Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
File: 3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: DwyMTECLZLlRq4hX5aEaISadvCNFurefZUnuOjs+FiM=
Subject key identifier: 9A:DD:A0:60:17:9F:87:3A:C5:07:1C:A2:94:98:99:C8:0B:16:3D:BB
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 1F9F9B8F7757A3DE6E0E7374D2C3719AB50B0FAB
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
Signing time: Thu 07 Nov 2024 09:43:27 +0000
ROA not before: Thu 07 Nov 2024 09:38:27 +0000
ROA not after: Thu 06 Nov 2025 09:43:27 +0000
asID: 142111
IP address blocks: 176.126.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:9f:9b:8f:77:57:a3:de:6e:0e:73:74:d2:c3:71:9a:b5:0b:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 7 09:38:27 2024 GMT
Not After : Nov 6 09:43:27 2025 GMT
Subject: CN=9ADDA060179F873AC5071CA2949899C80B163DBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f5:95:e1:af:15:a6:fb:03:25:72:0e:69:9b:
cb:14:ac:81:d3:88:d5:6e:a6:70:60:a4:01:7b:83:
66:db:80:56:4b:49:c2:aa:fa:be:c0:ff:3e:3e:d6:
65:41:aa:fc:96:a6:90:1f:fd:85:3c:24:7a:22:20:
f9:2c:7c:89:06:de:3d:f9:df:2a:64:f8:1c:d1:5c:
bb:40:25:ae:c4:74:4e:b5:c5:73:73:6a:b6:bc:dc:
cd:4b:ee:3c:8b:e7:d0:5c:01:3e:d0:f4:05:a6:4b:
ef:e7:b8:14:04:6b:77:58:30:e1:60:13:f8:df:ca:
5f:c0:35:ac:30:c5:0b:a6:79:cd:db:f0:e9:9b:e7:
c3:91:90:27:24:58:f4:10:ad:5f:57:39:4f:da:47:
b0:97:ea:8e:ea:03:3d:da:65:fd:0a:70:c6:74:4b:
d1:5c:4c:56:21:cf:6c:a1:a8:7b:9d:3c:c4:e0:a1:
8e:e4:f3:b5:cd:5e:1f:07:d0:88:29:db:f6:33:b5:
75:a0:ab:25:d4:95:69:7a:ac:45:52:2f:48:6e:4c:
72:5a:fc:a7:fe:7d:d6:50:47:6a:44:36:74:29:61:
04:06:fd:de:e3:c0:bb:41:ad:3f:96:2e:d5:79:ee:
38:1b:01:87:35:01:63:25:7c:3a:7a:e3:7a:f1:70:
83:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DD:A0:60:17:9F:87:3A:C5:07:1C:A2:94:98:99:C8:0B:16:3D:BB
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.105.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:05:e9:12:71:ff:85:55:e9:44:14:d2:7e:2f:23:ec:8a:be:
f5:95:51:29:e0:4d:b7:4b:44:ec:04:25:cf:03:77:c2:b9:4d:
a4:b1:f1:ae:7f:cc:ae:b2:cd:22:df:37:23:8a:9d:ff:d0:84:
cc:df:7c:41:90:6d:0c:0c:4b:9c:3d:d1:29:88:df:15:6c:c8:
b9:6f:ed:8b:9a:78:96:32:6d:73:a6:fb:f6:d9:b9:78:e3:93:
d3:3f:2a:df:2e:bc:2f:84:9a:50:dd:e0:42:9c:2a:46:4a:5b:
2a:1b:91:9d:de:d9:83:61:f6:89:3e:96:54:ce:66:85:46:f5:
ee:14:46:b0:a9:41:a0:44:3a:1f:95:4d:3d:fb:df:2e:41:0d:
f8:64:60:65:9b:9b:fc:31:8e:c8:f3:ec:0b:f3:32:09:8f:ab:
f0:77:5d:3e:04:8b:5b:89:7f:9a:61:e1:b0:66:68:e4:28:2d:
80:26:94:21:c9:88:c4:e9:f8:c9:89:49:cd:7f:5d:2d:c1:18:
bd:b7:7f:c2:98:73:87:65:04:3c:a1:33:a3:09:6f:96:45:29:
bc:2e:c2:ca:e8:b2:b7:e5:97:f0:ff:97:ec:3d:63:18:85:c7:
d8:e7:78:0b:6f:41:c5:7a:4f:47:af:c8:8a:a6:07:ba:87:25:
c0:0b:86:26
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUH5+bj3dXo95uDnN00sNxmrULD6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDExMDcwOTM4MjdaFw0yNTExMDYwOTQzMjdaMDMxMTAvBgNV
BAMTKDlBRERBMDYwMTc5Rjg3M0FDNTA3MUNBMjk0OTg5OUM4MEIxNjNEQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+9ZXhrxWm+wMlcg5pm8sUrIHT
iNVupnBgpAF7g2bbgFZLScKq+r7A/z4+1mVBqvyWppAf/YU8JHoiIPksfIkG3j35
3ypk+BzRXLtAJa7EdE61xXNzara83M1L7jyL59BcAT7Q9AWmS+/nuBQEa3dYMOFg
E/jfyl/ANawwxQumec3b8Omb58ORkCckWPQQrV9XOU/aR7CX6o7qAz3aZf0KcMZ0
S9FcTFYhz2yhqHudPMTgoY7k87XNXh8H0Igp2/YztXWgqyXUlWl6rEVSL0huTHJa
/Kf+fdZQR2pENnQpYQQG/d7jwLtBrT+WLtV57jgbAYc1AWMlfDp643rxcIOtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUmt2gYBefhzrFBxyilJiZyAsWPbswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNzM2MmUzMTMyMzYyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMjMxMzEzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB+aTANBgkqhkiG9w0BAQsFAAOCAQEArgXpEnH/hVXpRBTSfi8j7Iq+9ZVR
KeBNt0tE7AQlzwN3wrlNpLHxrn/MrrLNIt83I4qd/9CEzN98QZBtDAxLnD3RKYjf
FWzIuW/ti5p4ljJtc6b79tm5eOOT0z8q3y68L4SaUN3gQpwqRkpbKhuRnd7Zg2H2
iT6WVM5mhUb17hRGsKlBoEQ6H5VNPfvfLkEN+GRgZZub/DGOyPPsC/MyCY+r8Hdd
PgSLW4l/mmHhsGZo5CgtgCaUIcmIxOn4yYlJzX9dLcEYvbd/wphzh2UEPKEzowlv
lkUpvC7Cyuiyt+WX8P+X7D1jGIXH2Od4C29BxXpPR6/IiqYHuoclwAuGJg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:56:49 2024 by rpki-client on console-fra.rpki-client.org