Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231312e302f32342d3234203d3e203630373532.roa
File: 3139342e3135302e3231312e302f32342d3234203d3e203630373532.roa (raw, json)
Hash identifier: I3zCfVHFsTBqewiS4pyfwn2Q3aQRLom1BtjyCp3nLd0=
Subject key identifier: 72:52:73:37:F5:DB:51:B3:9E:A0:D0:4A:0F:D9:71:6F:6F:FE:51:2C
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 78A5CFCB4EC7C823B18F72FD16E4F1084176E1B9
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231312e302f32342d3234203d3e203630373532.roa
Signing time: Mon 30 Dec 2024 15:53:48 +0000
ROA not before: Mon 30 Dec 2024 15:48:48 +0000
ROA not after: Mon 29 Dec 2025 15:53:48 +0000
asID: 60752
IP address blocks: 194.150.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 04:46:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:a5:cf:cb:4e:c7:c8:23:b1:8f:72:fd:16:e4:f1:08:41:76:e1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Dec 30 15:48:48 2024 GMT
Not After : Dec 29 15:53:48 2025 GMT
Subject: CN=72527337F5DB51B39EA0D04A0FD9716F6FFE512C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:35:60:a4:bd:a9:d7:ff:4c:a2:da:9e:17:
59:c4:8c:1d:48:f4:19:8d:cd:31:f1:cb:f1:99:ed:
8b:79:08:37:19:a9:a6:f7:4a:40:dc:87:e5:79:06:
63:3c:61:7c:47:e8:1c:c9:2e:43:d8:b3:83:c0:99:
b6:65:f0:93:f1:c9:de:95:30:71:8a:98:f9:40:ef:
03:68:1c:f3:2d:22:66:b6:9f:96:86:9f:a9:98:d6:
be:83:f5:d4:68:03:29:5b:83:35:88:95:f6:d3:3a:
f5:c9:1e:d1:d8:47:da:72:cc:58:20:ad:87:f4:5c:
23:d8:6d:60:ba:08:b8:8f:20:23:82:9a:37:73:90:
e0:d5:74:7d:5d:ae:cd:c9:b0:a7:bf:24:e7:41:51:
ee:af:1a:44:d1:21:51:78:3c:18:84:d0:fd:71:aa:
22:56:47:67:14:77:42:aa:6d:d4:9c:85:46:5b:79:
92:47:b9:35:79:b0:5e:06:20:da:b1:13:3c:db:da:
ed:a9:c5:fa:0e:4d:d4:71:c3:8d:6c:13:13:75:2c:
0a:93:47:a0:9f:7c:7e:33:07:7a:c0:b5:59:d5:72:
af:68:a4:91:18:d3:e7:7a:a0:89:3e:d8:a5:a7:36:
f5:65:f2:88:10:c3:b6:3a:84:01:20:63:2a:9c:72:
73:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:52:73:37:F5:DB:51:B3:9E:A0:D0:4A:0F:D9:71:6F:6F:FE:51:2C
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231312e302f32342d3234203d3e203630373532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.211.0/24
Signature Algorithm: sha256WithRSAEncryption
da:dc:aa:4c:30:55:23:ef:11:a4:61:89:07:54:90:84:39:29:
e1:99:82:dd:74:83:45:77:76:1c:4d:57:69:be:3c:7a:5f:5a:
b6:a2:5e:b0:21:2d:0b:76:07:62:ca:3f:0d:14:7f:ba:28:57:
7c:25:1c:e4:2d:16:0b:b5:61:88:00:55:fb:98:42:e2:cc:09:
2f:fa:09:2a:a6:32:de:71:20:81:7a:0d:56:44:c8:7a:0a:0d:
c1:2d:31:48:b6:b8:83:51:74:88:4b:1f:f8:3d:b0:26:e2:58:
33:a7:9e:f7:c6:89:7c:c9:13:0f:c9:7d:ec:55:66:59:06:bc:
d4:75:7b:f7:c9:b4:3d:61:d0:c9:d3:ca:b4:be:73:34:9a:e1:
c8:18:f8:a4:0c:10:cd:de:84:84:33:28:45:3a:2d:48:b6:82:
e7:14:cb:c7:9e:09:5e:d2:40:d4:e5:62:89:75:0a:1f:9b:d4:
08:95:d6:48:ff:01:b6:fe:99:a3:1a:40:52:77:93:98:6b:a2:
74:18:fd:dc:0f:e6:40:c0:3c:a3:3c:36:bc:97:a8:26:6a:7f:
51:f7:fd:04:9a:42:58:e0:04:ae:e2:4e:f7:f1:e9:1d:2d:b6:
59:ec:71:82:58:34:57:5f:82:71:79:d5:83:27:53:59:1b:30:
fd:94:db:91
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeKXPy07HyCOxj3L9FuTxCEF24bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDEyMzAxNTQ4NDhaFw0yNTEyMjkxNTUzNDhaMDMxMTAvBgNV
BAMTKDcyNTI3MzM3RjVEQjUxQjM5RUEwRDA0QTBGRDk3MTZGNkZGRTUxMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgYDVgpL2p1/9MotqeF1nEjB1I
9BmNzTHxy/GZ7Yt5CDcZqab3SkDch+V5BmM8YXxH6BzJLkPYs4PAmbZl8JPxyd6V
MHGKmPlA7wNoHPMtIma2n5aGn6mY1r6D9dRoAylbgzWIlfbTOvXJHtHYR9pyzFgg
rYf0XCPYbWC6CLiPICOCmjdzkODVdH1drs3JsKe/JOdBUe6vGkTRIVF4PBiE0P1x
qiJWR2cUd0KqbdSchUZbeZJHuTV5sF4GINqxEzzb2u2pxfoOTdRxw41sExN1LAqT
R6CffH4zB3rAtVnVcq9opJEY0+d6oIk+2KWnNvVl8ogQw7Y6hAEgYyqccnPrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUclJzN/XbUbOeoNBKD9lxb2/+USwwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNzM1MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCltMwDQYJKoZIhvcNAQELBQADggEBANrcqkwwVSPvEaRhiQdUkIQ5KeGZgt10
g0V3dhxNV2m+PHpfWraiXrAhLQt2B2LKPw0Uf7ooV3wlHOQtFgu1YYgAVfuYQuLM
CS/6CSqmMt5xIIF6DVZEyHoKDcEtMUi2uINRdIhLH/g9sCbiWDOnnvfGiXzJEw/J
fexVZlkGvNR1e/fJtD1h0MnTyrS+czSa4cgY+KQMEM3ehIQzKEU6LUi2gucUy8ee
CV7SQNTlYol1Ch+b1AiV1kj/Abb+maMaQFJ3k5hronQY/dwP5kDAPKM8NryXqCZq
f1H3/QSaQljgBK7iTvfx6R0ttlnscYJYNFdfgnF51YMnU1kbMP2U25E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:56:56 2025 by rpki-client