Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
File: 3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: bknrv16eXGI6N6AqZx9H5omin9A1fsO347quNIRSyZg=
Subject key identifier: 3E:04:28:B9:21:B0:BA:3F:F9:82:3E:94:3B:77:CC:C1:8E:F6:2A:2F
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 205CE799F2A6C77EF148BEADD4AA755084292F7E
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 03 Nov 2023 20:10:49 +0000
ROA not before: Fri 03 Nov 2023 20:05:49 +0000
ROA not after: Fri 01 Nov 2024 20:10:49 +0000
asID: 399641
IP address blocks: 194.50.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:5c:e7:99:f2:a6:c7:7e:f1:48:be:ad:d4:aa:75:50:84:29:2f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Nov 3 20:05:49 2023 GMT
Not After : Nov 1 20:10:49 2024 GMT
Subject: CN=3E0428B921B0BA3FF9823E943B77CCC18EF62A2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d8:56:7d:60:4b:f6:46:d5:7e:74:1b:e5:e5:
c0:22:f6:34:f6:40:c2:ad:f0:e2:e1:8b:bc:b8:a3:
c0:27:49:e5:1d:d9:73:59:65:ed:e3:ae:8e:d2:60:
d4:15:3f:7b:8c:0d:2a:19:97:ea:7e:0a:e2:1a:7c:
2e:0b:9d:65:8c:53:f9:96:a5:60:ea:fa:c6:7a:0a:
11:f6:12:4f:60:24:fd:97:98:73:88:83:d2:83:d9:
fa:3e:c8:a2:41:03:80:a0:9d:fa:72:62:d2:da:f8:
52:04:be:42:77:37:b0:98:3e:a2:18:51:ca:0a:35:
d0:c7:04:5b:23:84:ea:8d:43:2e:fb:b3:e5:eb:8c:
0e:c8:02:46:82:4e:96:d4:2d:7b:56:fd:f9:b7:f4:
d2:da:c7:0d:dd:4a:2d:76:2c:1a:a8:94:98:2a:24:
f3:2c:37:74:ae:92:0d:54:5a:53:43:f1:c4:ad:0b:
7f:f6:31:cc:70:88:07:5c:23:6a:7f:0f:5b:22:6d:
26:14:a5:8d:29:fe:0d:32:b1:75:6d:8b:8f:7e:bd:
50:dd:60:0a:ce:42:54:a1:eb:90:97:c7:d3:1f:21:
68:b6:ba:45:76:7f:08:93:78:f1:a9:8d:f4:23:c9:
37:54:b1:2c:58:f0:60:7c:0b:da:98:16:95:3d:ce:
e6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:04:28:B9:21:B0:BA:3F:F9:82:3E:94:3B:77:CC:C1:8E:F6:2A:2F
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.243.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b6:6a:1b:f3:00:f3:03:ea:84:5e:46:4e:9d:a4:70:fc:d5:
c1:30:6b:48:05:0b:10:3e:65:e7:bd:82:59:a1:5a:46:e9:9b:
4d:5e:84:c0:7d:8a:a1:51:cc:3b:d0:07:5d:ed:ca:c4:40:96:
63:17:ce:06:13:d6:af:00:48:ff:d5:fc:9a:7d:67:5c:2b:ae:
d3:48:f3:7a:9c:7b:5b:86:8a:be:26:48:b9:7b:53:f5:b3:2d:
43:cf:0a:42:ce:6d:bb:b4:72:b9:be:ec:72:00:f6:4d:a5:87:
cc:7c:b4:83:c5:38:15:9d:16:ce:8a:59:b1:2f:7f:5e:f0:ae:
4e:fb:b8:bf:3f:87:7f:8a:7b:c2:81:e9:f7:7d:cd:48:45:26:
09:2d:74:0a:02:c2:33:b0:34:ac:d8:19:34:07:90:6f:10:ed:
92:e2:a3:29:14:38:99:98:02:62:c5:e1:fe:48:a3:34:8f:88:
bd:d5:1f:43:85:07:cf:4f:58:c8:57:8d:11:19:ac:29:f4:90:
70:1e:d7:a1:94:00:ba:a3:54:99:cf:7c:4d:da:85:de:cd:52:
63:d6:22:eb:ca:6b:84:23:1c:4d:39:ad:df:bf:ca:a0:89:8e:
80:c1:e3:12:b0:cc:24:cc:35:f7:b5:34:a9:05:6c:73:02:de:
55:54:17:c9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIFznmfKmx37xSL6t1Kp1UIQpL34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yMzExMDMyMDA1NDlaFw0yNDExMDEyMDEwNDlaMDMxMTAvBgNV
BAMTKDNFMDQyOEI5MjFCMEJBM0ZGOTgyM0U5NDNCNzdDQ0MxOEVGNjJBMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv2FZ9YEv2RtV+dBvl5cAi9jT2
QMKt8OLhi7y4o8AnSeUd2XNZZe3jro7SYNQVP3uMDSoZl+p+CuIafC4LnWWMU/mW
pWDq+sZ6ChH2Ek9gJP2XmHOIg9KD2fo+yKJBA4CgnfpyYtLa+FIEvkJ3N7CYPqIY
UcoKNdDHBFsjhOqNQy77s+XrjA7IAkaCTpbULXtW/fm39NLaxw3dSi12LBqolJgq
JPMsN3Sukg1UWlND8cStC3/2McxwiAdcI2p/D1sibSYUpY0p/g0ysXVti49+vVDd
YArOQlSh65CXx9MfIWi2ukV2fwiTePGpjfQjyTdUsSxY8GB8C9qYFpU9zuYLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPgQouSGwuj/5gj6UO3fMwY72Ki8wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzkzNjM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCMvMwDQYJKoZIhvcNAQELBQADggEBAEi2ahvzAPMD6oReRk6dpHD81cEwa0gF
CxA+Zee9glmhWkbpm01ehMB9iqFRzDvQB13tysRAlmMXzgYT1q8ASP/V/Jp9Z1wr
rtNI83qce1uGir4mSLl7U/WzLUPPCkLObbu0crm+7HIA9k2lh8x8tIPFOBWdFs6K
WbEvf17wrk77uL8/h3+Ke8KB6fd9zUhFJgktdAoCwjOwNKzYGTQHkG8Q7ZLioykU
OJmYAmLF4f5IozSPiL3VH0OFB89PWMhXjREZrCn0kHAe16GUALqjVJnPfE3ahd7N
UmPWIuvKa4QjHE05rd+/yqCJjoDB4xKwzCTMNfe1NKkFbHMC3lVUF8k=
-----END CERTIFICATE-----
Generated at Sun May 5 22:13:09 2024 by rpki-client on console-fra.rpki-client.org