Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
File: 3139342e35302e3233332e302f32342d3234203d3e203535323836.roa (raw, json)
Hash identifier: Ef7/8a7q3RfD2Ip2T6EMfnQ8v7x9uZldzioqRZSZ9eI=
Subject key identifier: 28:25:09:D1:8B:FF:5F:62:2F:A0:A8:94:A6:9A:A8:D5:D6:D6:47:7E
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 5FD9543451E30764A190F1BA045A881B9E6B6421
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
Signing time: Wed 20 Nov 2024 07:43:28 +0000
ROA not before: Wed 20 Nov 2024 07:38:28 +0000
ROA not after: Wed 19 Nov 2025 07:43:28 +0000
asID: 55286
IP address blocks: 194.50.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d9:54:34:51:e3:07:64:a1:90:f1:ba:04:5a:88:1b:9e:6b:64:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 20 07:38:28 2024 GMT
Not After : Nov 19 07:43:28 2025 GMT
Subject: CN=282509D18BFF5F622FA0A894A69AA8D5D6D6477E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:52:6e:b8:79:eb:3b:93:95:19:de:53:31:
32:bc:d0:8d:0f:36:93:a7:67:d1:37:74:0b:03:bb:
0a:20:80:39:76:86:7d:d0:42:bc:7e:c2:0f:41:3d:
71:5f:4f:00:ee:09:85:2a:07:10:ce:41:88:8d:b3:
32:fb:b8:c0:6d:15:7e:44:75:ad:7d:bd:b4:ab:65:
7c:b4:9b:94:60:0b:16:91:a1:77:1a:06:b3:da:e2:
5c:e4:fa:af:c4:0a:26:97:a8:ab:77:46:ab:3f:76:
75:ce:45:4b:47:0b:04:2a:d6:d6:ec:c1:d1:10:32:
58:55:0a:97:ec:85:4e:ba:65:4d:b7:6a:ea:2d:b0:
26:45:76:07:9e:16:75:a0:78:54:cd:2c:95:a9:91:
6c:0f:39:34:f0:a3:00:78:9c:26:1b:5f:1a:8f:a3:
b0:41:fe:bb:08:e0:d3:31:74:a9:ed:27:f8:30:7a:
64:57:15:a2:e6:65:2b:f8:b8:c6:30:85:be:2f:9d:
75:9b:c4:a5:ce:30:a8:d8:a9:2b:1f:dc:91:8b:d9:
3e:72:6d:9d:70:24:f2:b3:7b:ed:6c:b3:38:b9:10:
88:33:fe:f2:a3:0f:cb:d1:cb:60:dd:bd:1e:65:81:
5d:89:ac:ee:16:d1:4d:c7:a0:4b:b6:83:78:8b:ee:
64:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:25:09:D1:8B:FF:5F:62:2F:A0:A8:94:A6:9A:A8:D5:D6:D6:47:7E
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.233.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7b:39:db:99:9d:44:48:41:a4:e7:7a:ac:ee:f6:cc:4c:75:
56:34:5a:41:cd:88:9e:16:37:b3:54:bc:78:ac:44:10:e9:bb:
8b:cb:a9:55:9f:70:8c:33:aa:95:53:b5:ca:af:80:65:67:20:
85:91:27:58:37:cb:5c:26:74:7d:b9:5f:3e:1e:06:bb:bd:79:
f3:8e:d9:0c:a9:54:0a:0b:1c:a8:7a:1e:8b:af:98:f4:39:c3:
72:63:09:fc:89:c2:8e:86:22:e9:08:3f:a7:e0:f8:13:e8:3a:
fd:7d:e7:3e:0a:4f:45:6a:15:d2:75:5f:de:70:8d:fa:a1:c8:
6f:65:e8:01:47:95:ce:09:09:db:f9:c0:9f:42:56:0c:95:1e:
c2:a2:6f:70:c9:0f:be:40:10:ab:78:1c:8d:b6:6d:eb:f1:7f:
55:c4:c3:a6:29:3b:2b:87:51:fd:92:fd:49:49:30:48:7c:e5:
25:1e:2c:e2:b4:59:a9:08:72:e0:e1:d4:17:77:7e:6b:6e:e2:
a4:ca:7d:03:a6:87:51:bb:5c:b9:f6:52:ff:0e:e4:b1:1e:28:
6e:61:2b:81:93:ad:2c:28:fe:25:de:df:e7:3a:99:9c:f8:e6:
a4:2d:e9:b8:ff:78:9c:76:48:7c:27:9d:b6:b3:86:3f:c1:3c:
f1:85:27:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX9lUNFHjB2ShkPG6BFqIG55rZCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDExMjAwNzM4MjhaFw0yNTExMTkwNzQzMjhaMDMxMTAvBgNV
BAMTKDI4MjUwOUQxOEJGRjVGNjIyRkEwQTg5NEE2OUFBOEQ1RDZENjQ3N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6JVJuuHnrO5OVGd5TMTK80I0P
NpOnZ9E3dAsDuwoggDl2hn3QQrx+wg9BPXFfTwDuCYUqBxDOQYiNszL7uMBtFX5E
da19vbSrZXy0m5RgCxaRoXcaBrPa4lzk+q/ECiaXqKt3Rqs/dnXORUtHCwQq1tbs
wdEQMlhVCpfshU66ZU23auotsCZFdgeeFnWgeFTNLJWpkWwPOTTwowB4nCYbXxqP
o7BB/rsI4NMxdKntJ/gwemRXFaLmZSv4uMYwhb4vnXWbxKXOMKjYqSsf3JGL2T5y
bZ1wJPKze+1sszi5EIgz/vKjD8vRy2DdvR5lgV2JrO4W0U3HoEu2g3iL7mS5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKCUJ0Yv/X2IvoKiUppqo1dbWR34wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM1MzIzODM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wjLpMA0GCSqGSIb3DQEBCwUAA4IBAQB5eznbmZ1ESEGk53qs7vbMTHVWNFpBzYie
FjezVLx4rEQQ6buLy6lVn3CMM6qVU7XKr4BlZyCFkSdYN8tcJnR9uV8+Hga7vXnz
jtkMqVQKCxyoeh6Lr5j0OcNyYwn8icKOhiLpCD+n4PgT6Dr9fec+Ck9FahXSdV/e
cI36ochvZegBR5XOCQnb+cCfQlYMlR7Com9wyQ++QBCreByNtm3r8X9VxMOmKTsr
h1H9kv1JSTBIfOUlHizitFmpCHLg4dQXd35rbuKkyn0DpodRu1y59lL/DuSxHihu
YSuBk60sKP4l3t/nOpmc+OakLem4/3icdkh8J522s4Y/wTzxhSeW
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org