Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e35332e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: W4yW8LsuFkIBFxpYHDWaUVkWQGqjlpSw8bNYVc2/mcI=
Subject key identifier: 3C:A4:0B:57:43:C8:9F:AF:9F:1E:34:25:D5:5D:7B:AC:B0:AD:5B:3B
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 645A2F212685A05DC166F75A1EE50923023E3459
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
Signing time: Wed 06 Dec 2023 08:13:06 +0000
ROA not before: Wed 06 Dec 2023 08:08:06 +0000
ROA not after: Wed 04 Dec 2024 08:13:06 +0000
asID: 142111
IP address blocks: 146.19.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:5a:2f:21:26:85:a0:5d:c1:66:f7:5a:1e:e5:09:23:02:3e:34:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Dec 6 08:08:06 2023 GMT
Not After : Dec 4 08:13:06 2024 GMT
Subject: CN=3CA40B5743C89FAF9F1E3425D55D7BACB0AD5B3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cd:6f:be:cc:b0:c6:26:0b:a1:ac:4e:d9:57:
b3:83:49:ea:2c:3a:c5:9d:f2:ef:ea:03:d6:86:18:
b8:92:fa:30:5d:4b:a4:02:8f:06:30:82:16:e5:c2:
46:92:95:eb:d2:d8:76:56:a0:04:9d:bb:83:e7:25:
49:eb:ea:17:9f:cd:cd:6c:d3:ac:19:16:fe:7e:cc:
02:4f:c8:bb:a7:0a:61:c7:f1:6b:0c:08:c8:d7:77:
7c:5d:f4:f8:0f:cb:fe:eb:8f:83:f4:a4:0d:8d:5c:
e4:49:6a:18:12:dc:9e:00:54:a8:14:bb:de:d4:92:
2c:3b:04:c9:d0:2e:ec:8d:1f:a8:db:21:f5:99:ae:
11:2d:9d:16:a4:29:96:3f:de:ae:5f:ef:a3:76:7b:
e2:0d:7e:f7:af:b2:fe:7c:43:34:e7:2f:a8:f3:61:
c4:1d:67:fe:6b:fe:d8:96:60:a2:f9:45:f3:92:e7:
79:91:21:c9:51:c5:89:5a:33:23:20:a0:c6:ed:68:
f2:4e:8a:1f:3b:a0:c2:37:56:58:81:c5:04:62:68:
75:e5:00:17:bd:7b:c8:3f:80:d8:d0:c9:2a:2a:c1:
0b:c0:95:c5:b3:df:81:5c:15:61:f5:78:d2:10:bb:
ba:e8:92:52:b8:2e:ec:ff:0e:72:24:e2:e4:dd:83:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A4:0B:57:43:C8:9F:AF:9F:1E:34:25:D5:5D:7B:AC:B0:AD:5B:3B
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.53.0/24
Signature Algorithm: sha256WithRSAEncryption
65:39:0c:3a:9c:d6:b0:dd:6e:f0:1e:0b:5d:5b:17:b6:d6:88:
28:4d:11:5d:0a:5b:c2:ac:9b:a7:c0:c6:f2:3b:e8:e1:d3:7c:
58:d6:ec:1d:cf:b0:46:dc:dd:fd:e1:3c:6f:17:f7:2f:7a:dd:
22:d8:86:8a:02:62:5c:00:50:5c:d3:ff:98:dc:4a:c4:9b:18:
30:52:c3:b9:92:75:31:c7:63:90:bf:4b:62:c0:c8:15:df:cf:
de:21:bd:95:f9:2c:ae:df:58:64:8b:f4:96:c8:25:99:67:93:
9e:15:ab:d7:a2:6a:38:90:a3:fe:ec:71:eb:3e:97:0d:cd:e9:
58:f9:b7:1b:cf:70:f4:2b:dd:3c:f6:48:88:7c:8c:d6:6b:9d:
76:68:f9:df:4e:5d:22:7f:ea:99:9d:0f:d7:ad:67:c6:2c:cd:
a9:c5:10:96:9e:bf:e6:97:8a:b4:a2:1e:84:a1:33:cb:a2:df:
20:57:6b:e6:ed:19:bc:ad:eb:2c:c8:1c:93:0e:d3:84:de:86:
77:ce:4e:d7:c4:9c:46:03:bf:db:9f:1a:1e:00:46:f7:cd:37:
5c:e6:8d:5c:f9:70:85:a0:bf:34:9e:ba:d9:11:f6:7b:45:85:
ad:df:d4:25:50:95:30:1c:aa:c2:7b:f5:d6:f2:86:9d:8f:20:
86:18:a0:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZFovISaFoF3BZvdaHuUJIwI+NFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzEyMDYwODA4MDZaFw0yNDEyMDQwODEzMDZaMDMxMTAvBgNV
BAMTKDNDQTQwQjU3NDNDODlGQUY5RjFFMzQyNUQ1NUQ3QkFDQjBBRDVCM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCizW++zLDGJguhrE7ZV7ODSeos
OsWd8u/qA9aGGLiS+jBdS6QCjwYwghblwkaSlevS2HZWoASdu4PnJUnr6hefzc1s
06wZFv5+zAJPyLunCmHH8WsMCMjXd3xd9PgPy/7rj4P0pA2NXORJahgS3J4AVKgU
u97Ukiw7BMnQLuyNH6jbIfWZrhEtnRakKZY/3q5f76N2e+INfvevsv58QzTnL6jz
YcQdZ/5r/tiWYKL5RfOS53mRIclRxYlaMyMgoMbtaPJOih87oMI3VliBxQRiaHXl
ABe9e8g/gNjQySoqwQvAlcWz34FcFWH1eNIQu7roklK4Luz/DnIk4uTdg7/tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPKQLV0PIn6+fHjQl1V17rLCtWzswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khM1MA0GCSqGSIb3DQEBCwUAA4IBAQBlOQw6nNaw3W7wHgtdWxe21ogoTRFdClvC
rJunwMbyO+jh03xY1uwdz7BG3N394TxvF/cvet0i2IaKAmJcAFBc0/+Y3ErEmxgw
UsO5knUxx2OQv0tiwMgV38/eIb2V+Syu31hki/SWyCWZZ5OeFavXomo4kKP+7HHr
PpcNzelY+bcbz3D0K9089kiIfIzWa512aPnfTl0if+qZnQ/XrWfGLM2pxRCWnr/m
l4q0oh6EoTPLot8gV2vm7Rm8ressyByTDtOE3oZ3zk7XxJxGA7/bnxoeAEb3zTdc
5o1c+XCFoL80nrrZEfZ7RYWt39QlUJUwHKrCe/XW8oadjyCGGKCd
-----END CERTIFICATE-----
Generated at Sat May 18 20:36:32 2024 by rpki-client on console-ams.rpki-client.org