Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
File: 322e35392e36322e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: DSrssF4mQ2FpkJ2bTT0rXZrpSPxbZ/p2NNnVGrB1zBA=
Subject key identifier: E3:4F:7F:74:02:88:D9:B9:FB:90:E9:E4:D0:EA:13:66:6F:D8:6F:32
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 1AA91E86A32DA27E60D6DFEE28A8B53834C1E3CF
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
Signing time: Fri 22 Nov 2024 08:43:28 +0000
ROA not before: Fri 22 Nov 2024 08:38:28 +0000
ROA not after: Fri 21 Nov 2025 08:43:28 +0000
asID: 63023
IP address blocks: 2.59.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 15:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a9:1e:86:a3:2d:a2:7e:60:d6:df:ee:28:a8:b5:38:34:c1:e3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 22 08:38:28 2024 GMT
Not After : Nov 21 08:43:28 2025 GMT
Subject: CN=E34F7F740288D9B9FB90E9E4D0EA13666FD86F32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:cf:48:1d:8d:fa:80:67:99:2a:9f:d2:f2:
93:9a:b3:c3:93:68:43:66:5a:2b:ce:09:57:91:3c:
be:44:84:f3:43:4a:56:f7:f4:df:c7:5e:32:a6:93:
c9:dc:22:22:76:09:23:96:c0:85:72:fa:1f:a0:85:
5c:3f:56:1b:a8:39:da:6a:19:f1:85:88:cc:10:29:
0d:3e:70:18:e9:85:04:74:22:33:2f:0c:06:e8:be:
66:f9:ba:43:cd:a8:92:fb:1f:0d:e1:e4:d8:4f:70:
42:0a:bc:3d:af:bc:a7:2e:5f:04:f4:da:a9:7d:68:
24:11:cb:d2:8d:c0:6d:c1:55:8b:39:6a:02:f3:68:
b0:aa:57:ab:02:c3:b5:b4:38:de:ea:cc:f1:11:12:
95:9b:08:9a:c5:00:44:ba:18:76:38:50:68:a8:eb:
7d:71:b5:05:12:3c:f2:52:09:43:d4:d6:f2:f1:31:
1f:98:3e:4a:db:c9:e6:4e:94:06:65:c9:d1:dd:70:
40:fa:87:d5:4f:ec:b7:c7:5c:ff:54:6c:a2:cb:61:
af:35:9a:46:80:8a:4c:5c:3b:d8:40:d4:f2:27:fc:
db:44:13:d4:2b:ac:e0:6f:c9:30:7d:1b:4a:5f:99:
e2:bd:f4:27:64:b9:85:ee:44:03:03:e0:c8:9b:43:
eb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4F:7F:74:02:88:D9:B9:FB:90:E9:E4:D0:EA:13:66:6F:D8:6F:32
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36322e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:22:05:2d:ce:98:de:0c:1a:7b:50:c2:02:99:4c:4e:f2:35:
97:2f:d4:4d:ea:d4:e0:fb:f1:af:30:40:f4:99:59:3d:a1:ca:
f0:11:04:81:dc:19:f7:b7:45:d4:44:6c:43:df:29:bc:39:11:
49:ff:ef:b5:27:62:b9:52:ae:9c:e8:16:7e:df:5c:fb:3e:53:
94:d1:b6:69:cc:d1:13:e7:95:e9:89:24:61:28:3d:05:65:a3:
85:a1:72:54:53:f5:73:cd:20:fa:e7:99:27:d5:69:08:2f:3f:
b4:01:ef:d3:1a:79:9e:00:94:6e:e0:6f:ce:77:8d:b5:19:c4:
9b:4d:91:93:c7:56:de:98:ff:f7:12:a6:15:23:c6:34:6c:11:
4b:98:c0:e0:53:ca:14:f0:de:d9:cf:04:27:7a:4b:7f:23:b9:
7d:24:49:d1:bf:51:a0:4c:ba:7b:d3:a7:9a:02:64:3c:93:31:
94:0b:ff:85:7a:03:d4:a2:11:7b:4d:c2:ce:d1:66:0c:f8:32:
61:18:08:c9:31:db:9e:56:78:92:f7:ec:fb:5c:95:8f:0a:c4:
d8:6a:b4:8e:85:2d:24:0e:88:da:58:9b:db:12:2c:34:4f:d1:
11:0c:25:ba:ec:c8:17:86:3a:9b:7f:e3:e7:b0:86:7a:86:cc:
cb:4d:3e:99
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGqkehqMton5g1t/uKKi1ODTB488wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMjIwODM4MjhaFw0yNTExMjEwODQzMjhaMDMxMTAvBgNV
BAMTKEUzNEY3Rjc0MDI4OEQ5QjlGQjkwRTlFNEQwRUExMzY2NkZEODZGMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKkM9IHY36gGeZKp/S8pOas8OT
aENmWivOCVeRPL5EhPNDSlb39N/HXjKmk8ncIiJ2CSOWwIVy+h+ghVw/VhuoOdpq
GfGFiMwQKQ0+cBjphQR0IjMvDAbovmb5ukPNqJL7Hw3h5NhPcEIKvD2vvKcuXwT0
2ql9aCQRy9KNwG3BVYs5agLzaLCqV6sCw7W0ON7qzPEREpWbCJrFAES6GHY4UGio
631xtQUSPPJSCUPU1vLxMR+YPkrbyeZOlAZlydHdcED6h9VP7LfHXP9UbKLLYa81
mkaAikxcO9hA1PIn/NtEE9QrrOBvyTB9G0pfmeK99CdkuYXuRAMD4MibQ+vvAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU409/dAKI2bn7kOnk0OoTZm/YbzIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzIyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzAzMjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs+MA0G
CSqGSIb3DQEBCwUAA4IBAQCjIgUtzpjeDBp7UMICmUxO8jWXL9RN6tTg+/GvMED0
mVk9ocrwEQSB3Bn3t0XURGxD3ym8ORFJ/++1J2K5Uq6c6BZ+31z7PlOU0bZpzNET
55XpiSRhKD0FZaOFoXJUU/VzzSD655kn1WkILz+0Ae/TGnmeAJRu4G/Od421GcSb
TZGTx1bemP/3EqYVI8Y0bBFLmMDgU8oU8N7ZzwQnekt/I7l9JEnRv1GgTLp706ea
AmQ8kzGUC/+FegPUohF7TcLO0WYM+DJhGAjJMdueVniS9+z7XJWPCsTYarSOhS0k
DojaWJvbEiw0T9ERDCW67MgXhjqbf+PnsIZ6hszLTT6Z
-----END CERTIFICATE-----
Generated at Mon Dec 9 22:08:42 2024 by rpki-client on console-fra.rpki-client.org