Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
File: 3134362e31392e32322e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: 3ZsCBONqrqg54+xGSVCmK5BAIVvFfTv/ArgdeCiiInc=
Subject key identifier: DB:21:F3:E2:B5:A6:CA:94:57:5E:1C:DE:C6:37:CB:F4:24:BA:90:57
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 492FDB1CFF1E7EC8B111D283E92A6194FCCD8340
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
Signing time: Sun 27 Oct 2024 08:43:25 +0000
ROA not before: Sun 27 Oct 2024 08:38:25 +0000
ROA not after: Sun 26 Oct 2025 08:43:25 +0000
asID: 209242
IP address blocks: 146.19.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:2f:db:1c:ff:1e:7e:c8:b1:11:d2:83:e9:2a:61:94:fc:cd:83:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Oct 27 08:38:25 2024 GMT
Not After : Oct 26 08:43:25 2025 GMT
Subject: CN=DB21F3E2B5A6CA94575E1CDEC637CBF424BA9057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:dd:ea:85:2f:6e:40:5a:9b:91:3d:41:8e:
31:b2:80:0d:71:da:f6:72:e5:09:f5:a3:43:9a:01:
73:fe:1a:c2:03:66:0b:1a:16:fb:21:0e:e6:d1:7d:
99:33:8e:70:ee:0a:6a:1b:29:ee:72:f1:dc:74:af:
b0:2c:b8:93:e3:7e:9f:4c:1d:df:4f:01:08:a9:da:
09:c7:e5:ac:80:06:7f:06:2e:f6:e6:17:55:7d:6a:
6b:85:a6:59:30:18:58:67:a4:3e:f6:06:6a:f4:22:
7c:54:e4:41:31:a8:91:2e:f9:26:ad:35:2e:3b:d4:
79:7e:87:c3:2d:a6:3f:cc:1f:0e:82:96:67:d3:56:
2d:c4:9f:76:4d:72:dd:62:be:71:20:3c:69:00:fc:
ca:d7:e0:6a:ef:e2:05:c1:77:ca:aa:e6:d5:1e:86:
b9:16:05:34:bb:79:6b:9a:8d:d9:5d:59:1f:68:41:
c7:2a:bb:ca:7f:39:bc:3b:d0:fb:f1:8b:db:09:b0:
86:77:23:4d:6d:dd:da:ee:8b:e6:19:39:c2:82:ea:
8c:1b:4d:43:76:f7:76:6e:1d:47:84:07:e6:3d:7c:
ad:c8:f5:ad:d8:07:6c:30:8c:02:90:7c:0a:44:82:
30:af:21:a0:92:93:77:33:59:cd:82:ca:61:04:34:
31:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:21:F3:E2:B5:A6:CA:94:57:5E:1C:DE:C6:37:CB:F4:24:BA:90:57
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.22.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:24:cb:6b:19:49:54:2a:d5:50:b1:e6:c9:78:01:87:42:65:
ed:53:2b:82:bd:06:1d:cb:f4:d3:8c:78:18:32:a5:f6:8b:3e:
8c:34:2d:a7:1b:15:a2:e8:73:93:6c:2d:42:68:e2:a8:0a:42:
dc:17:37:d4:0e:8e:db:dc:0a:aa:60:d5:bf:b2:1a:20:93:4c:
0f:5b:19:26:75:1c:ed:ad:31:81:71:78:bb:96:15:11:21:a9:
d1:2d:50:a1:64:58:1c:d1:d3:05:ad:8a:2b:7a:f8:f5:06:28:
e1:95:60:0c:4b:15:93:d7:1d:27:49:87:a9:5a:58:ec:6d:b9:
c6:9e:46:b9:34:43:70:2d:e6:0c:a3:4c:fa:69:dd:7e:66:7d:
b7:85:b8:ea:a1:e0:40:dd:9d:c6:ef:e8:05:dd:7a:4a:ae:f5:
ab:fb:12:eb:8b:17:2c:3d:32:bb:f5:32:07:99:e3:5d:15:4b:
bf:0f:07:c8:96:63:92:2a:15:55:11:ca:3f:47:a0:7c:62:63:
04:b7:de:6a:58:19:a2:bb:2d:84:cb:51:a9:57:66:f0:62:21:
82:86:e3:4a:8c:7b:c7:e0:2f:b9:79:3a:56:7e:96:3b:0a:95:
27:a9:1b:8a:7c:1d:f4:d7:ee:70:fd:66:52:21:bd:93:1b:05:
6f:96:f4:76
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSS/bHP8efsixEdKD6SphlPzNg0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDEwMjcwODM4MjVaFw0yNTEwMjYwODQzMjVaMDMxMTAvBgNV
BAMTKERCMjFGM0UyQjVBNkNBOTQ1NzVFMUNERUM2MzdDQkY0MjRCQTkwNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPxt3qhS9uQFqbkT1BjjGygA1x
2vZy5Qn1o0OaAXP+GsIDZgsaFvshDubRfZkzjnDuCmobKe5y8dx0r7AsuJPjfp9M
Hd9PAQip2gnH5ayABn8GLvbmF1V9amuFplkwGFhnpD72Bmr0InxU5EExqJEu+Sat
NS471Hl+h8Mtpj/MHw6ClmfTVi3En3ZNct1ivnEgPGkA/MrX4Grv4gXBd8qq5tUe
hrkWBTS7eWuajdldWR9oQccqu8p/Obw70Pvxi9sJsIZ3I01t3drui+YZOcKC6owb
TUN293ZuHUeEB+Y9fK3I9a3YB2wwjAKQfApEgjCvIaCSk3czWc2CymEENDGzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2yHz4rWmypRXXhzexjfL9CS6kFcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khMWMA0GCSqGSIb3DQEBCwUAA4IBAQA/JMtrGUlUKtVQsebJeAGHQmXtUyuCvQYd
y/TTjHgYMqX2iz6MNC2nGxWi6HOTbC1CaOKoCkLcFzfUDo7b3AqqYNW/shogk0wP
WxkmdRztrTGBcXi7lhURIanRLVChZFgc0dMFrYorevj1BijhlWAMSxWT1x0nSYep
WljsbbnGnka5NENwLeYMo0z6ad1+Zn23hbjqoeBA3Z3G7+gF3XpKrvWr+xLrixcs
PTK79TIHmeNdFUu/DwfIlmOSKhVVEco/R6B8YmMEt95qWBmiuy2Ey1GpV2bwYiGC
huNKjHvH4C+5eTpWfpY7CpUnqRuKfB301+5w/WZSIb2TGwVvlvR2
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:24 2024 by rpki-client on console-ams.rpki-client.org