Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231362e302f32342d3234203d3e20323033373930.roa
File: 3134362e31392e3231362e302f32342d3234203d3e20323033373930.roa (raw, json)
Hash identifier: HFHot0qpSlv0tHR+HY9XR0wyUxm4VAE8zJ3x1/4/10U=
Subject key identifier: C1:FF:AC:4D:AE:E1:00:8B:DB:FC:5C:00:58:FA:41:0E:3F:B3:48:77
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 378B3642AC8F36A1602C6E9C8E4A4EF60D225238
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231362e302f32342d3234203d3e20323033373930.roa
Signing time: Sun 26 Nov 2023 08:16:12 +0000
ROA not before: Sun 26 Nov 2023 08:11:12 +0000
ROA not after: Sun 24 Nov 2024 08:16:12 +0000
asID: 203790
IP address blocks: 146.19.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:8b:36:42:ac:8f:36:a1:60:2c:6e:9c:8e:4a:4e:f6:0d:22:52:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 26 08:11:12 2023 GMT
Not After : Nov 24 08:16:12 2024 GMT
Subject: CN=C1FFAC4DAEE1008BDBFC5C0058FA410E3FB34877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:6c:e5:85:5c:fe:09:f3:ed:c9:86:d2:ef:
73:f8:98:6d:c5:9e:80:e8:50:fc:ad:80:ee:b1:2d:
bf:8f:b4:8d:34:73:fc:dc:ae:7c:1c:8a:f8:49:9d:
69:90:ee:d9:cb:85:81:36:2a:6a:fe:e0:0d:4f:5d:
f1:f7:47:cf:ce:2e:73:bb:b5:78:90:ba:69:7d:aa:
2e:72:67:d3:28:cd:6b:ae:8a:be:fc:cb:a2:bd:13:
0f:f4:29:2b:61:9f:67:a0:6a:5f:28:66:4b:8d:76:
6d:f6:95:5b:5d:e2:35:a6:e9:76:15:04:e5:95:83:
51:b1:05:41:ff:cc:e0:3b:d9:d0:38:dd:bc:8a:91:
d2:fb:12:71:36:de:4a:dc:7f:ec:76:54:67:43:9c:
92:49:e9:9b:dd:bd:e1:37:f5:23:4c:f4:51:80:33:
69:21:65:09:35:b9:25:83:aa:bf:3a:d1:d9:0c:f2:
77:59:33:47:f6:9b:33:7b:61:01:2e:2c:30:f5:0f:
4d:4d:b4:6d:8b:fc:70:3e:c0:4a:6d:40:3c:b7:05:
0a:70:5a:79:0b:59:d1:87:01:df:c5:33:df:35:e4:
2d:dc:0c:5a:95:70:92:54:11:16:60:ef:14:b7:42:
41:29:08:75:04:fc:0c:03:ca:14:96:65:35:e5:13:
63:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FF:AC:4D:AE:E1:00:8B:DB:FC:5C:00:58:FA:41:0E:3F:B3:48:77
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231362e302f32342d3234203d3e20323033373930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.216.0/24
Signature Algorithm: sha256WithRSAEncryption
28:34:ee:52:e3:a8:90:0f:a2:3b:a5:cb:cc:6e:30:6c:ff:8d:
e0:a0:ad:72:f3:17:b2:55:d1:76:64:a9:26:69:ac:0e:e3:07:
62:94:f2:e8:c1:40:10:2a:57:63:f2:57:25:1f:d8:9c:3c:c3:
bc:b7:04:fd:b0:c2:a9:ec:dc:87:d1:dc:af:c8:c2:2e:de:7c:
14:0b:03:ce:9c:58:d0:67:84:71:c1:b7:0a:b3:38:31:e1:7d:
92:c2:ba:c0:0c:fc:13:1d:0d:cf:51:05:9a:e5:84:59:49:66:
12:31:d7:37:b6:d0:d6:30:c4:19:da:8c:81:0a:38:c8:e8:aa:
f1:4b:6e:63:13:0a:f4:4c:67:81:15:e1:bc:a4:74:c8:e0:ca:
bb:24:e6:d7:61:20:b4:68:d3:15:1c:96:63:70:fe:b9:ad:58:
af:a5:82:4e:3b:1c:f5:f2:79:a7:fe:d2:ee:2b:24:83:1f:3c:
29:c8:e4:82:40:8d:84:2e:fb:42:10:ab:57:55:f8:a7:be:f8:
ea:66:0b:60:bb:da:14:92:2b:e1:ce:55:b6:71:a3:c1:e1:2c:
8f:22:83:67:a4:02:c7:ed:a0:8e:26:c4:65:fe:f9:ff:e3:f2:
45:8d:4e:2f:73:fd:45:c5:f3:f5:45:d2:4b:ba:76:69:f6:f1:
a4:fe:67:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN4s2QqyPNqFgLG6cjkpO9g0iUjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzExMjYwODExMTJaFw0yNDExMjQwODE2MTJaMDMxMTAvBgNV
BAMTKEMxRkZBQzREQUVFMTAwOEJEQkZDNUMwMDU4RkE0MTBFM0ZCMzQ4NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqH2zlhVz+CfPtyYbS73P4mG3F
noDoUPytgO6xLb+PtI00c/zcrnwcivhJnWmQ7tnLhYE2Kmr+4A1PXfH3R8/OLnO7
tXiQuml9qi5yZ9MozWuuir78y6K9Ew/0KSthn2egal8oZkuNdm32lVtd4jWm6XYV
BOWVg1GxBUH/zOA72dA43byKkdL7EnE23krcf+x2VGdDnJJJ6ZvdveE39SNM9FGA
M2khZQk1uSWDqr860dkM8ndZM0f2mzN7YQEuLDD1D01NtG2L/HA+wEptQDy3BQpw
WnkLWdGHAd/FM9815C3cDFqVcJJUERZg7xS3QkEpCHUE/AwDyhSWZTXlE2ObAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwf+sTa7hAIvb/FwAWPpBDj+zSHcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzNzM5MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE9gwDQYJKoZIhvcNAQELBQADggEBACg07lLjqJAPojuly8xuMGz/jeCgrXLz
F7JV0XZkqSZprA7jB2KU8ujBQBAqV2PyVyUf2Jw8w7y3BP2wwqns3IfR3K/Iwi7e
fBQLA86cWNBnhHHBtwqzODHhfZLCusAM/BMdDc9RBZrlhFlJZhIx1ze20NYwxBna
jIEKOMjoqvFLbmMTCvRMZ4EV4bykdMjgyrsk5tdhILRo0xUclmNw/rmtWK+lgk47
HPXyeaf+0u4rJIMfPCnI5IJAjYQu+0IQq1dV+Ke++OpmC2C72hSSK+HOVbZxo8Hh
LI8ig2ekAsftoI4mxGX++f/j8kWNTi9z/UXF8/VF0ku6dmn28aT+ZzI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 12:32:23 2024 by rpki-client on console-fra.rpki-client.org