Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
File: 3135392e3235332e302e302f32342d3234203d3e20323036323831.roa (raw, json)
Hash identifier: cKnNLC66X19KWTLeS9BLlyG6jkzxqkdJwZjUWCrZPHc=
Subject key identifier: 08:E6:DF:62:81:D9:9F:57:F7:21:60:1F:64:03:B3:29:00:63:E6:39
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 4EEFF0E9EBE10E2D48C63FA9E3E2ACC6A2C6826D
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
Signing time: Tue 24 Dec 2024 06:53:48 +0000
ROA not before: Tue 24 Dec 2024 06:48:48 +0000
ROA not after: Tue 23 Dec 2025 06:53:48 +0000
asID: 206281
IP address blocks: 159.253.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ef:f0:e9:eb:e1:0e:2d:48:c6:3f:a9:e3:e2:ac:c6:a2:c6:82:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Dec 24 06:48:48 2024 GMT
Not After : Dec 23 06:53:48 2025 GMT
Subject: CN=08E6DF6281D99F57F721601F6403B3290063E639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b4:ca:e7:24:be:11:ec:e1:cc:be:f8:5c:f8:
18:a8:20:a4:bb:a1:37:9c:6d:68:46:30:45:e4:85:
43:a1:9f:c6:0e:84:3f:13:23:b6:55:e5:70:31:18:
a9:d1:a7:30:d2:cf:08:09:43:9e:33:a6:40:7e:6f:
83:88:03:29:7e:8f:bd:53:ff:de:92:25:2e:70:8c:
74:19:c9:93:e3:90:05:17:cf:b7:c9:5b:f2:42:59:
50:e3:b2:f2:97:43:a1:94:dd:1d:2a:55:30:28:d8:
2f:d2:38:de:2b:ae:c1:e3:71:a7:7c:78:78:b8:d0:
bf:a0:c6:38:03:c1:7d:73:f2:83:98:90:6a:d3:98:
92:4f:72:74:8e:5f:30:4b:e5:44:0f:44:3b:6a:01:
87:ac:d6:5e:f2:fd:83:ce:79:8d:cf:4b:7a:1b:01:
df:45:c8:ea:79:6d:4e:a9:e4:33:55:87:fe:4b:4c:
30:5a:8c:e3:c3:c7:23:32:b2:9e:68:c2:4d:7f:3b:
94:9b:7c:49:b9:37:e4:a1:5d:1e:c4:d5:f5:16:9f:
19:11:e2:d7:6a:a5:57:1c:e8:7e:d4:da:f6:ea:52:
99:5d:0c:8b:c8:a0:8d:cc:b8:89:20:49:08:5c:a3:
e0:d2:23:5d:47:92:e0:2a:6d:ea:15:c0:ba:af:bc:
57:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E6:DF:62:81:D9:9F:57:F7:21:60:1F:64:03:B3:29:00:63:E6:39
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e302e302f32342d3234203d3e20323036323831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.0.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a2:09:8c:02:d4:32:5b:00:e3:f4:5b:d5:c1:8d:b4:7a:29:
96:0b:03:02:12:a8:3f:22:55:3f:5e:f1:b6:10:c0:de:9c:8c:
68:43:e2:71:73:29:82:48:7b:21:bc:ac:fc:62:ef:4f:e3:8d:
6a:6e:14:38:96:9a:de:5e:b6:67:ba:56:57:a4:fb:5c:91:52:
26:7e:14:c3:b3:8c:f7:4d:7d:a5:cf:ab:60:9f:42:7e:49:ce:
ae:e3:b5:23:65:e4:96:98:78:00:1b:55:00:db:43:3e:bc:9c:
dd:ad:d2:f0:e2:7d:ce:26:88:2a:93:bb:0b:98:f8:04:aa:93:
6d:dd:19:3e:1c:5d:3f:4f:76:c8:74:78:df:d5:97:4d:76:0d:
7c:2f:ca:f4:fb:27:bf:69:83:f6:b3:34:33:c8:bb:b0:2e:4b:
cc:c7:19:a4:e5:d7:be:5c:75:e2:dd:ad:48:24:b5:bc:bf:41:
11:75:88:1a:a5:6a:90:65:ea:de:91:f9:26:d2:22:5d:77:74:
45:9f:33:22:69:aa:f0:4c:ae:d2:24:95:da:8a:ff:3a:3f:cd:
d2:ae:6d:c9:1c:bb:01:8d:0b:ef:d6:14:9c:d5:3f:a1:38:db:
17:f6:72:7d:20:99:f4:b4:d8:49:05:6d:cb:7f:c5:37:a2:83:
39:06:40:98
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTu/w6evhDi1Ixj+p4+KsxqLGgm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDEyMjQwNjQ4NDhaFw0yNTEyMjMwNjUzNDhaMDMxMTAvBgNV
BAMTKDA4RTZERjYyODFEOTlGNTdGNzIxNjAxRjY0MDNCMzI5MDA2M0U2MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUtMrnJL4R7OHMvvhc+BioIKS7
oTecbWhGMEXkhUOhn8YOhD8TI7ZV5XAxGKnRpzDSzwgJQ54zpkB+b4OIAyl+j71T
/96SJS5wjHQZyZPjkAUXz7fJW/JCWVDjsvKXQ6GU3R0qVTAo2C/SON4rrsHjcad8
eHi40L+gxjgDwX1z8oOYkGrTmJJPcnSOXzBL5UQPRDtqAYes1l7y/YPOeY3PS3ob
Ad9FyOp5bU6p5DNVh/5LTDBajOPDxyMysp5owk1/O5SbfEm5N+ShXR7E1fUWnxkR
4tdqpVcc6H7U2vbqUpldDIvIoI3MuIkgSQhco+DSI11HkuAqbeoVwLqvvFfpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCObfYoHZn1f3IWAfZAOzKQBj5jkwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0AMA0GCSqGSIb3DQEBCwUAA4IBAQAWogmMAtQyWwDj9FvVwY20eimWCwMCEqg/
IlU/XvG2EMDenIxoQ+JxcymCSHshvKz8Yu9P441qbhQ4lpreXrZnulZXpPtckVIm
fhTDs4z3TX2lz6tgn0J+Sc6u47UjZeSWmHgAG1UA20M+vJzdrdLw4n3OJogqk7sL
mPgEqpNt3Rk+HF0/T3bIdHjf1ZdNdg18L8r0+ye/aYP2szQzyLuwLkvMxxmk5de+
XHXi3a1IJLW8v0ERdYgapWqQZerekfkm0iJdd3RFnzMiaarwTK7SJJXaiv86P83S
rm3JHLsBjQvv1hSc1T+hONsX9nJ9IJn0tNhJBW3Lf8U3ooM5BkCY
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:47:12 2025 by rpki-client