Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e203631333137.roa
File: 3139342e35302e3232342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: ycjRBA9+H93lKKulB5OCpeMWRxaoKqF/VX/8OlzePIo=
Subject key identifier: 6B:49:F9:68:CB:D9:C5:7A:7A:09:AF:4A:C7:A6:A7:7F:DA:C4:7C:B5
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 11E6C40D39C7186D9F8CB3609E370444F55C3124
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 20 Nov 2024 07:43:28 +0000
ROA not before: Wed 20 Nov 2024 07:38:28 +0000
ROA not after: Wed 19 Nov 2025 07:43:28 +0000
asID: 61317
IP address blocks: 194.50.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e6:c4:0d:39:c7:18:6d:9f:8c:b3:60:9e:37:04:44:f5:5c:31:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 20 07:38:28 2024 GMT
Not After : Nov 19 07:43:28 2025 GMT
Subject: CN=6B49F968CBD9C57A7A09AF4AC7A6A77FDAC47CB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:61:74:2b:e1:fd:37:b4:e3:71:2c:68:33:
16:fc:f3:a8:e3:60:bd:5d:39:81:39:37:93:c4:4f:
4d:00:7e:0a:d4:96:fb:4f:02:74:c2:41:86:c8:4a:
f8:40:22:a7:9a:72:0e:77:39:0a:12:d9:a1:e9:a0:
14:c4:da:02:bc:8d:61:a0:ac:0a:e6:02:76:13:68:
cb:64:6a:a9:20:12:35:7a:2d:eb:18:f6:c2:b3:b8:
fa:96:94:39:cc:6e:5f:8d:ea:f8:92:4b:58:73:d3:
68:3a:d5:f0:c5:65:48:c8:8e:3b:d1:91:4e:36:f9:
1c:56:5c:25:e5:f8:03:7e:c8:e9:61:61:6b:d9:8b:
ba:7a:96:81:30:84:d8:b4:7c:95:85:45:70:28:3b:
7f:0f:24:2f:a1:2c:0e:c8:3d:45:be:d9:c8:f3:6e:
d7:90:7e:25:f4:0e:a5:f6:35:b8:38:bd:6f:0a:69:
6f:8a:81:c9:eb:e8:a1:93:76:eb:19:f7:65:a2:1d:
7b:64:9b:16:f5:d0:c5:9e:05:55:89:25:c6:d1:29:
df:d9:fc:84:6c:66:f9:5a:7c:0e:b4:a0:be:1a:8e:
68:54:40:28:cf:9c:ee:2a:24:f8:9b:29:07:dd:08:
6d:88:5a:76:65:da:33:85:a3:48:f2:20:1b:b1:53:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:49:F9:68:CB:D9:C5:7A:7A:09:AF:4A:C7:A6:A7:7F:DA:C4:7C:B5
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.224.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:0c:3f:e5:91:1f:8b:85:59:b6:0a:8e:9f:2b:b2:2d:97:0c:
cf:3f:34:a8:c5:17:f7:bc:95:0a:69:2d:ec:4f:04:f2:1e:0c:
a2:7c:d6:9c:7f:41:66:aa:9c:6c:23:a5:0b:ce:bb:9f:b9:a6:
87:7b:cf:20:94:63:3e:52:14:39:c6:93:d5:15:25:52:d4:07:
56:8b:38:52:8a:c2:56:13:43:8c:d2:7b:85:82:cb:4f:c0:c5:
e0:c9:28:ef:a5:76:d1:35:b8:68:40:93:fe:7a:3a:d2:9a:46:
3d:de:06:a7:8f:9e:62:84:4c:b0:51:b9:62:8d:4e:eb:08:70:
53:58:38:41:90:97:65:10:d0:17:c7:37:94:67:83:bb:c6:3e:
93:f4:d7:d7:00:0c:ca:2f:db:14:9a:84:46:a9:2b:ee:e1:14:
bd:a1:a1:3f:a0:75:56:e5:28:e2:c5:96:0d:e4:dd:aa:3a:6b:
b1:40:7a:e1:22:25:5b:ec:44:da:ff:09:d4:2f:93:15:97:ea:
2a:0d:a2:fd:5c:52:2b:72:43:6a:28:d5:98:5d:bf:fa:fe:ef:
a0:bd:aa:d2:47:0d:de:06:31:b5:39:29:37:04:46:3d:a0:b1:
0f:3c:7d:01:ff:03:dd:40:59:ea:01:20:41:ba:cd:1c:a8:f5:
5f:21:61:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEebEDTnHGG2fjLNgnjcERPVcMSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDExMjAwNzM4MjhaFw0yNTExMTkwNzQzMjhaMDMxMTAvBgNV
BAMTKDZCNDlGOTY4Q0JEOUM1N0E3QTA5QUY0QUM3QTZBNzdGREFDNDdDQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAL2F0K+H9N7TjcSxoMxb886jj
YL1dOYE5N5PET00AfgrUlvtPAnTCQYbISvhAIqeacg53OQoS2aHpoBTE2gK8jWGg
rArmAnYTaMtkaqkgEjV6LesY9sKzuPqWlDnMbl+N6viSS1hz02g61fDFZUjIjjvR
kU42+RxWXCXl+AN+yOlhYWvZi7p6loEwhNi0fJWFRXAoO38PJC+hLA7IPUW+2cjz
bteQfiX0DqX2Nbg4vW8KaW+Kgcnr6KGTdusZ92WiHXtkmxb10MWeBVWJJcbRKd/Z
/IRsZvlafA60oL4ajmhUQCjPnO4qJPibKQfdCG2IWnZl2jOFo0jyIBuxU9idAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUa0n5aMvZxXp6Ca9Kx6anf9rEfLUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wjLgMA0GCSqGSIb3DQEBCwUAA4IBAQBLDD/lkR+LhVm2Co6fK7ItlwzPPzSoxRf3
vJUKaS3sTwTyHgyifNacf0FmqpxsI6ULzrufuaaHe88glGM+UhQ5xpPVFSVS1AdW
izhSisJWE0OM0nuFgstPwMXgySjvpXbRNbhoQJP+ejrSmkY93ganj55ihEywUbli
jU7rCHBTWDhBkJdlENAXxzeUZ4O7xj6T9NfXAAzKL9sUmoRGqSvu4RS9oaE/oHVW
5SjixZYN5N2qOmuxQHrhIiVb7ETa/wnUL5MVl+oqDaL9XFIrckNqKNWYXb/6/u+g
varSRw3eBjG1OSk3BEY9oLEPPH0B/wPdQFnqASBBus0cqPVfIWGI
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org