Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323135373237.roa
File: 3133302e3139332e37352e302f32342d3234203d3e20323135373237.roa (raw, json)
Hash identifier: W5MRmunbrs++er88mEkMO3+677aeo0GoQkjPxCh/4O8=
Subject key identifier: B4:3D:3B:D4:13:11:2D:44:70:9D:BA:F6:72:E2:E3:17:89:C5:6D:23
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2C25DEEB0D5C61F32668BB24EBFD68ECE93D57C6
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323135373237.roa
Signing time: Sun 14 Jan 2024 16:44:50 +0000
ROA not before: Sun 14 Jan 2024 16:39:50 +0000
ROA not after: Sun 12 Jan 2025 16:44:50 +0000
asID: 215727
IP address blocks: 130.193.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:25:de:eb:0d:5c:61:f3:26:68:bb:24:eb:fd:68:ec:e9:3d:57:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jan 14 16:39:50 2024 GMT
Not After : Jan 12 16:44:50 2025 GMT
Subject: CN=B43D3BD413112D44709DBAF672E2E31789C56D23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:ca:73:b6:60:76:a6:70:8a:01:b4:34:55:
9f:ff:6d:48:21:bb:89:01:3d:1a:0d:e4:ec:4a:7c:
93:b8:1b:f8:f1:f3:b4:50:92:9d:87:84:a4:75:5b:
0a:75:e2:10:b1:c2:00:65:fd:64:f9:b5:30:96:82:
6c:c3:c7:29:26:7e:74:95:a1:d9:5d:56:5a:f7:7f:
54:3d:66:a0:a1:6a:e2:6e:41:11:1d:c1:f0:32:53:
49:a2:60:11:6d:05:2d:c8:17:bc:08:f4:0e:70:84:
bd:1f:61:2f:42:ed:55:b4:ee:37:1c:df:7b:8f:e9:
3e:20:3f:cb:86:79:5e:06:01:02:19:9e:95:bf:62:
79:eb:5a:57:54:bf:3e:4e:ca:47:a7:fe:6f:df:0d:
28:eb:46:db:76:67:a7:23:70:74:b6:56:53:a9:4d:
22:9e:3c:d5:ec:9d:b0:fb:57:04:89:9e:1c:f8:13:
5f:97:5b:4c:4f:99:24:dc:12:f1:dd:d8:b5:33:dd:
39:a2:ce:c7:3d:79:73:84:d9:a5:75:d3:bf:46:71:
1f:72:7b:c1:0d:18:13:55:9a:2e:c9:fc:a4:13:9f:
1b:c6:bb:bc:fb:10:30:b3:31:61:25:d3:24:60:e8:
1e:ed:14:ab:16:d3:f3:32:f6:c9:83:c8:36:31:0a:
4d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3D:3B:D4:13:11:2D:44:70:9D:BA:F6:72:E2:E3:17:89:C5:6D:23
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323135373237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.75.0/24
Signature Algorithm: sha256WithRSAEncryption
25:cb:a3:67:cc:4e:55:59:09:4d:ec:2f:8d:90:d5:57:9b:75:
d7:e9:4b:da:35:19:64:91:46:dc:71:26:d2:e6:a0:6c:5b:b0:
03:26:1d:d8:8c:31:5e:a7:37:cf:06:56:85:e7:aa:01:5c:8c:
f6:19:41:bf:34:c8:04:a3:97:75:2d:38:de:cd:4b:ec:0c:67:
e4:c9:49:8d:6a:e5:c0:79:95:38:4e:04:8e:92:5c:e6:88:86:
06:e8:b7:dc:b4:a7:db:90:0f:fb:6e:17:23:4a:cb:a4:55:02:
8e:85:be:24:c9:8e:2e:31:16:9f:82:af:9f:5c:41:81:ea:88:
4f:2e:84:42:13:22:ad:22:9d:fa:df:b3:98:93:11:c6:ff:b3:
b0:e8:f0:cf:9f:e1:7e:8f:9f:b1:b9:8b:b9:47:54:58:a0:6a:
52:90:6d:00:8c:09:78:ea:6b:e6:57:25:38:e3:4b:5b:04:b0:
31:81:01:47:9d:25:bb:f4:98:59:e3:b5:90:cb:b2:6b:e3:7b:
bc:79:ac:6d:f5:72:80:80:6f:59:86:73:2e:ee:67:37:0e:16:
7b:67:15:95:2d:ec:f9:4f:4a:f0:d7:31:e6:85:30:a3:ed:a6:
d1:49:8c:23:b0:5f:85:21:16:d0:c4:98:d2:d9:00:14:1e:7b:
49:fb:14:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULCXe6w1cYfMmaLsk6/1o7Ok9V8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDAxMTQxNjM5NTBaFw0yNTAxMTIxNjQ0NTBaMDMxMTAvBgNV
BAMTKEI0M0QzQkQ0MTMxMTJENDQ3MDlEQkFGNjcyRTJFMzE3ODlDNTZEMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0aspztmB2pnCKAbQ0VZ//bUgh
u4kBPRoN5OxKfJO4G/jx87RQkp2HhKR1Wwp14hCxwgBl/WT5tTCWgmzDxykmfnSV
odldVlr3f1Q9ZqChauJuQREdwfAyU0miYBFtBS3IF7wI9A5whL0fYS9C7VW07jcc
33uP6T4gP8uGeV4GAQIZnpW/YnnrWldUvz5Oyken/m/fDSjrRtt2Z6cjcHS2VlOp
TSKePNXsnbD7VwSJnhz4E1+XW0xPmSTcEvHd2LUz3Tmizsc9eXOE2aV1079GcR9y
e8ENGBNVmi7J/KQTnxvGu7z7EDCzMWEl0yRg6B7tFKsW0/My9smDyDYxCk3zAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtD071BMRLURwnbr2cuLjF4nFbSMwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzMzMwMmUzMTM5MzMyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzNzMyMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACCwUswDQYJKoZIhvcNAQELBQADggEBACXLo2fMTlVZCU3sL42Q1VebddfpS9o1
GWSRRtxxJtLmoGxbsAMmHdiMMV6nN88GVoXnqgFcjPYZQb80yASjl3UtON7NS+wM
Z+TJSY1q5cB5lThOBI6SXOaIhgbot9y0p9uQD/tuFyNKy6RVAo6FviTJji4xFp+C
r59cQYHqiE8uhEITIq0infrfs5iTEcb/s7Do8M+f4X6Pn7G5i7lHVFigalKQbQCM
CXjqa+ZXJTjjS1sEsDGBAUedJbv0mFnjtZDLsmvje7x5rG31coCAb1mGcy7uZzcO
FntnFZUt7PlPSvDXMeaFMKPtptFJjCOwX4UhFtDEmNLZABQee0n7FBU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:02 2024 by rpki-client on console-ams.rpki-client.org