Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e203633303233.roa
File: 3134362e31392e3136372e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: ZHdW+pei9XIhTbcUkYdHIOR86A1hj8LVQhQf+2OeqZ0=
Subject key identifier: C2:85:14:1B:65:8C:A7:BB:3A:73:12:08:FF:A7:44:C3:A8:B3:BE:E2
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3F7E96A03DAF22712C4103770FA25E732398D206
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e203633303233.roa
Signing time: Tue 12 Nov 2024 12:43:27 +0000
ROA not before: Tue 12 Nov 2024 12:38:27 +0000
ROA not after: Tue 11 Nov 2025 12:43:27 +0000
asID: 63023
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7e:96:a0:3d:af:22:71:2c:41:03:77:0f:a2:5e:73:23:98:d2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 12 12:38:27 2024 GMT
Not After : Nov 11 12:43:27 2025 GMT
Subject: CN=C285141B658CA7BB3A731208FFA744C3A8B3BEE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5d:6f:30:97:e8:70:79:90:02:3d:dc:85:cb:
14:8b:5b:5d:62:96:2a:1d:71:b2:1b:df:af:ec:cb:
d3:d2:5e:62:8d:23:a0:4d:32:ba:4d:b2:8b:a0:44:
bd:15:8a:cc:9f:09:63:44:f8:e3:5d:46:3b:b9:ee:
ab:9f:ce:23:23:c9:a0:bd:1b:48:a2:95:37:79:06:
a3:3d:9c:2b:91:cb:1b:74:ec:66:1a:5f:de:ca:e5:
df:46:87:e1:2e:67:c4:14:5f:10:bb:36:38:3d:b3:
e2:23:9c:df:98:4a:58:fb:29:8c:c2:3e:ac:0c:15:
80:fb:a9:df:2e:e2:bc:da:8c:44:90:95:05:94:da:
e2:d0:9f:4c:82:ef:6e:0e:af:f3:cd:ee:a2:27:ac:
ce:24:18:0d:56:2c:e1:9a:cf:31:ee:77:ec:60:85:
98:24:56:da:21:46:6b:ee:c3:34:99:33:38:ac:32:
cd:75:ba:27:c7:d3:df:62:3d:eb:d2:bf:b6:8c:5e:
9f:46:95:3f:b3:d1:3c:3f:a0:4a:73:c7:0c:1d:c0:
40:83:5a:72:9d:f8:2a:a9:4c:d9:e2:17:b2:8e:f2:
d6:62:41:db:f8:1d:c0:c1:72:2b:b0:21:50:75:07:
d9:6b:a8:1e:81:cf:6d:21:70:bd:e2:a4:4f:02:3f:
d4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:85:14:1B:65:8C:A7:BB:3A:73:12:08:FF:A7:44:C3:A8:B3:BE:E2
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b0:91:31:da:21:da:47:9a:c6:1f:3f:f4:14:28:d9:73:16:
cc:dc:8c:d8:74:93:e8:d6:04:a3:0f:ae:d6:5d:b6:07:12:85:
28:25:79:a9:c6:a2:21:46:53:1b:03:3d:6c:ac:92:66:30:1c:
42:aa:11:3e:40:6c:67:81:31:a9:e6:76:a5:ad:5e:c0:a1:2c:
e1:05:65:fb:b3:fa:f3:46:db:41:5e:c6:ce:ad:8a:72:22:6f:
94:21:f7:b7:9f:73:3b:a8:74:42:48:98:68:5b:8d:93:ad:4a:
52:d3:74:f3:34:53:9b:b6:84:5d:50:47:4d:e3:af:88:4b:8b:
2e:fb:8d:3a:b3:40:27:23:65:c6:89:7a:74:2b:bf:e1:9f:03:
0d:8a:85:a9:6c:17:51:18:c3:3d:14:3f:2d:ae:65:52:7d:65:
a6:77:9c:1b:8c:97:3e:57:33:5a:7e:83:d4:67:e3:24:96:2f:
ad:98:20:fc:e5:1d:c5:2a:5e:b4:92:97:2b:af:7e:11:3f:eb:
f9:c0:dd:29:38:24:b7:33:36:17:02:50:e3:4c:5f:81:17:24:
87:67:03:26:d3:be:0b:02:6f:3b:28:4a:81:05:b3:3b:13:1f:
d0:b3:3d:b7:e4:6e:62:e6:4a:4a:d9:a9:5a:04:18:bf:6f:2e:
e4:ed:52:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP36WoD2vInEsQQN3D6JecyOY0gYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMTIxMjM4MjdaFw0yNTExMTExMjQzMjdaMDMxMTAvBgNV
BAMTKEMyODUxNDFCNjU4Q0E3QkIzQTczMTIwOEZGQTc0NEMzQThCM0JFRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHXW8wl+hweZACPdyFyxSLW11i
liodcbIb36/sy9PSXmKNI6BNMrpNsougRL0VisyfCWNE+ONdRju57qufziMjyaC9
G0iilTd5BqM9nCuRyxt07GYaX97K5d9Gh+EuZ8QUXxC7Njg9s+IjnN+YSlj7KYzC
PqwMFYD7qd8u4rzajESQlQWU2uLQn0yC724Or/PN7qInrM4kGA1WLOGazzHud+xg
hZgkVtohRmvuwzSZMzisMs11uifH099iPevSv7aMXp9GlT+z0Tw/oEpzxwwdwECD
WnKd+CqpTNniF7KO8tZiQdv4HcDBciuwIVB1B9lrqB6Bz20hcL3ipE8CP9TDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwoUUG2WMp7s6cxII/6dEw6izvuIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzAzMjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khOnMA0GCSqGSIb3DQEBCwUAA4IBAQAbsJEx2iHaR5rGHz/0FCjZcxbM3IzYdJPo
1gSjD67WXbYHEoUoJXmpxqIhRlMbAz1srJJmMBxCqhE+QGxngTGp5nalrV7AoSzh
BWX7s/rzRttBXsbOrYpyIm+UIfe3n3M7qHRCSJhoW42TrUpS03TzNFObtoRdUEdN
46+IS4su+406s0AnI2XGiXp0K7/hnwMNioWpbBdRGMM9FD8trmVSfWWmd5wbjJc+
VzNafoPUZ+Mkli+tmCD85R3FKl60kpcrr34RP+v5wN0pOCS3MzYXAlDjTF+BFySH
ZwMm074LAm87KEqBBbM7Ex/Qsz235G5i5kpK2alaBBi/by7k7VKB
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:15 2024 by rpki-client on console-ams.rpki-client.org