Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
File: 34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa (raw, json)
Hash identifier: NLU++5xZjzD437PtmNgvfxHCqYMIFnb00RqdIBmj2Iw=
Subject key identifier: EB:B2:8F:F1:8E:F5:EC:77:C4:E1:CE:9D:A6:C4:3A:A7:1D:E0:36:74
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 045156F3B81FA354E5CC8E73AF6E3FCC8BDF6BD1
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
Signing time: Fri 13 Sep 2024 10:05:20 +0000
ROA not before: Fri 13 Sep 2024 10:00:20 +0000
ROA not after: Fri 12 Sep 2025 10:05:20 +0000
asID: 141995
IP address blocks: 46.250.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:51:56:f3:b8:1f:a3:54:e5:cc:8e:73:af:6e:3f:cc:8b:df:6b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Sep 13 10:00:20 2024 GMT
Not After : Sep 12 10:05:20 2025 GMT
Subject: CN=EBB28FF18EF5EC77C4E1CE9DA6C43AA71DE03674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:9b:92:ec:cf:13:e4:8b:f9:cd:78:cf:46:
ba:b0:93:a6:ad:9a:1f:f0:5a:3d:26:c5:14:b2:cd:
fa:c0:36:c9:66:3c:41:72:de:b0:9c:de:cd:db:5f:
2a:fa:5b:0d:6d:9e:4c:12:11:0c:fa:c9:72:2c:75:
c6:f9:b5:76:04:a3:e7:b8:9f:e0:a4:11:11:0e:fb:
46:15:04:73:ec:a5:7c:73:7e:f0:bc:f1:db:c0:94:
00:3e:b6:d9:80:25:56:36:b0:1b:aa:18:48:74:6c:
eb:ce:7b:3f:ed:a2:ff:86:9a:63:48:ce:30:90:5e:
f6:14:67:02:3b:9a:28:80:49:ef:60:1f:bf:ed:df:
43:c7:49:a4:a4:96:70:86:17:50:e2:2b:c7:61:b6:
49:21:84:65:15:fc:38:5b:37:44:a5:4c:7b:74:d1:
9d:08:4d:a0:c4:5c:22:5a:d9:80:7f:83:93:a9:b9:
5b:a0:35:54:fd:8d:2c:0d:54:44:4a:9a:00:bd:cb:
9f:79:7c:db:49:45:87:ed:f4:85:f0:02:54:c0:34:
2a:b0:e4:e9:12:0a:59:5c:93:4f:a2:ff:30:fc:e9:
73:3e:bb:e2:76:cf:a9:b6:c0:57:61:56:cf:06:67:
8f:18:28:25:ec:55:ba:29:0d:08:68:d2:95:c6:ed:
d3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B2:8F:F1:8E:F5:EC:77:C4:E1:CE:9D:A6:C4:3A:A7:1D:E0:36:74
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3234302e302f32302d3234203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.240.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:2b:d9:83:62:8f:af:c8:f4:87:ae:2d:59:c3:e1:75:22:11:
ec:91:13:5d:06:d2:da:5b:85:73:1a:5e:a8:09:b4:c6:59:20:
c7:0c:ac:bf:70:86:c7:57:16:7f:da:95:38:92:94:5f:e1:75:
ac:10:77:12:05:2b:71:a1:32:5a:e4:8d:1f:3e:6b:a1:02:50:
4e:33:be:d8:8a:be:c6:db:dd:1f:9e:58:5c:86:f3:81:0d:07:
58:c3:fe:1b:7a:67:ee:2f:f3:6a:c9:17:93:82:fe:d9:54:e7:
15:6e:45:5f:44:72:a9:9c:58:81:7f:4b:b0:fc:54:f4:57:89:
60:60:49:81:35:56:ff:75:04:1a:cb:69:79:ac:a4:ba:e9:6d:
cd:f7:5a:db:e3:e6:fd:04:dc:a1:0d:26:57:e7:de:82:95:3c:
1d:62:47:52:87:6a:db:99:67:ca:c9:9b:2a:e2:a2:8b:de:f7:
a3:c1:85:76:2d:7c:1f:dc:36:b1:48:10:ed:b4:ff:a1:7e:cd:
df:7c:fb:b8:cc:c0:29:31:da:61:2e:8b:2f:b4:86:f3:34:12:
82:84:7f:48:9a:7e:bc:1c:b6:50:9b:38:78:19:b7:4f:25:94:
e6:ee:31:f0:8d:0b:0e:03:bd:b3:16:1c:18:c7:f9:bc:25:04:
56:2e:d2:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBFFW87gfo1TlzI5zr24/zIvfa9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNDA5MTMxMDAwMjBaFw0yNTA5MTIxMDA1MjBaMDMxMTAvBgNV
BAMTKEVCQjI4RkYxOEVGNUVDNzdDNEUxQ0U5REE2QzQzQUE3MURFMDM2NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpZpuS7M8T5Iv5zXjPRrqwk6at
mh/wWj0mxRSyzfrANslmPEFy3rCc3s3bXyr6Ww1tnkwSEQz6yXIsdcb5tXYEo+e4
n+CkEREO+0YVBHPspXxzfvC88dvAlAA+ttmAJVY2sBuqGEh0bOvOez/tov+GmmNI
zjCQXvYUZwI7miiASe9gH7/t30PHSaSklnCGF1DiK8dhtkkhhGUV/DhbN0SlTHt0
0Z0ITaDEXCJa2YB/g5OpuVugNVT9jSwNVERKmgC9y595fNtJRYft9IXwAlTANCqw
5OkSCllck0+i/zD86XM+u+J2z6m2wFdhVs8GZ48YKCXsVbopDQho0pXG7dPDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU67KP8Y717HfE4c6dpsQ6px3gNnQwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzQzNjJlMzIzNTMwMmUzMjM0
MzAyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQu+vAwDQYJKoZIhvcNAQELBQADggEBAHor2YNij6/I9IeuLVnD4XUiEeyRE10G
0tpbhXMaXqgJtMZZIMcMrL9whsdXFn/alTiSlF/hdawQdxIFK3GhMlrkjR8+a6EC
UE4zvtiKvsbb3R+eWFyG84ENB1jD/ht6Z+4v82rJF5OC/tlU5xVuRV9EcqmcWIF/
S7D8VPRXiWBgSYE1Vv91BBrLaXmspLrpbc33Wtvj5v0E3KENJlfn3oKVPB1iR1KH
atuZZ8rJmyrioove96PBhXYtfB/cNrFIEO20/6F+zd98+7jMwCkx2mEuiy+0hvM0
EoKEf0iafrwctlCbOHgZt08llObuMfCNCw4DvbMWHBjH+bwlBFYu0hc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:53:32 2024 by rpki-client on console-fra.rpki-client.org