Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
File: 3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa (raw, json)
Hash identifier: gXjyGjokR9/5Y0gpVJm8KauiuSUQ/ZzKTh6iqaAn5cA=
Subject key identifier: 7A:A2:D6:BC:B4:43:CD:77:3F:1E:0D:AA:46:E9:38:03:1D:4A:9C:E4
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 350E5AA511EFFF18FF96B7EEA7C3F4492894247C
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
Signing time: Mon 16 Sep 2024 11:05:20 +0000
ROA not before: Mon 16 Sep 2024 11:00:20 +0000
ROA not after: Mon 15 Sep 2025 11:05:20 +0000
asID: 216159
IP address blocks: 130.193.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:0e:5a:a5:11:ef:ff:18:ff:96:b7:ee:a7:c3:f4:49:28:94:24:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Sep 16 11:00:20 2024 GMT
Not After : Sep 15 11:05:20 2025 GMT
Subject: CN=7AA2D6BCB443CD773F1E0DAA46E938031D4A9CE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3e:c1:9d:b4:22:00:03:81:c0:88:44:6f:a4:
d8:b5:92:d8:95:42:bc:4a:14:22:bc:e7:6b:da:8e:
0e:41:49:12:8b:2a:08:c5:d9:2f:cd:16:7a:c8:3f:
92:16:08:12:08:8f:cc:8f:33:df:b7:e6:19:b0:f6:
06:7b:25:57:b5:73:ef:17:04:de:e6:23:d2:a0:dd:
48:e7:ee:88:69:c6:64:a8:0b:42:8b:6e:26:0c:9c:
40:5d:c5:9e:7c:98:8b:9f:54:eb:fd:c1:cc:f5:60:
19:00:95:3d:64:ee:aa:f2:c4:e3:30:f3:fb:9a:f4:
02:73:55:c8:d2:de:aa:4e:c4:f9:7e:48:2d:a3:d1:
06:05:5a:24:2c:69:3d:63:ba:b6:bc:48:0a:93:c6:
13:be:79:45:eb:78:cc:29:cf:d8:29:60:c0:c7:c1:
0e:f4:b6:fe:5e:ea:c3:3b:ea:c3:b8:7a:18:dc:3e:
0d:4d:cc:7c:e0:5b:b4:61:a9:16:3b:83:86:06:47:
47:2e:08:84:8e:52:f4:f5:ab:61:2a:cc:49:d6:c6:
92:98:0c:34:55:c0:c2:a0:68:df:9b:db:e9:4e:cc:
b2:1d:db:5d:4f:38:8b:3e:a0:fd:5f:49:b5:9c:3e:
93:25:10:7f:8d:0d:59:b9:0d:d6:77:dc:5f:28:49:
d6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A2:D6:BC:B4:43:CD:77:3F:1E:0D:AA:46:E9:38:03:1D:4A:9C:E4
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3133302e3139332e37352e302f32342d3234203d3e20323136313539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.75.0/24
Signature Algorithm: sha256WithRSAEncryption
50:23:e4:75:e1:75:20:61:bc:c8:c5:47:ab:dc:20:e6:44:9b:
5c:40:bb:f6:52:01:c7:82:e8:ba:81:86:7c:53:8c:b2:ae:d4:
2b:5e:b9:d9:65:de:f2:4a:5a:33:48:68:df:0a:20:86:41:81:
23:8f:56:18:4e:0a:7d:51:90:51:41:e5:fe:9b:dd:76:63:b5:
9a:fc:b2:41:3e:64:cb:da:16:95:39:0d:a3:78:73:30:3c:43:
5d:5d:cf:ac:d7:13:59:18:57:f9:9a:93:db:64:13:9e:2b:a9:
39:09:6e:e8:9a:b9:f8:be:b6:eb:aa:67:39:78:a5:07:32:83:
fa:32:96:06:4b:df:5a:91:49:59:57:52:28:2a:75:17:60:2c:
82:57:38:fc:ef:d9:6b:ec:81:51:fb:6a:53:02:e5:39:e8:00:
2b:29:01:fb:f3:c2:f7:07:8e:f0:8d:1e:cb:0c:0c:07:79:fe:
08:86:45:0d:71:70:20:69:af:ce:c8:27:36:65:e2:e3:be:b1:
1b:12:d7:bf:29:fe:66:59:9c:b9:59:6f:83:92:fc:38:92:c8:
64:4e:bc:8d:d4:ad:2d:de:62:bc:d1:78:38:3d:33:4a:02:a6:
03:e3:fd:42:ec:41:f9:59:0c:00:fb:57:0d:32:6b:d6:e8:46:
a3:9b:9a:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNQ5apRHv/xj/lrfup8P0SSiUJHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA5MTYxMTAwMjBaFw0yNTA5MTUxMTA1MjBaMDMxMTAvBgNV
BAMTKDdBQTJENkJDQjQ0M0NENzczRjFFMERBQTQ2RTkzODAzMUQ0QTlDRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiPsGdtCIAA4HAiERvpNi1ktiV
QrxKFCK852vajg5BSRKLKgjF2S/NFnrIP5IWCBIIj8yPM9+35hmw9gZ7JVe1c+8X
BN7mI9Kg3Ujn7ohpxmSoC0KLbiYMnEBdxZ58mIufVOv9wcz1YBkAlT1k7qryxOMw
8/ua9AJzVcjS3qpOxPl+SC2j0QYFWiQsaT1jura8SAqTxhO+eUXreMwpz9gpYMDH
wQ70tv5e6sM76sO4ehjcPg1NzHzgW7RhqRY7g4YGR0cuCISOUvT1q2EqzEnWxpKY
DDRVwMKgaN+b2+lOzLId211POIs+oP1fSbWcPpMlEH+NDVm5DdZ33F8oSdZdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeqLWvLRDzXc/Hg2qRuk4Ax1KnOQwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzMzMwMmUzMTM5MzMyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACCwUswDQYJKoZIhvcNAQELBQADggEBAFAj5HXhdSBhvMjFR6vcIOZEm1xAu/ZS
AceC6LqBhnxTjLKu1Cteudll3vJKWjNIaN8KIIZBgSOPVhhOCn1RkFFB5f6b3XZj
tZr8skE+ZMvaFpU5DaN4czA8Q11dz6zXE1kYV/mak9tkE54rqTkJbuiaufi+tuuq
Zzl4pQcyg/oylgZL31qRSVlXUigqdRdgLIJXOPzv2WvsgVH7alMC5TnoACspAfvz
wvcHjvCNHssMDAd5/giGRQ1xcCBpr87IJzZl4uO+sRsS178p/mZZnLlZb4OS/DiS
yGROvI3UrS3eYrzReDg9M0oCpgPj/ULsQflZDAD7Vw0ya9boRqObmuY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:02 2024 by rpki-client on console-ams.rpki-client.org