Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
File: 3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: snF4WJKlzwdnmGi9ywILFvWW4hfXqlMHf2VQzcK78dw=
Subject key identifier: 21:80:8F:EF:61:A5:06:5B:FA:6C:D9:A5:03:43:3A:1A:06:DF:2F:1F
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 5C12EFF0F41B0952A1B7E4099507C80D09AFA362
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 03 Nov 2023 20:10:50 +0000
ROA not before: Fri 03 Nov 2023 20:05:50 +0000
ROA not after: Fri 01 Nov 2024 20:10:50 +0000
asID: 399641
IP address blocks: 194.150.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:12:ef:f0:f4:1b:09:52:a1:b7:e4:09:95:07:c8:0d:09:af:a3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 3 20:05:50 2023 GMT
Not After : Nov 1 20:10:50 2024 GMT
Subject: CN=21808FEF61A5065BFA6CD9A503433A1A06DF2F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:48:e9:cd:6b:c3:6b:15:b5:58:f6:fb:4b:ef:
3e:fa:26:4a:9c:6a:12:be:22:b8:4a:a6:b7:32:5c:
ce:63:f8:ed:ed:a0:31:12:76:74:fc:f2:2a:51:b4:
4a:5c:07:72:9f:36:c0:4f:51:b4:83:f7:8c:62:ca:
8e:ff:1b:65:41:7a:af:11:fc:46:c0:08:78:34:d1:
01:6b:0e:88:d0:36:50:16:e3:7f:46:e9:9f:cb:5c:
3c:7b:04:82:d6:e2:b0:3d:5b:f4:cd:78:34:e4:84:
bc:cf:91:10:f4:26:ec:a2:22:72:68:81:85:94:f1:
90:f7:b6:da:a0:8b:08:cf:08:96:04:b7:18:07:58:
30:b7:dd:a5:a6:5e:cc:e0:44:5d:1b:eb:e6:2f:88:
d8:bc:ef:c0:8c:35:4e:2a:fb:ea:02:3b:bb:5b:15:
a9:45:8f:9f:e6:9a:5a:e7:57:12:22:44:5c:78:3f:
d3:30:30:37:c5:d1:dd:d6:6c:40:27:28:53:01:88:
94:aa:c2:03:28:dc:21:16:26:47:61:43:dd:92:57:
d3:76:87:36:df:ef:09:9c:75:d8:b3:d8:74:09:e7:
ea:8d:24:19:84:7a:51:88:94:72:c4:38:d7:6e:55:
22:f7:db:ad:c7:61:86:a2:57:ad:1c:67:1e:91:28:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:80:8F:EF:61:A5:06:5B:FA:6C:D9:A5:03:43:3A:1A:06:DF:2F:1F
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.205.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:ee:8e:c0:9a:97:b9:e6:73:f7:f4:26:63:a0:f8:d5:ff:3e:
40:3e:da:76:49:4b:71:fa:5a:5b:d5:5f:f6:6a:fb:c1:b5:c1:
ae:0a:79:b0:6c:79:ad:03:b5:ae:4f:30:b0:da:68:6f:10:aa:
98:ce:1e:3d:a9:5d:6b:35:67:23:e0:99:cf:9d:20:9a:bf:a5:
b2:d1:b8:61:6c:4c:f0:08:0a:c2:71:f3:18:af:42:ba:09:e4:
66:7b:e4:de:b9:db:36:fd:67:70:2b:79:14:16:78:9b:35:db:
21:b4:34:7e:83:ba:07:35:14:c2:bf:32:c5:5e:b8:a1:91:d6:
09:46:7e:a4:ba:44:19:65:b5:64:cd:c0:33:29:da:1e:8d:e4:
2a:56:92:ac:54:71:0f:f0:8e:33:b0:60:67:71:65:f9:92:dc:
75:55:63:6a:38:28:7e:d5:7b:7b:37:10:8c:dd:27:8e:a9:0d:
b3:15:23:55:6a:21:cf:f0:6e:f3:b9:4b:ef:cd:7b:ce:8a:19:
74:68:22:87:61:95:e0:13:3a:58:9d:18:de:aa:3c:f0:dc:ae:
7f:ca:fb:ca:5a:15:8a:53:86:f9:ba:dd:72:93:da:b1:06:56:
3a:21:1b:77:ed:a7:44:53:3f:a3:94:c5:d3:10:0c:58:c8:0a:
e5:5a:95:a8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXBLv8PQbCVKht+QJlQfIDQmvo2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yMzExMDMyMDA1NTBaFw0yNDExMDEyMDEwNTBaMDMxMTAvBgNV
BAMTKDIxODA4RkVGNjFBNTA2NUJGQTZDRDlBNTAzNDMzQTFBMDZERjJGMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/SOnNa8NrFbVY9vtL7z76Jkqc
ahK+IrhKprcyXM5j+O3toDESdnT88ipRtEpcB3KfNsBPUbSD94xiyo7/G2VBeq8R
/EbACHg00QFrDojQNlAW439G6Z/LXDx7BILW4rA9W/TNeDTkhLzPkRD0JuyiInJo
gYWU8ZD3ttqgiwjPCJYEtxgHWDC33aWmXszgRF0b6+YviNi878CMNU4q++oCO7tb
FalFj5/mmlrnVxIiRFx4P9MwMDfF0d3WbEAnKFMBiJSqwgMo3CEWJkdhQ92SV9N2
hzbf7wmcddiz2HQJ5+qNJBmEelGIlHLEONduVSL3263HYYaiV60cZx6RKKRTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIYCP72GlBlv6bNmlA0M6GgbfLx8wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzOTM2MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKWzTANBgkqhkiG9w0BAQsFAAOCAQEAwu6OwJqXueZz9/QmY6D41f8+QD7a
dklLcfpaW9Vf9mr7wbXBrgp5sGx5rQO1rk8wsNpobxCqmM4ePaldazVnI+CZz50g
mr+lstG4YWxM8AgKwnHzGK9CugnkZnvk3rnbNv1ncCt5FBZ4mzXbIbQ0foO6BzUU
wr8yxV64oZHWCUZ+pLpEGWW1ZM3AMynaHo3kKlaSrFRxD/COM7BgZ3Fl+ZLcdVVj
ajgoftV7ezcQjN0njqkNsxUjVWohz/Bu87lL7817zooZdGgih2GV4BM6WJ0Y3qo8
8Nyuf8r7yloVilOG+brdcpPasQZWOiEbd+2nRFM/o5TF0xAMWMgK5VqVqA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:13:09 2024 by rpki-client on console-fra.rpki-client.org