Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
File: 3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa (raw, json)
Hash identifier: hab4hIGZSaDFVIiuhh8M27XjJNP2UIzC71avB4BPqKc=
Subject key identifier: 3E:76:6C:75:FF:43:E0:E8:0F:72:2B:54:54:3F:35:C0:D3:11:83:0C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 503072D8F422692082A6570C49B22FF0F4D83A5D
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
Signing time: Wed 27 Nov 2024 13:43:28 +0000
ROA not before: Wed 27 Nov 2024 13:38:28 +0000
ROA not after: Wed 26 Nov 2025 13:43:28 +0000
asID: 265919
IP address blocks: 212.18.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:30:72:d8:f4:22:69:20:82:a6:57:0c:49:b2:2f:f0:f4:d8:3a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 27 13:38:28 2024 GMT
Not After : Nov 26 13:43:28 2025 GMT
Subject: CN=3E766C75FF43E0E80F722B54543F35C0D311830C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:12:1c:46:06:b4:1f:2f:e9:97:80:93:4e:e8:
5f:d1:0c:07:12:de:24:8c:32:bf:7f:e0:72:bb:14:
d5:f8:cc:bb:c2:0c:af:c7:95:56:3d:ad:b6:8a:1a:
84:e2:5f:ce:90:48:ac:80:be:17:12:d0:9b:02:1b:
72:2e:72:b6:ff:83:99:fb:f0:08:0e:54:21:d5:f7:
7d:b6:18:51:4a:ad:14:6f:79:44:9e:ae:06:f6:54:
e3:a9:cd:39:27:e4:fb:e9:70:57:e1:6c:ac:c7:2e:
30:a9:4e:3f:94:57:18:16:ed:1d:01:8d:21:5e:f6:
6f:4b:1a:82:87:04:b3:9f:8d:d9:37:62:37:e8:61:
73:d6:78:67:97:ae:4e:b8:19:e4:38:57:10:56:d7:
a5:dc:07:a9:d8:c2:37:71:4a:0a:c0:1a:d8:11:9b:
e3:1e:5e:93:b4:a0:3e:df:5f:1f:c6:3f:fe:39:88:
13:80:e5:a5:44:2d:bf:d4:86:7c:d4:2e:80:a3:18:
6f:4d:7c:0b:8b:44:a6:5e:44:96:8c:98:b4:2e:8c:
22:a9:4e:75:cf:1d:fa:12:97:7b:05:a9:07:c3:df:
8a:01:08:84:22:85:ea:60:d7:57:14:fe:c8:5f:bf:
cf:01:ab:33:fd:74:d8:6a:dd:33:7d:41:92:f5:b4:
6c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:76:6C:75:FF:43:E0:E8:0F:72:2B:54:54:3F:35:C0:D3:11:83:0C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.114.0/24
Signature Algorithm: sha256WithRSAEncryption
40:b6:6f:12:80:83:d4:b5:d5:5c:c1:f3:69:76:a6:e5:fe:2e:
1a:57:63:fe:ce:c5:81:af:ba:5f:9a:b3:fc:2e:6a:21:e6:0a:
d9:d3:eb:2e:3c:3c:0e:ab:fc:22:b5:05:23:ad:d7:fb:84:2b:
c4:ed:5b:53:00:59:7f:12:70:d5:28:c8:7e:16:9c:3c:c1:03:
4b:51:fd:64:e6:50:3b:73:8f:73:29:d0:68:cd:1b:7f:c5:57:
47:bb:fb:ea:9b:d3:33:8e:e4:60:c0:81:37:39:7b:fc:46:00:
24:05:3a:d6:9e:32:8f:2e:78:b5:53:35:af:97:1f:de:66:a5:
07:a6:5a:ba:6f:6b:7b:55:88:65:83:3e:71:fd:35:42:4d:b5:
70:ee:eb:f9:a9:6b:4c:92:d8:fb:28:9e:1e:3b:e2:24:dd:8b:
f0:5d:f1:9d:33:63:25:58:00:a2:c2:d7:ed:cb:f3:8b:5a:18:
9b:52:0f:37:a4:b0:29:25:7a:bb:01:48:d9:a6:20:dc:d4:c1:
6b:e0:47:66:8d:88:7a:a5:fa:7d:19:be:ca:0a:5c:6a:7c:d4:
3c:c9:79:2f:53:9b:d1:bb:bc:ad:20:48:ab:8e:d2:de:35:bc:
f0:54:ea:d6:de:06:df:a9:fe:43:b0:0c:f6:2e:14:4a:68:b9:
fd:18:83:9c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUDBy2PQiaSCCplcMSbIv8PTYOl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMjcxMzM4MjhaFw0yNTExMjYxMzQzMjhaMDMxMTAvBgNV
BAMTKDNFNzY2Qzc1RkY0M0UwRTgwRjcyMkI1NDU0M0YzNUMwRDMxMTgzMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCREhxGBrQfL+mXgJNO6F/RDAcS
3iSMMr9/4HK7FNX4zLvCDK/HlVY9rbaKGoTiX86QSKyAvhcS0JsCG3Iucrb/g5n7
8AgOVCHV9322GFFKrRRveUSergb2VOOpzTkn5PvpcFfhbKzHLjCpTj+UVxgW7R0B
jSFe9m9LGoKHBLOfjdk3YjfoYXPWeGeXrk64GeQ4VxBW16XcB6nYwjdxSgrAGtgR
m+MeXpO0oD7fXx/GP/45iBOA5aVELb/UhnzULoCjGG9NfAuLRKZeRJaMmLQujCKp
TnXPHfoSl3sFqQfD34oBCIQihepg11cU/shfv88BqzP9dNhq3TN9QZL1tGzHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPnZsdf9D4OgPcitUVD81wNMRgwwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIzMTMyMmUzMTM4MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzOTMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUEnIwDQYJKoZIhvcNAQELBQADggEBAEC2bxKAg9S11VzB82l2puX+LhpXY/7O
xYGvul+as/wuaiHmCtnT6y48PA6r/CK1BSOt1/uEK8TtW1MAWX8ScNUoyH4WnDzB
A0tR/WTmUDtzj3Mp0GjNG3/FV0e7++qb0zOO5GDAgTc5e/xGACQFOtaeMo8ueLVT
Na+XH95mpQemWrpva3tViGWDPnH9NUJNtXDu6/mpa0yS2Psonh474iTdi/Bd8Z0z
YyVYAKLC1+3L84taGJtSDzeksCklersBSNmmINzUwWvgR2aNiHql+n0ZvsoKXGp8
1DzJeS9Tm9G7vK0gSKuO0t41vPBU6tbeBt+p/kOwDPYuFEpouf0Yg5w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:54:19 2025 by rpki-client