Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
File: 3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: EELwE1No75W7JkSK/s3++ATRUgp1xljrzQ4W2Ih191s=
Subject key identifier: 78:5A:56:F5:CD:33:74:07:CE:7F:50:7C:36:FC:38:BA:B7:BA:02:4F
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 3B7AA253D06D96656DCB3BA5E24162185F9E820B
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
Signing time: Tue 25 Jun 2024 06:52:16 +0000
ROA not before: Tue 25 Jun 2024 06:47:16 +0000
ROA not after: Tue 24 Jun 2025 06:52:16 +0000
asID: 212335
IP address blocks: 194.150.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:7a:a2:53:d0:6d:96:65:6d:cb:3b:a5:e2:41:62:18:5f:9e:82:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Jun 25 06:47:16 2024 GMT
Not After : Jun 24 06:52:16 2025 GMT
Subject: CN=785A56F5CD337407CE7F507C36FC38BAB7BA024F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a3:84:5a:0d:c5:1b:e8:45:a8:5c:fc:92:ee:
c0:ba:f2:3b:80:01:0a:63:f7:3e:dc:6e:14:e5:76:
2e:8a:ad:c8:c0:bc:1d:e6:fc:41:e5:be:42:89:ba:
70:e7:a6:e9:ac:c9:22:0d:61:23:f4:97:a9:b4:8e:
56:bb:5a:cf:fd:a1:e5:35:47:c3:ed:79:54:1a:2d:
a7:5f:c1:17:a2:83:b7:b7:d8:40:8a:d4:e3:56:b6:
3c:9f:38:50:4f:71:81:e2:f4:e4:cc:8a:55:48:9e:
de:f5:a0:fc:1c:bb:af:d6:f8:52:11:f6:52:53:78:
54:bd:6f:11:9c:be:22:69:74:04:cd:26:3a:16:aa:
0f:4d:68:f8:c5:cf:bd:e7:8b:3e:06:61:99:4c:4a:
ec:37:c4:67:7e:d6:ec:f8:1c:bd:e3:cd:06:20:0f:
19:67:30:aa:f8:6f:93:d5:96:57:57:c4:09:ec:8e:
3c:ef:f8:8f:ac:f7:97:71:15:98:60:96:ca:68:e0:
5a:d4:6a:4a:84:d2:b5:d9:2e:49:90:ea:72:e2:03:
4b:ef:09:a6:29:6f:d7:e8:09:23:16:18:b4:41:b3:
6c:6c:97:fd:52:13:24:bc:5b:21:01:01:47:c2:67:
8e:db:37:9b:0e:ff:0c:63:51:c8:a1:ab:ac:5d:fe:
db:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5A:56:F5:CD:33:74:07:CE:7F:50:7C:36:FC:38:BA:B7:BA:02:4F
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.204.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:84:ec:74:5c:38:89:f1:33:88:74:0e:32:f0:32:0a:b3:d8:
35:10:b7:0f:d4:b3:cc:b9:41:3a:5a:2a:5b:ac:79:31:90:c5:
a0:58:ea:e4:a9:f4:05:82:9a:43:a4:1d:55:3a:5b:b6:b1:cb:
d8:69:8b:98:e0:9e:3f:fb:fe:4a:21:c8:55:97:cb:51:62:4a:
19:76:7f:8d:cc:9b:76:1d:ee:06:19:2e:67:3a:27:6d:ca:d5:
87:c3:d3:b6:ab:95:6c:4a:c1:03:b8:dc:70:4d:d2:56:d8:57:
41:1a:ad:8b:34:4b:8f:bb:bb:42:8d:ab:12:a3:7b:17:da:ee:
c1:81:c7:e9:78:04:01:8c:63:41:3d:88:81:13:09:21:0d:d5:
6d:b4:3b:89:05:98:86:a2:97:5b:6e:26:22:89:6e:32:77:6c:
bf:df:d9:0e:4b:be:73:58:76:78:bc:da:0e:63:f8:a2:48:a7:
18:55:d6:2a:0a:de:a9:89:5e:b4:e3:17:ba:08:67:16:25:f8:
e0:3c:22:e6:19:fd:11:b7:6c:ac:16:d9:d5:c8:84:58:dd:70:
fa:05:54:74:44:92:5a:d7:2d:5a:9b:b3:de:ac:60:f1:3d:03:
eb:ea:f2:68:45:4e:bc:98:44:96:8b:a0:29:64:ba:96:0f:6a:
1b:c2:a0:7d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUO3qiU9BtlmVtyzul4kFiGF+eggswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDA2MjUwNjQ3MTZaFw0yNTA2MjQwNjUyMTZaMDMxMTAvBgNV
BAMTKDc4NUE1NkY1Q0QzMzc0MDdDRTdGNTA3QzM2RkMzOEJBQjdCQTAyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYo4RaDcUb6EWoXPyS7sC68juA
AQpj9z7cbhTldi6KrcjAvB3m/EHlvkKJunDnpumsySINYSP0l6m0jla7Ws/9oeU1
R8PteVQaLadfwReig7e32ECK1ONWtjyfOFBPcYHi9OTMilVInt71oPwcu6/W+FIR
9lJTeFS9bxGcviJpdATNJjoWqg9NaPjFz73niz4GYZlMSuw3xGd+1uz4HL3jzQYg
DxlnMKr4b5PVlldXxAnsjjzv+I+s95dxFZhglspo4FrUakqE0rXZLkmQ6nLiA0vv
CaYpb9foCSMWGLRBs2xsl/1SEyS8WyEBAUfCZ47bN5sO/wxjUcihq6xd/tsxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUeFpW9c0zdAfOf1B8Nvw4ure6Ak8wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzAzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKWzDANBgkqhkiG9w0BAQsFAAOCAQEApYTsdFw4ifEziHQOMvAyCrPYNRC3
D9SzzLlBOloqW6x5MZDFoFjq5Kn0BYKaQ6QdVTpbtrHL2GmLmOCeP/v+SiHIVZfL
UWJKGXZ/jcybdh3uBhkuZzonbcrVh8PTtquVbErBA7jccE3SVthXQRqtizRLj7u7
Qo2rEqN7F9ruwYHH6XgEAYxjQT2IgRMJIQ3VbbQ7iQWYhqKXW24mIoluMndsv9/Z
Dku+c1h2eLzaDmP4okinGFXWKgreqYletOMXughnFiX44Dwi5hn9EbdsrBbZ1ciE
WN1w+gVUdESSWtctWpuz3qxg8T0D6+ryaEVOvJhElougKWS6lg9qG8KgfQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org