Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
File: 3138352e322e3230362e302f32342d3234203d3e203531303539.roa (raw, json)
Hash identifier: xrYxMPWlm0NFN/UuQmB97S5T+AeBbukKizXkLUfGrf8=
Subject key identifier: 93:58:22:65:17:04:71:99:15:A4:87:52:E0:BA:83:8F:79:32:C4:57
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 4C824CA01443EE19480F7201A9C0EB29B5266C48
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
Signing time: Tue 08 Oct 2024 10:36:40 +0000
ROA not before: Tue 08 Oct 2024 10:31:40 +0000
ROA not after: Tue 07 Oct 2025 10:36:40 +0000
asID: 51059
IP address blocks: 185.2.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:82:4c:a0:14:43:ee:19:48:0f:72:01:a9:c0:eb:29:b5:26:6c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Oct 8 10:31:40 2024 GMT
Not After : Oct 7 10:36:40 2025 GMT
Subject: CN=935822651704719915A48752E0BA838F7932C457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:0d:2d:0a:3e:7f:22:99:83:49:a1:1e:64:
2c:26:6b:4f:40:ab:5e:00:d9:b8:1c:56:4e:90:bd:
bf:dc:0e:1a:26:3d:df:31:88:28:10:31:5d:07:25:
e1:81:b6:bd:3b:a5:56:db:fa:81:3b:4d:a0:8a:0d:
94:0e:12:2c:a1:84:ee:b9:64:35:8a:b6:4a:4f:6c:
7d:ba:62:7d:5f:29:91:25:d1:3c:2a:8a:17:d8:f7:
f6:99:65:88:d6:b5:72:cd:96:48:7e:5b:a4:3f:df:
b0:76:54:44:99:ec:b1:53:e9:76:61:52:09:2d:e9:
68:a2:f9:b2:43:7f:74:a8:ee:a9:6c:9c:36:ec:6d:
5a:fb:89:50:ea:e4:e3:32:7d:52:1a:23:dc:82:2f:
07:40:6b:d3:98:7d:0f:d0:44:89:72:90:f2:83:3c:
c5:95:3d:39:5d:b3:2a:c7:b5:c4:8b:7b:91:a3:1d:
90:3a:4d:37:0a:07:79:77:6d:92:42:19:e3:b0:af:
60:4b:68:15:8e:64:b7:42:b9:0d:4d:e6:bb:e8:d0:
a1:dd:a1:c2:90:f3:31:9e:4d:5a:00:a1:87:d6:13:
0b:ae:5b:c7:92:bd:38:bf:14:96:a4:c7:0d:5a:9b:
35:cb:71:67:2b:8a:d2:61:81:39:89:a6:39:e3:c3:
d4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:58:22:65:17:04:71:99:15:A4:87:52:E0:BA:83:8F:79:32:C4:57
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.206.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e9:bc:8f:07:38:7f:55:7a:32:e5:36:ed:ea:69:9c:fd:11:
80:e4:8f:56:06:f7:7c:58:5b:61:bb:eb:4e:3f:e2:bb:72:93:
04:74:af:3e:ef:29:a6:bb:12:2d:9d:0c:3e:77:7b:de:7b:42:
dd:11:a9:d0:63:fa:8f:cf:a9:cd:47:8f:8a:b7:de:50:00:dd:
46:6a:e9:ce:e0:8a:69:bd:b4:f5:ba:39:15:c4:d1:5f:e8:5f:
64:5d:bb:9c:9e:4e:e3:4a:5c:f1:4f:a8:77:0e:ef:55:ad:98:
ad:3d:28:b8:50:e5:0e:37:b7:db:ed:e2:bc:49:14:50:73:43:
ee:ce:06:44:f1:43:de:da:bc:84:75:b8:f1:af:40:f8:5c:ce:
98:d6:31:fc:25:90:cd:22:30:72:da:0c:78:44:56:b1:7a:cb:
8b:7c:bc:cb:35:8a:b6:9c:75:62:43:bd:c6:9c:3c:09:c2:82:
c6:f0:16:74:86:8c:6d:3c:e8:8d:5d:97:5b:9e:ce:6b:52:e4:
4c:4a:21:8d:ee:32:11:94:61:82:e8:fc:56:8c:dc:2b:1e:41:
d3:ee:a0:74:d6:42:37:71:14:c4:f7:36:5d:bf:a6:9c:03:9a:
10:05:e8:93:da:5b:cd:be:97:b6:f8:45:cf:d3:5a:48:53:50:
67:a6:4a:36
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTIJMoBRD7hlID3IBqcDrKbUmbEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNDEwMDgxMDMxNDBaFw0yNTEwMDcxMDM2NDBaMDMxMTAvBgNV
BAMTKDkzNTgyMjY1MTcwNDcxOTkxNUE0ODc1MkUwQkE4MzhGNzkzMkM0NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUoQ0tCj5/IpmDSaEeZCwma09A
q14A2bgcVk6Qvb/cDhomPd8xiCgQMV0HJeGBtr07pVbb+oE7TaCKDZQOEiyhhO65
ZDWKtkpPbH26Yn1fKZEl0TwqihfY9/aZZYjWtXLNlkh+W6Q/37B2VESZ7LFT6XZh
Ugkt6Wii+bJDf3So7qlsnDbsbVr7iVDq5OMyfVIaI9yCLwdAa9OYfQ/QRIlykPKD
PMWVPTldsyrHtcSLe5GjHZA6TTcKB3l3bZJCGeOwr2BLaBWOZLdCuQ1N5rvo0KHd
ocKQ8zGeTVoAoYfWEwuuW8eSvTi/FJakxw1amzXLcWcritJhgTmJpjnjw9TNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUk1giZRcEcZkVpIdS4LqDj3kyxFcwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzODM1MmUzMjJlMzIzMDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMwMzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkC
zjANBgkqhkiG9w0BAQsFAAOCAQEAIem8jwc4f1V6MuU27eppnP0RgOSPVgb3fFhb
YbvrTj/iu3KTBHSvPu8pprsSLZ0MPnd73ntC3RGp0GP6j8+pzUePirfeUADdRmrp
zuCKab209bo5FcTRX+hfZF27nJ5O40pc8U+odw7vVa2YrT0ouFDlDje32+3ivEkU
UHND7s4GRPFD3tq8hHW48a9A+FzOmNYx/CWQzSIwctoMeERWsXrLi3y8yzWKtpx1
YkO9xpw8CcKCxvAWdIaMbTzojV2XW57Oa1LkTEohje4yEZRhguj8VozcKx5B0+6g
dNZCN3EUxPc2Xb+mnAOaEAXok9pbzb6XtvhFz9NaSFNQZ6ZKNg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org