Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20323039363432.roa
File: 322e35392e36332e302f32342d3234203d3e20323039363432.roa (raw, json)
Hash identifier: Z87BeCKdNOTOblKE4NVrwtYfC72j0VsLu5nyAC5OL8M=
Subject key identifier: 38:1C:E4:06:95:40:A5:1F:A0:36:91:AE:5F:E4:50:7F:22:0E:86:54
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 506A7AAA392C0235CE06C6464EE344EFA21FE64D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20323039363432.roa
Signing time: Wed 05 Jun 2024 12:50:48 +0000
ROA not before: Wed 05 Jun 2024 12:45:48 +0000
ROA not after: Wed 04 Jun 2025 12:50:48 +0000
asID: 209642
IP address blocks: 2.59.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:6a:7a:aa:39:2c:02:35:ce:06:c6:46:4e:e3:44:ef:a2:1f:e6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 5 12:45:48 2024 GMT
Not After : Jun 4 12:50:48 2025 GMT
Subject: CN=381CE4069540A51FA03691AE5FE4507F220E8654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8f:15:ed:d8:ee:b8:f0:65:6e:b0:dc:be:80:
64:61:a6:32:dc:d4:a8:94:de:62:db:85:d7:68:d4:
28:eb:1c:5f:60:2c:1c:10:0d:ee:b6:89:26:b8:7f:
4a:07:48:d5:62:98:28:42:54:bf:c8:b3:6a:0a:9e:
59:c0:5d:e2:46:bd:05:8e:b3:fb:8d:ad:26:54:7d:
a3:b0:f0:17:6a:3c:7a:71:53:a7:eb:a9:bf:c3:a8:
0d:c5:ca:d5:33:99:73:8d:2e:64:14:10:3a:56:3f:
2d:5e:87:17:a1:ec:ac:49:00:3d:3a:01:56:01:b4:
43:88:ac:44:34:54:80:98:5f:94:6b:37:84:03:64:
58:42:af:3e:4d:0c:a5:c2:c7:fd:76:3e:4c:70:7a:
49:83:84:a1:99:a0:a6:1e:f0:0d:8c:d6:d8:dc:fa:
bf:d8:3a:55:92:0d:b6:39:8c:e2:4c:6f:38:9f:d4:
3a:52:b7:9a:3b:0e:7c:af:ff:c1:67:62:d3:b7:0c:
1e:5c:e2:f4:ac:51:fd:53:83:da:21:05:12:1e:17:
bd:a2:28:dd:bf:8e:9f:4e:b8:a8:ec:2b:f4:b3:8a:
b6:35:73:3f:6e:e7:44:5d:75:84:2d:1c:33:ff:f2:
c0:2f:00:be:75:ac:83:90:8a:1a:0f:94:a5:0b:d6:
f8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1C:E4:06:95:40:A5:1F:A0:36:91:AE:5F:E4:50:7F:22:0E:86:54
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20323039363432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.63.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:97:1a:63:41:91:50:46:40:72:70:15:61:c7:71:b6:45:79:
36:1a:78:b9:ec:d2:1a:e0:47:27:c8:35:b4:14:1f:93:6c:ee:
9b:d1:ce:e4:5b:d4:53:95:0f:32:47:b0:1c:55:97:24:c2:fd:
6f:d7:d3:a0:f1:bd:66:46:29:14:5f:d5:ed:21:85:d1:38:3f:
0d:06:37:43:f1:76:29:55:69:cf:02:e5:60:ba:d2:5a:db:ae:
a0:e6:e4:d1:89:9d:6d:f5:d8:0e:b6:78:e0:fb:bf:3e:7a:c9:
ef:95:54:8a:5f:e4:5b:8c:ac:36:0e:0b:5e:1d:f8:97:70:72:
90:b9:5c:14:f8:03:45:d5:61:fd:d7:2b:fa:e7:88:36:bc:14:
fc:cf:4f:ac:9a:db:8c:7a:e1:8b:38:6b:dd:2d:fb:21:23:0b:
1e:41:03:d0:24:15:53:bd:86:02:60:45:6b:bf:17:cd:d3:cf:
4f:e8:d9:05:97:77:5c:ba:8f:60:5f:27:d9:b2:66:7f:bc:c4:
35:b7:ee:fb:f4:2b:3b:3a:67:d0:fa:5e:e7:0a:a8:07:c7:c2:
72:30:3c:a3:1c:27:19:68:69:b5:37:bd:fb:24:2e:fa:91:09:
4f:f7:cd:9e:35:a3:0d:0e:c2:df:05:f2:62:df:e4:9b:e9:2d:
f3:fa:a6:94
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUGp6qjksAjXOBsZGTuNE76If5k0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA2MDUxMjQ1NDhaFw0yNTA2MDQxMjUwNDhaMDMxMTAvBgNV
BAMTKDM4MUNFNDA2OTU0MEE1MUZBMDM2OTFBRTVGRTQ1MDdGMjIwRTg2NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxjxXt2O648GVusNy+gGRhpjLc
1KiU3mLbhddo1CjrHF9gLBwQDe62iSa4f0oHSNVimChCVL/Is2oKnlnAXeJGvQWO
s/uNrSZUfaOw8BdqPHpxU6frqb/DqA3FytUzmXONLmQUEDpWPy1ehxeh7KxJAD06
AVYBtEOIrEQ0VICYX5RrN4QDZFhCrz5NDKXCx/12PkxwekmDhKGZoKYe8A2M1tjc
+r/YOlWSDbY5jOJMbzif1DpSt5o7Dnyv/8FnYtO3DB5c4vSsUf1Tg9ohBRIeF72i
KN2/jp9OuKjsK/SzirY1cz9u50RddYQtHDP/8sAvAL51rIOQihoPlKUL1vglAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUOBzkBpVApR+gNpGuX+RQfyIOhlQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzNjM0MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOz8w
DQYJKoZIhvcNAQELBQADggEBAMaXGmNBkVBGQHJwFWHHcbZFeTYaeLns0hrgRyfI
NbQUH5Ns7pvRzuRb1FOVDzJHsBxVlyTC/W/X06DxvWZGKRRf1e0hhdE4Pw0GN0Px
dilVac8C5WC60lrbrqDm5NGJnW312A62eOD7vz56ye+VVIpf5FuMrDYOC14d+Jdw
cpC5XBT4A0XVYf3XK/rniDa8FPzPT6ya24x64Ys4a90t+yEjCx5BA9AkFVO9hgJg
RWu/F83Tz0/o2QWXd1y6j2BfJ9myZn+8xDW37vv0Kzs6Z9D6XucKqAfHwnIwPKMc
JxloabU3vfskLvqRCU/3zZ41ow0Owt8F8mLf5JvpLfP6ppQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 12:00:54 2024 by rpki-client on console-ams.rpki-client.org