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
13:70:76:cc:1d:e0:ed:8d:78:91:83:eb:24:a4:c8:ac:40:d1:
9c:81:97:9f:50:a2:fc:6b:9a:22:21:c9:28:ed:4e:af:ec:c9:
68:80:65:c5:6f:7b:b3:65:18:a8:d1:09:99:5b:d4:9f:8a:3a:
9b:ea:83:b6:fb:74:f3:b5:b9:12:1f:8f:8d:d7:99:2b:8d:28:
3c:36:86:db:3e:2b:d5:51:55:5a:b3:fe:a6:84:79:e6:4a:1e:
8e:43:e4:85:5f:61:f4:73:db:a2:52:59:be:c7:e3:16:96:d5:
a9:22:cb:17:16:6f:ea:a2:1d:80:67:7d:43:ed:51:82:c6:05:
59:d5:0f:3e:9c:17:b2:b1:9c:af:c9:53:d7:7f:51:f3:44:24:
96:7f:1d:7c:59:3c:c6:59:48:71:9b:e7:0d:cb:4d:0c:64:76:
03:5b:da:2b:d9:a5:e4:09:65:c7:21:80:c2:79:67:6d:2b:bb:
a8:23:13:06:70:b4:96:cb:ba:44:09:7e:04:a0:4a:70:44:6d:
0a:d0:69:94:54:d4:a8:37:53:dc:52:e2:96:e8:b5:f2:e0:35:
df:8b:d3:3f:dc:06:c0:e6:f1:cf:7c:26:c9:43:94:9c:f5:11:
fc:fd:5d:f0:e3:c0:cc:71:17:15:89:bf:cc:7b:66:ed:09:97:
82:a3:6e:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf0yHBv8pmSmDH8dGzMgGwVIaujswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMTIxMTM4NDBaFw0yNDEyMTAxMTQzNDBaMDMxMTAvBgNV
BAMTKDQxRDRFQ0ExOEFBRkZBQ0M2Q0Y0MjgyMzIzN0VCRjExRjcwMzNGN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuNhy+PqDisbsCsNHWUGIXX60o
Ng+kiODqyGylzSRnJl7lpOvh6WYDh+buk/xpIojqOQVRs8c6gy1di/SabD9PHMKw
Uv6ApMqwmtnox4UDH3XS1SsxHK3qJeL/IlQavA2HnTtVXweM0Xdj7SlRBPGCQvbJ
DZzZvrFypS7e+IfigZW/AvlO3TiEIR0O1Ont9VLYbRbZu76AVTjLuCz3NCRHAHqj
t9jM9OCddrLj7Fd2DWQAf3fg5lK3/QalefBeK1jW6luoYWDZ+fq0wmNNoQdIegkk
GGS8rQTH6npjRhiuDCTG5iCFGMeAjw8S01/LUcLWD9NNLtwdYBHvTKVcacKXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQdTsoYqv+sxs9CgjI36/EfcDP34wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTMxMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE6cwDQYJKoZIhvcNAQELBQADggEBABNwdswd4O2NeJGD6ySkyKxA0ZyBl59Q
ovxrmiIhySjtTq/syWiAZcVve7NlGKjRCZlb1J+KOpvqg7b7dPO1uRIfj43XmSuN
KDw2hts+K9VRVVqz/qaEeeZKHo5D5IVfYfRz26JSWb7H4xaW1akiyxcWb+qiHYBn
fUPtUYLGBVnVDz6cF7KxnK/JU9d/UfNEJJZ/HXxZPMZZSHGb5w3LTQxkdgNb2ivZ
peQJZcchgMJ5Z20ru6gjEwZwtJbLukQJfgSgSnBEbQrQaZRU1Kg3U9xS4pbotfLg
Nd+L0z/cBsDm8c98JslDlJz1Efz9XfDjwMxxFxWJv8x7Zu0Jl4Kjbn4=
-----END CERTIFICATE-----
Generated at Wed May 15 03:59:44 2024 by rpki-client on console-fra.rpki-client.org