Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e35332e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: Fnjx+RFd66qdmTcd1PG8dLz2onNSyt8IxXY7q3Iavok=
Subject key identifier: BD:B3:C7:EB:5C:25:39:4E:FC:67:0C:DA:AF:5C:4B:07:C2:A8:64:E8
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 75DF7DA5AC305062331DB9993365D2A4C1D46039
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
Signing time: Wed 06 Nov 2024 08:43:27 +0000
ROA not before: Wed 06 Nov 2024 08:38:27 +0000
ROA not after: Wed 05 Nov 2025 08:43:27 +0000
asID: 142111
IP address blocks: 146.19.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:df:7d:a5:ac:30:50:62:33:1d:b9:99:33:65:d2:a4:c1:d4:60:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 6 08:38:27 2024 GMT
Not After : Nov 5 08:43:27 2025 GMT
Subject: CN=BDB3C7EB5C25394EFC670CDAAF5C4B07C2A864E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9d:d4:b0:81:31:8c:40:5b:58:d5:af:6f:d5:
f4:22:49:70:e3:12:2f:3c:72:81:9a:dd:14:88:31:
fa:12:25:cc:5c:a9:f2:95:c1:08:37:3f:d9:aa:c0:
4b:97:27:9a:b3:bf:f7:e3:f1:6d:0a:ed:9f:8b:c3:
b9:0a:43:73:9e:4a:f2:45:5d:cc:f2:87:52:cf:92:
a2:14:a3:92:34:53:d4:1c:b2:30:2e:2c:d5:24:77:
11:83:fb:7f:26:87:40:97:d7:7b:f2:0f:60:0d:c8:
60:e3:80:9b:59:57:4d:e1:09:a4:5d:fb:7c:37:d1:
a2:b3:3f:b4:e4:70:e0:54:a6:76:23:18:53:1a:48:
89:cc:cf:07:d3:76:c5:9d:4f:c7:1a:62:4c:42:03:
92:25:cb:d8:dd:48:18:ba:f4:df:9c:81:38:f7:f2:
23:0c:09:be:a6:63:cf:8e:94:32:b7:b6:0b:aa:9d:
53:c6:86:e1:bf:06:29:91:b6:93:9e:f0:bc:ea:f6:
61:98:d8:fc:9d:64:17:d8:77:99:d6:91:1f:0e:02:
b6:52:b9:34:75:e0:41:38:9b:6c:ec:4d:e0:8d:6a:
21:69:a3:7a:7f:28:e6:3b:73:f8:02:4e:c1:24:cd:
b4:39:9c:79:00:f0:80:b2:28:f8:7b:16:2a:da:5c:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B3:C7:EB:5C:25:39:4E:FC:67:0C:DA:AF:5C:4B:07:C2:A8:64:E8
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.53.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:85:ba:e9:b7:c6:b7:b5:c5:f1:51:62:e5:25:9b:05:e4:02:
30:ae:e9:57:37:15:d7:13:2a:cd:6f:c9:ca:2b:d3:a2:95:f7:
85:82:c2:2c:be:50:43:14:77:fc:0f:ba:13:a3:12:10:0b:3d:
c2:71:7a:29:0e:d1:f2:37:ab:c4:44:7e:7b:da:af:77:b7:d3:
aa:9a:97:ba:0a:ec:cf:d9:9f:47:59:0f:4d:c5:29:12:ad:71:
77:98:ae:62:3b:a5:8a:91:67:99:f2:44:b6:e3:94:6e:54:2e:
c9:02:dc:ed:17:99:e8:99:be:f3:34:03:8b:3c:1c:32:d4:de:
dd:40:b8:45:74:6b:f0:7b:19:f6:51:60:92:89:3d:d0:80:57:
9c:a9:9e:c8:55:df:ce:5d:2d:d5:08:93:e5:7f:5d:76:c6:8b:
66:90:d1:93:7c:6b:2e:d9:23:51:77:3d:f0:3b:f6:d5:e3:61:
14:8a:03:cb:72:45:50:96:a2:20:91:7e:d1:a6:46:c6:db:51:
2f:89:1f:2d:f3:a0:ca:97:27:52:96:10:e7:8a:28:07:d0:bc:
ee:7f:e4:d9:b1:29:bf:95:4e:ba:64:f9:de:3a:1f:96:25:67:
ae:f1:a9:64:39:90:99:3e:9c:c6:dd:25:9c:2a:93:b2:65:3a:
d0:1f:9b:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdd99pawwUGIzHbmZM2XSpMHUYDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDExMDYwODM4MjdaFw0yNTExMDUwODQzMjdaMDMxMTAvBgNV
BAMTKEJEQjNDN0VCNUMyNTM5NEVGQzY3MENEQUFGNUM0QjA3QzJBODY0RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpndSwgTGMQFtY1a9v1fQiSXDj
Ei88coGa3RSIMfoSJcxcqfKVwQg3P9mqwEuXJ5qzv/fj8W0K7Z+Lw7kKQ3OeSvJF
Xczyh1LPkqIUo5I0U9QcsjAuLNUkdxGD+38mh0CX13vyD2ANyGDjgJtZV03hCaRd
+3w30aKzP7TkcOBUpnYjGFMaSInMzwfTdsWdT8caYkxCA5Ily9jdSBi69N+cgTj3
8iMMCb6mY8+OlDK3tguqnVPGhuG/BimRtpOe8Lzq9mGY2PydZBfYd5nWkR8OArZS
uTR14EE4m2zsTeCNaiFpo3p/KOY7c/gCTsEkzbQ5nHkA8ICyKPh7FiraXMbPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvbPH61wlOU78Zwzar1xLB8KoZOgwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khM1MA0GCSqGSIb3DQEBCwUAA4IBAQC1hbrpt8a3tcXxUWLlJZsF5AIwrulXNxXX
EyrNb8nKK9OilfeFgsIsvlBDFHf8D7oToxIQCz3CcXopDtHyN6vERH572q93t9Oq
mpe6CuzP2Z9HWQ9NxSkSrXF3mK5iO6WKkWeZ8kS245RuVC7JAtztF5nomb7zNAOL
PBwy1N7dQLhFdGvwexn2UWCSiT3QgFecqZ7IVd/OXS3VCJPlf112xotmkNGTfGsu
2SNRdz3wO/bV42EUigPLckVQlqIgkX7RpkbG21EviR8t86DKlydSlhDniigH0Lzu
f+TZsSm/lU66ZPneOh+WJWeu8alkOZCZPpzG3SWcKpOyZTrQH5vq
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:24 2024 by rpki-client on console-ams.rpki-client.org