Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
File: 34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa (raw, json)
Hash identifier: j/tvDF/xrBJ6Z/GVFcZpOag/ZBQuFXiJ56kFmYlSx34=
Subject key identifier: 1D:60:3E:CA:6F:26:20:B4:ED:CD:8F:32:BE:38:10:01:02:6D:70:27
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 2A6E5FD9B7F36D6C0FC79BE9FB8B1AB7B76C7A53
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
Signing time: Fri 13 Sep 2024 10:05:20 +0000
ROA not before: Fri 13 Sep 2024 10:00:20 +0000
ROA not after: Fri 12 Sep 2025 10:05:20 +0000
asID: 141995
IP address blocks: 46.250.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:6e:5f:d9:b7:f3:6d:6c:0f:c7:9b:e9:fb:8b:1a:b7:b7:6c:7a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Sep 13 10:00:20 2024 GMT
Not After : Sep 12 10:05:20 2025 GMT
Subject: CN=1D603ECA6F2620B4EDCD8F32BE381001026D7027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:04:7b:82:a0:77:e1:ae:f8:bc:4f:83:41:
64:e4:d8:b2:93:17:d4:32:f7:91:99:0b:06:7a:b5:
f9:57:96:e9:29:67:e4:bf:f6:47:86:1a:d9:91:ea:
be:9f:2f:9d:5d:c4:df:0d:f9:12:71:4e:d6:ae:99:
e0:63:b7:a0:d4:7a:a0:b5:a4:ff:03:b6:c4:0a:cf:
4e:6c:90:a5:7e:20:8d:1d:3f:48:58:c7:ae:ef:1b:
3a:79:c4:7d:48:05:c8:71:ca:2c:14:75:94:02:72:
71:2a:8c:d0:c3:3b:c5:e1:44:67:3f:50:68:39:57:
af:bd:4b:50:d8:35:6e:7e:54:82:29:64:47:b0:4d:
66:d3:fd:fc:e2:02:0c:2e:dc:1c:42:f2:f7:37:70:
fa:86:72:22:c3:55:c2:64:4c:f7:93:7b:02:d8:1e:
da:91:26:c7:cd:ad:b8:bd:df:85:9c:cb:c8:19:72:
6d:c1:d7:79:97:59:b8:26:87:59:25:ca:45:b6:6e:
a9:2c:f9:f6:8c:77:07:a1:54:5a:00:65:5f:bf:65:
53:1d:8a:c5:73:7a:ca:d3:ef:f3:c9:5a:fd:48:e7:
81:e7:44:bc:29:d5:4d:02:31:20:99:e4:36:05:2e:
ab:7b:16:49:e6:a3:3d:18:50:4c:97:aa:d3:d7:6d:
df:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:60:3E:CA:6F:26:20:B4:ED:CD:8F:32:BE:38:10:01:02:6D:70:27
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.224.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:39:9d:f2:8c:e6:32:3d:62:76:2f:ae:38:21:c5:b6:36:b7:
53:5c:d3:e7:d6:1b:eb:9c:68:89:f7:f8:da:6e:ae:cf:69:c5:
4e:4b:d0:7c:71:a4:45:44:09:f4:94:d5:8e:fb:e1:c9:2b:f6:
49:e7:f1:0c:8e:f8:0a:67:07:05:0e:4b:5c:87:4c:68:48:f7:
91:7b:02:b9:06:e2:2c:78:1b:e0:6f:3c:60:c6:3c:e9:f6:73:
2a:bc:d1:bb:d7:c7:f6:5e:d5:a2:7d:c2:a1:9c:da:bc:a3:b7:
63:e3:5c:7b:36:1a:f6:b3:64:36:47:f7:2c:c8:1a:7e:ae:b8:
7f:bd:b8:62:6b:8b:19:b7:ab:d6:74:29:9a:84:1f:9f:3d:42:
a2:fa:7e:84:80:ed:08:ae:dc:1b:f2:a8:db:c3:6f:44:d6:c3:
e7:a1:dd:91:66:6a:f5:c8:57:a1:e5:a9:30:97:77:98:fc:6d:
3c:20:8e:71:8c:bc:e7:60:30:d8:bd:45:2a:ad:6b:62:53:98:
fc:95:0a:bd:f7:17:a5:04:63:f1:c0:ad:2c:50:83:b0:cb:c9:
57:8c:a8:87:87:3b:33:fe:fb:00:4c:f1:b9:05:25:f3:ff:08:
db:49:64:8f:5b:cb:a5:60:9f:5d:b6:10:af:c9:d3:e3:37:b9:
d0:aa:d8:47
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKm5f2bfzbWwPx5vp+4sat7dselMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNDA5MTMxMDAwMjBaFw0yNTA5MTIxMDA1MjBaMDMxMTAvBgNV
BAMTKDFENjAzRUNBNkYyNjIwQjRFRENEOEYzMkJFMzgxMDAxMDI2RDcwMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4iAR7gqB34a74vE+DQWTk2LKT
F9Qy95GZCwZ6tflXlukpZ+S/9keGGtmR6r6fL51dxN8N+RJxTtaumeBjt6DUeqC1
pP8DtsQKz05skKV+II0dP0hYx67vGzp5xH1IBchxyiwUdZQCcnEqjNDDO8XhRGc/
UGg5V6+9S1DYNW5+VIIpZEewTWbT/fziAgwu3BxC8vc3cPqGciLDVcJkTPeTewLY
HtqRJsfNrbi934Wcy8gZcm3B13mXWbgmh1klykW2bqks+faMdwehVFoAZV+/ZVMd
isVzesrT7/PJWv1I54HnRLwp1U0CMSCZ5DYFLqt7Fknmoz0YUEyXqtPXbd/DAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHWA+ym8mILTtzY8yvjgQAQJtcCcwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzQzNjJlMzIzNTMwMmUzMjMy
MzQyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQu+uAwDQYJKoZIhvcNAQELBQADggEBABo5nfKM5jI9YnYvrjghxbY2t1Nc0+fW
G+ucaIn3+Npurs9pxU5L0HxxpEVECfSU1Y774ckr9knn8QyO+ApnBwUOS1yHTGhI
95F7ArkG4ix4G+BvPGDGPOn2cyq80bvXx/Ze1aJ9wqGc2ryjt2PjXHs2GvazZDZH
9yzIGn6uuH+9uGJrixm3q9Z0KZqEH589QqL6foSA7Qiu3BvyqNvDb0TWw+eh3ZFm
avXIV6HlqTCXd5j8bTwgjnGMvOdgMNi9RSqta2JTmPyVCr33F6UEY/HArSxQg7DL
yVeMqIeHOzP++wBM8bkFJfP/CNtJZI9by6Vgn122EK/J0+M3udCq2Ec=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org