Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
File: 3134362e31392e3231352e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: uvmMBNllNoZIX6cr/5dje9RcJtxr21QBZf3O1Ag28zI=
Subject key identifier: 92:1F:D8:F2:E4:37:4B:38:E0:95:F2:04:5F:C7:0C:D9:3D:BE:80:60
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 59B7AC56CB445C1947870ADC8EEF3FC1F14C6E60
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
Signing time: Wed 21 Feb 2024 20:05:13 +0000
ROA not before: Wed 21 Feb 2024 20:00:13 +0000
ROA not after: Wed 19 Feb 2025 20:05:13 +0000
asID: 42831
IP address blocks: 146.19.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b7:ac:56:cb:44:5c:19:47:87:0a:dc:8e:ef:3f:c1:f1:4c:6e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Feb 21 20:00:13 2024 GMT
Not After : Feb 19 20:05:13 2025 GMT
Subject: CN=921FD8F2E4374B38E095F2045FC70CD93DBE8060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:47:44:21:c5:f1:41:bd:9e:cd:4a:d5:3a:93:
dd:d8:d9:9a:43:a6:a5:fc:a1:dc:7b:f3:05:d5:86:
d6:59:9e:7b:ff:a4:61:7a:b3:37:2d:18:7a:07:29:
03:d3:f6:b0:53:28:f2:f4:2b:83:91:8e:0e:94:92:
0f:dc:7f:e4:ff:78:75:0b:60:54:b8:a4:f4:26:6b:
e0:e4:a2:c6:4f:96:63:9f:5c:cf:ca:3e:87:9a:6b:
15:22:f2:0d:02:cb:ba:a2:ab:69:ff:68:df:c5:e6:
bf:7b:11:ed:98:d1:60:b5:48:04:3e:4d:49:6d:9a:
84:de:88:85:e4:b6:18:32:64:85:52:2d:0c:76:33:
95:ed:53:fd:4d:b3:3b:0f:1c:67:1a:b9:85:ef:25:
67:f7:ba:ab:cd:11:c7:32:8f:16:6e:b5:aa:d2:ba:
aa:f8:b0:4e:50:aa:3d:a8:d2:0a:a2:a6:b4:ab:94:
ee:74:1f:8f:b4:f4:d0:32:09:c0:9d:8a:be:f7:ce:
02:9a:a9:b8:a7:e2:8e:e6:c1:1d:8e:36:74:76:62:
77:48:6b:74:25:c8:08:57:c0:8e:6a:72:b6:fa:bd:
ea:f1:73:9a:23:4c:a2:99:0f:c3:92:95:61:46:f5:
55:47:45:5d:e9:4c:02:c7:45:67:9c:fb:ea:05:48:
c0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1F:D8:F2:E4:37:4B:38:E0:95:F2:04:5F:C7:0C:D9:3D:BE:80:60
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.215.0/24
Signature Algorithm: sha256WithRSAEncryption
40:7f:73:cd:b7:2a:4e:f7:ea:db:7a:f4:9f:f6:ea:c3:c8:45:
18:d4:02:95:48:df:89:c5:91:88:1b:81:0a:00:54:9d:b5:81:
77:2e:a1:90:48:cb:32:07:0f:79:46:a3:29:11:e4:d2:b5:6d:
ab:86:bb:a4:f2:24:59:84:58:c8:9f:d4:0a:99:e5:c2:7c:d1:
0a:c7:64:96:19:63:e9:a4:12:a1:9f:5e:12:2e:e7:b5:99:7b:
60:77:7e:fa:3b:62:ff:8c:31:06:0f:58:d5:90:fa:f4:01:3e:
76:9a:de:34:d6:29:1c:7d:24:ad:63:e4:a6:82:0b:33:5c:ab:
af:3f:25:b9:3d:61:92:61:d2:8f:3c:48:89:7d:66:2b:24:6c:
9e:f0:4d:9f:54:2c:5b:8f:bf:50:89:a1:a7:a5:59:ed:49:43:
c5:af:ed:89:0f:34:c7:b4:42:9e:1b:a7:e7:db:b2:62:9a:cf:
5c:2d:6b:e7:51:d3:30:11:f8:7a:e2:bf:60:79:44:9c:ea:93:
a6:15:63:23:b2:83:df:41:be:b8:de:7f:0e:ab:ab:e0:fc:1d:
64:3a:84:75:26:c6:6c:cb:f5:65:20:35:d1:4e:f9:71:81:42:
fa:6a:09:3b:49:73:4d:d6:7d:c3:68:c3:5b:29:04:2a:89:c2:
0f:f8:ff:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWbesVstEXBlHhwrcju8/wfFMbmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDAyMjEyMDAwMTNaFw0yNTAyMTkyMDA1MTNaMDMxMTAvBgNV
BAMTKDkyMUZEOEYyRTQzNzRCMzhFMDk1RjIwNDVGQzcwQ0Q5M0RCRTgwNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvR0QhxfFBvZ7NStU6k93Y2ZpD
pqX8odx78wXVhtZZnnv/pGF6szctGHoHKQPT9rBTKPL0K4ORjg6Ukg/cf+T/eHUL
YFS4pPQma+DkosZPlmOfXM/KPoeaaxUi8g0Cy7qiq2n/aN/F5r97Ee2Y0WC1SAQ+
TUltmoTeiIXkthgyZIVSLQx2M5XtU/1NszsPHGcauYXvJWf3uqvNEccyjxZutarS
uqr4sE5Qqj2o0gqiprSrlO50H4+09NAyCcCdir73zgKaqbin4o7mwR2ONnR2YndI
a3QlyAhXwI5qcrb6verxc5ojTKKZD8OSlWFG9VVHRV3pTALHRWec++oFSMBzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkh/Y8uQ3SzjglfIEX8cM2T2+gGAwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzgzMzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khPXMA0GCSqGSIb3DQEBCwUAA4IBAQBAf3PNtypO9+rbevSf9urDyEUY1AKVSN+J
xZGIG4EKAFSdtYF3LqGQSMsyBw95RqMpEeTStW2rhruk8iRZhFjIn9QKmeXCfNEK
x2SWGWPppBKhn14SLue1mXtgd376O2L/jDEGD1jVkPr0AT52mt401ikcfSStY+Sm
ggszXKuvPyW5PWGSYdKPPEiJfWYrJGye8E2fVCxbj79QiaGnpVntSUPFr+2JDzTH
tEKeG6fn27Jims9cLWvnUdMwEfh64r9geUSc6pOmFWMjsoPfQb643n8Oq6vg/B1k
OoR1JsZsy/VlIDXRTvlxgUL6agk7SXNN1n3DaMNbKQQqicIP+P+G
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:24 2024 by rpki-client on console-ams.rpki-client.org