Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3231372e32382e3133382e302f32342d3234203d3e20323039393736.roa
File: 3231372e32382e3133382e302f32342d3234203d3e20323039393736.roa (raw, json)
Hash identifier: oyOFvRhi/TPEOopsZuEaDpEux2304igP8lMcDVdyDmE=
Subject key identifier: A8:19:FF:90:DA:C3:BC:17:5B:08:9E:B6:7A:55:86:11:BA:AE:F6:56
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 264203AB63AD3A818A1E7F6C455DAF8AB62EC8F8
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3231372e32382e3133382e302f32342d3234203d3e20323039393736.roa
Signing time: Tue 24 Dec 2024 06:53:48 +0000
ROA not before: Tue 24 Dec 2024 06:48:48 +0000
ROA not after: Tue 23 Dec 2025 06:53:48 +0000
asID: 209976
IP address blocks: 217.28.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:42:03:ab:63:ad:3a:81:8a:1e:7f:6c:45:5d:af:8a:b6:2e:c8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Dec 24 06:48:48 2024 GMT
Not After : Dec 23 06:53:48 2025 GMT
Subject: CN=A819FF90DAC3BC175B089EB67A558611BAAEF656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:2e:b7:cb:e0:44:f0:9b:1c:8d:14:1e:0d:
94:cf:2b:22:2c:54:9a:c2:2b:65:55:a4:29:3d:60:
a7:81:bc:df:9b:6d:f9:b7:61:92:4e:fa:3a:08:b1:
b3:a2:61:c9:7e:ed:4c:f0:2f:8a:a7:5b:17:9f:22:
6a:76:d0:f0:f9:6e:8c:5d:a3:5e:60:c4:69:de:ba:
99:a5:f7:9a:3c:6e:5b:12:ea:3c:7d:4d:9c:1d:29:
45:53:f9:c7:34:26:08:e0:a6:bb:8a:18:db:64:c8:
2c:21:11:73:39:02:c7:81:0b:73:da:a4:08:5a:04:
8f:d4:02:9b:9d:60:7f:c7:27:e0:f4:61:c4:55:37:
4a:ab:57:2c:31:7f:43:9c:82:ab:55:8b:06:e8:06:
16:35:09:d9:2d:11:73:68:4b:18:45:74:f6:98:bc:
1c:9d:2b:02:27:b2:1c:19:3a:d5:df:32:aa:b7:eb:
41:84:5c:a5:83:5f:d5:0f:c5:be:1a:7f:ff:d1:ac:
1a:f3:8d:64:c8:09:78:fb:ba:4e:03:bc:fb:30:88:
ad:5d:d6:a2:25:76:30:74:50:47:1a:66:89:ff:25:
a3:7a:12:b1:d8:be:d2:cf:70:32:53:75:15:3e:bd:
e4:7e:0e:bb:dd:51:88:6a:5b:d2:8b:63:9a:83:d4:
1a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:19:FF:90:DA:C3:BC:17:5B:08:9E:B6:7A:55:86:11:BA:AE:F6:56
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3231372e32382e3133382e302f32342d3234203d3e20323039393736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.138.0/24
Signature Algorithm: sha256WithRSAEncryption
21:9b:6c:f1:c9:c7:a9:c1:04:d7:01:a5:db:83:8a:d9:ac:7c:
de:ec:4f:d2:17:8b:97:96:dc:5a:e0:f7:02:d3:87:04:b0:43:
41:b6:ab:06:90:68:bc:c7:af:d1:a1:34:de:6e:4b:cb:0b:36:
ad:39:64:ff:58:d5:1b:7a:30:27:0a:9d:21:d9:3e:32:c1:65:
06:a1:a0:f6:d3:1a:64:7b:47:94:e0:96:3b:29:3a:dc:31:24:
9a:0d:d6:8b:af:dd:cf:d9:84:03:08:42:7b:3e:7b:12:b8:dc:
10:09:39:fa:cc:d7:ca:ab:16:23:50:22:3b:73:c8:76:b3:8f:
27:3f:32:29:c2:6c:3b:3a:05:5b:36:80:30:4f:f1:ff:cd:df:
e7:93:36:43:23:79:b8:e2:59:8a:bc:e8:60:49:6d:e7:77:95:
75:fa:b4:e2:da:87:36:18:65:d9:ac:03:7f:8a:ff:01:26:68:
c8:f6:92:59:77:2f:ec:b8:be:1f:30:cd:d0:43:8f:2d:3a:64:
f2:1f:22:91:b9:85:c2:6f:ad:f4:88:e7:c6:09:26:8e:ae:04:
ae:70:f5:09:e6:c2:b3:5b:74:c9:62:10:93:45:49:74:c8:4f:
b3:5d:eb:43:f4:8d:36:e2:fa:39:0b:98:89:47:71:64:f9:b8:
c0:b6:4b:b4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJkIDq2OtOoGKHn9sRV2virYuyPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDEyMjQwNjQ4NDhaFw0yNTEyMjMwNjUzNDhaMDMxMTAvBgNV
BAMTKEE4MTlGRjkwREFDM0JDMTc1QjA4OUVCNjdBNTU4NjExQkFBRUY2NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFOS63y+BE8JscjRQeDZTPKyIs
VJrCK2VVpCk9YKeBvN+bbfm3YZJO+joIsbOiYcl+7UzwL4qnWxefImp20PD5boxd
o15gxGneupml95o8blsS6jx9TZwdKUVT+cc0JgjgpruKGNtkyCwhEXM5AseBC3Pa
pAhaBI/UApudYH/HJ+D0YcRVN0qrVywxf0OcgqtViwboBhY1CdktEXNoSxhFdPaY
vBydKwInshwZOtXfMqq360GEXKWDX9UPxb4af//RrBrzjWTICXj7uk4DvPswiK1d
1qIldjB0UEcaZon/JaN6ErHYvtLPcDJTdRU+veR+DrvdUYhqW9KLY5qD1BpVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqBn/kNrDvBdbCJ62elWGEbqu9lYwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzIzMTM3MmUzMjM4MmUzMTMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzOTM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZHIowDQYJKoZIhvcNAQELBQADggEBACGbbPHJx6nBBNcBpduDitmsfN7sT9IX
i5eW3Frg9wLThwSwQ0G2qwaQaLzHr9GhNN5uS8sLNq05ZP9Y1Rt6MCcKnSHZPjLB
ZQahoPbTGmR7R5TgljspOtwxJJoN1ouv3c/ZhAMIQns+exK43BAJOfrM18qrFiNQ
IjtzyHazjyc/MinCbDs6BVs2gDBP8f/N3+eTNkMjebjiWYq86GBJbed3lXX6tOLa
hzYYZdmsA3+K/wEmaMj2kll3L+y4vh8wzdBDjy06ZPIfIpG5hcJvrfSI58YJJo6u
BK5w9QnmwrNbdMliEJNFSXTIT7Nd60P0jTbi+jkLmIlHcWT5uMC2S7Q=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:07:58 2025 by rpki-client