Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
File: 3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: zzejM2ix2jXdmdBSm8KyI9gUnvooHTUF2Y1Ty715cY0=
Subject key identifier: 6C:53:C3:B5:EB:6C:E2:1A:8D:D5:C6:81:35:81:85:39:94:D2:F4:46
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 631ED411D76E9D30C406B9E6CA102330CFD58AC7
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 04 Oct 2024 20:43:22 +0000
ROA not before: Fri 04 Oct 2024 20:38:22 +0000
ROA not after: Fri 03 Oct 2025 20:43:22 +0000
asID: 399641
IP address blocks: 194.50.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:1e:d4:11:d7:6e:9d:30:c4:06:b9:e6:ca:10:23:30:cf:d5:8a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 4 20:38:22 2024 GMT
Not After : Oct 3 20:43:22 2025 GMT
Subject: CN=6C53C3B5EB6CE21A8DD5C6813581853994D2F446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:ac:b5:1b:e6:d4:41:f0:c0:27:23:78:86:
8a:89:34:ce:cd:7e:69:16:2f:aa:0d:aa:1a:11:1e:
b8:ca:a3:9d:91:99:31:43:5e:1e:33:ef:d6:30:01:
00:a7:29:ad:88:f2:9f:b2:e2:12:42:bf:6d:90:9c:
c8:bb:1a:26:12:f1:4d:b6:53:c1:ee:88:d2:59:cb:
e6:63:4d:de:ef:aa:0a:96:e1:f3:df:7b:7e:48:ea:
cf:eb:da:52:32:96:68:94:c8:3b:66:f7:af:e2:4e:
d4:b9:15:dd:a3:d9:55:98:bf:05:11:46:8b:a9:74:
e1:07:74:1b:73:a5:12:21:eb:97:b3:75:d5:84:52:
c4:58:50:43:71:07:54:fa:bc:36:a5:57:fa:ae:27:
51:8b:3b:8d:57:4b:6b:53:a1:51:63:53:11:0c:85:
45:b1:27:32:9b:e6:c1:29:71:10:60:bc:d8:0d:7b:
e6:fb:12:c6:fe:3f:9e:48:11:6a:b4:69:7b:4a:89:
e8:6f:f9:c0:f7:62:a8:56:db:ce:f2:e8:73:e3:4d:
84:e2:ae:eb:0a:a0:09:c9:cc:54:87:82:96:99:c3:
90:0b:d5:e3:96:d2:85:89:01:46:2d:8d:54:0e:29:
4d:47:e4:4b:18:c2:3a:40:59:b5:83:ac:90:21:1d:
15:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:53:C3:B5:EB:6C:E2:1A:8D:D5:C6:81:35:81:85:39:94:D2:F4:46
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.243.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:5c:5f:f2:26:00:ef:b4:31:04:ca:37:4a:4d:8e:2f:a6:97:
59:19:a1:2b:1a:67:ae:09:61:c0:8a:0b:1a:87:05:83:33:32:
fc:9d:f8:a4:d6:42:c7:c9:cb:80:12:df:0b:f9:e1:a5:ef:e8:
18:fd:dd:e0:af:f4:39:34:3d:80:cc:48:c4:3d:27:70:12:e7:
a6:39:a6:16:94:9d:37:65:e2:f7:a8:35:98:f8:b0:0a:bc:89:
b4:e4:ca:66:42:72:b4:94:91:f6:9a:ec:2a:fd:31:a3:d6:f9:
79:4f:be:62:2d:1a:1c:52:b2:ad:26:e0:14:ac:b1:e7:91:14:
bf:5c:52:a3:a7:75:dc:bf:4c:39:96:17:1e:1e:5e:cc:37:b6:
a4:79:05:75:c9:57:23:b6:94:6c:1f:6d:cf:b5:82:10:65:55:
f4:02:a7:6b:62:1c:22:61:3d:2e:a3:df:90:03:08:36:a3:b5:
f1:c4:b1:32:7d:74:8c:5d:62:00:3f:80:37:15:83:80:54:91:
b6:c6:34:64:4d:16:38:6c:01:f5:ca:26:fa:b4:cf:74:a7:57:
ee:10:63:5d:5f:53:a5:28:37:55:71:71:2f:a4:86:de:17:90:
2c:c9:8e:c6:e8:10:1a:8b:9a:bc:13:72:ca:fd:34:4d:91:1d:
7f:da:aa:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYx7UEddunTDEBrnmyhAjMM/ViscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDEwMDQyMDM4MjJaFw0yNTEwMDMyMDQzMjJaMDMxMTAvBgNV
BAMTKDZDNTNDM0I1RUI2Q0UyMUE4REQ1QzY4MTM1ODE4NTM5OTREMkY0NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC39Ky1G+bUQfDAJyN4hoqJNM7N
fmkWL6oNqhoRHrjKo52RmTFDXh4z79YwAQCnKa2I8p+y4hJCv22QnMi7GiYS8U22
U8HuiNJZy+ZjTd7vqgqW4fPfe35I6s/r2lIylmiUyDtm96/iTtS5Fd2j2VWYvwUR
RoupdOEHdBtzpRIh65ezddWEUsRYUENxB1T6vDalV/quJ1GLO41XS2tToVFjUxEM
hUWxJzKb5sEpcRBgvNgNe+b7Esb+P55IEWq0aXtKiehv+cD3YqhW287y6HPjTYTi
rusKoAnJzFSHgpaZw5AL1eOW0oWJAUYtjVQOKU1H5EsYwjpAWbWDrJAhHRW3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbFPDtets4hqN1caBNYGFOZTS9EYwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzkzNjM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCMvMwDQYJKoZIhvcNAQELBQADggEBAMhcX/ImAO+0MQTKN0pNji+ml1kZoSsa
Z64JYcCKCxqHBYMzMvyd+KTWQsfJy4AS3wv54aXv6Bj93eCv9Dk0PYDMSMQ9J3AS
56Y5phaUnTdl4veoNZj4sAq8ibTkymZCcrSUkfaa7Cr9MaPW+XlPvmItGhxSsq0m
4BSsseeRFL9cUqOnddy/TDmWFx4eXsw3tqR5BXXJVyO2lGwfbc+1ghBlVfQCp2ti
HCJhPS6j35ADCDajtfHEsTJ9dIxdYgA/gDcVg4BUkbbGNGRNFjhsAfXKJvq0z3Sn
V+4QY11fU6UoN1VxcS+kht4XkCzJjsboEBqLmrwTcsr9NE2RHX/aqok=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:00 2024 by rpki-client on console-fra.rpki-client.org