Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e362e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 5NdQ//spLweNzxs8zHAGi1gJMib8lPFrPng4LsW41ME=
Subject key identifier: C8:B4:6A:9C:3A:45:EF:BF:A5:DC:0D:EC:EE:3F:A0:20:FC:AF:28:9A
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 17CBE45195B9CCDF2D76FAD8FE935E79DF37C4F9
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e362e302f32342d3234203d3e20383334.roa
Signing time: Mon 02 Dec 2024 00:01:33 +0000
ROA not before: Sun 01 Dec 2024 23:56:33 +0000
ROA not after: Mon 01 Dec 2025 00:01:33 +0000
asID: 834
IP address blocks: 159.253.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:cb:e4:51:95:b9:cc:df:2d:76:fa:d8:fe:93:5e:79:df:37:c4:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Dec 1 23:56:33 2024 GMT
Not After : Dec 1 00:01:33 2025 GMT
Subject: CN=C8B46A9C3A45EFBFA5DC0DECEE3FA020FCAF289A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:e2:03:15:d2:70:1a:ac:9d:ac:1e:c9:3c:
44:65:b1:bc:71:e6:6f:25:73:0c:a4:a0:c1:5e:59:
b2:27:ad:f3:76:f8:90:7a:52:9a:f4:34:d8:02:c3:
be:71:6b:b5:27:e5:0e:9a:07:ca:ca:c5:96:33:b0:
b0:d1:b5:a9:4b:ee:0e:fc:18:72:41:84:a5:90:e7:
58:b9:b9:f3:79:a4:80:08:d3:e9:af:57:35:52:89:
81:9e:c5:02:69:7a:38:7e:a9:cc:0d:54:a8:f8:9a:
36:c6:db:23:1a:fb:21:42:fb:e1:75:64:c7:e3:54:
90:23:c4:2d:76:d8:ff:f1:33:22:b0:60:0f:2f:f6:
d1:5d:0e:3f:2a:66:b4:34:ab:99:c8:22:d0:a1:3b:
33:8f:ec:e6:7b:3a:6f:65:01:08:a6:7d:74:65:04:
bf:91:89:1e:cd:36:68:fa:11:c9:9d:c8:4e:64:de:
a6:90:43:2b:e4:fc:70:60:90:7e:ce:bd:d9:86:82:
1a:5c:ce:1f:5b:b7:43:e8:62:bf:8f:f7:52:a0:07:
56:27:8f:d9:d8:dc:38:24:f1:05:49:42:74:98:25:
4f:9c:6f:01:2a:ab:78:c2:6b:9a:6b:43:b7:7c:d9:
a6:36:94:c5:2d:a7:25:46:0c:be:a3:c7:33:3f:2c:
46:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B4:6A:9C:3A:45:EF:BF:A5:DC:0D:EC:EE:3F:A0:20:FC:AF:28:9A
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.6.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f6:a8:c3:b8:82:09:15:a8:df:c6:ea:e9:64:50:73:33:32:
ed:3c:76:ec:7a:fd:12:40:d7:38:5a:5b:a0:82:37:cc:dd:fd:
c1:83:19:f4:f1:2a:6f:e2:79:47:a7:4c:ee:a3:04:8c:9f:a4:
41:ff:bb:0b:6b:3e:13:3b:9c:05:b9:c0:0c:07:4c:b8:58:83:
7a:43:9f:5d:ad:6b:39:4c:2d:9b:76:ef:9e:24:0e:da:36:fb:
49:32:e1:d5:ea:9f:6a:47:ec:3f:66:99:32:61:01:50:2e:c8:
cc:b6:ec:e4:8e:da:b3:13:9d:e7:ff:41:5f:e7:3e:a0:b9:ee:
8f:5a:fc:c6:ea:00:02:df:ad:ab:cb:a2:69:a9:85:ef:0f:ff:
04:72:29:6b:39:d5:b1:79:fb:4e:fb:b9:0d:3c:e8:85:eb:98:
00:df:4a:82:b5:b1:ab:7c:1f:e7:53:46:a6:e5:29:a0:8e:18:
25:84:50:29:e1:38:7c:8b:a4:b2:a0:e4:56:18:07:d0:95:05:
02:53:cd:a2:63:cd:b4:07:12:0f:52:e5:45:e7:f0:a5:f1:0e:
f0:94:b7:1d:7d:12:be:7c:c8:03:a5:74:27:fd:8b:ce:85:08:
de:5e:5a:31:a4:1b:31:49:9f:e8:cb:63:56:7f:f0:82:4c:95:
b0:c1:df:ae
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUF8vkUZW5zN8tdvrY/pNeed83xPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDEyMDEyMzU2MzNaFw0yNTEyMDEwMDAxMzNaMDMxMTAvBgNV
BAMTKEM4QjQ2QTlDM0E0NUVGQkZBNURDMERFQ0VFM0ZBMDIwRkNBRjI4OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0NOIDFdJwGqydrB7JPERlsbxx
5m8lcwykoMFeWbInrfN2+JB6Upr0NNgCw75xa7Un5Q6aB8rKxZYzsLDRtalL7g78
GHJBhKWQ51i5ufN5pIAI0+mvVzVSiYGexQJpejh+qcwNVKj4mjbG2yMa+yFC++F1
ZMfjVJAjxC122P/xMyKwYA8v9tFdDj8qZrQ0q5nIItChOzOP7OZ7Om9lAQimfXRl
BL+RiR7NNmj6EcmdyE5k3qaQQyvk/HBgkH7OvdmGghpczh9bt0PoYr+P91KgB1Yn
j9nY3Dgk8QVJQnSYJU+cbwEqq3jCa5prQ7d82aY2lMUtpyVGDL6jxzM/LEbhAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUyLRqnDpF77+l3A3s7j+gIPyvKJowHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0GMA0G
CSqGSIb3DQEBCwUAA4IBAQAX9qjDuIIJFajfxurpZFBzMzLtPHbsev0SQNc4Wlug
gjfM3f3Bgxn08Spv4nlHp0zuowSMn6RB/7sLaz4TO5wFucAMB0y4WIN6Q59drWs5
TC2bdu+eJA7aNvtJMuHV6p9qR+w/ZpkyYQFQLsjMtuzkjtqzE53n/0Ff5z6gue6P
WvzG6gAC362ry6JpqYXvD/8EcilrOdWxeftO+7kNPOiF65gA30qCtbGrfB/nU0am
5SmgjhglhFAp4Th8i6SyoORWGAfQlQUCU82iY820BxIPUuVF5/Cl8Q7wlLcdfRK+
fMgDpXQn/YvOhQjeXloxpBsxSZ/oy2NWf/CCTJWwwd+u
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:11 2025 by rpki-client