Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
File: 3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: Dw21SQRvhIStUdj4CbmqnMuwZh/qcP2IvzyF3pxoeJQ=
Subject key identifier: 4A:9D:C2:BE:DC:21:EF:85:69:43:D1:E4:31:0C:88:5F:8C:77:9D:0A
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 0DCE3602EF4BF3DE354AC9ADE71674E9A5414443
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
Signing time: Sun 12 May 2024 03:27:00 +0000
ROA not before: Sun 12 May 2024 03:22:00 +0000
ROA not after: Sun 11 May 2025 03:27:00 +0000
asID: 152672
IP address blocks: 176.126.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:ce:36:02:ef:4b:f3:de:35:4a:c9:ad:e7:16:74:e9:a5:41:44:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: May 12 03:22:00 2024 GMT
Not After : May 11 03:27:00 2025 GMT
Subject: CN=4A9DC2BEDC21EF856943D1E4310C885F8C779D0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9e:53:3a:fe:c3:0e:d8:90:c5:09:b1:e3:d1:
d0:93:41:20:d2:c5:31:f6:72:53:4f:8e:39:65:06:
0c:75:15:a5:c6:c2:9d:3c:6e:a3:3b:97:1a:cb:75:
27:86:b1:fa:e3:29:85:df:22:e3:f7:e3:a7:f1:b3:
fe:16:46:92:f0:2d:e9:65:42:a5:80:de:32:df:45:
40:2d:6a:8a:2f:fa:df:c3:54:60:9f:79:07:10:93:
a8:c7:7e:04:9a:04:af:42:a6:fd:9a:e2:f8:46:c6:
ba:ad:4f:60:97:21:a6:8e:0d:7b:fe:81:76:4d:61:
89:ad:24:8e:dd:5d:32:9e:5a:06:b4:34:0f:c9:60:
86:c6:47:7c:c7:fd:3c:37:9b:c9:db:67:95:95:2b:
e3:ed:52:eb:a2:4c:07:56:50:92:00:1b:f6:cd:21:
c9:45:f2:e1:40:78:c4:ea:6f:3a:5e:a4:90:f5:1c:
f6:81:f1:67:c9:15:e0:c1:b2:32:5d:33:cc:3f:4a:
5d:f3:20:d9:12:9d:2a:57:7a:d9:3d:f9:d7:34:f6:
c2:85:35:92:b0:d7:49:ae:a4:ac:82:af:16:fe:c0:
2a:16:4e:c8:a2:b8:53:1c:30:bc:75:f9:19:a8:d8:
a8:27:57:aa:ac:e9:e5:08:87:8c:8f:1a:5a:71:ad:
9f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9D:C2:BE:DC:21:EF:85:69:43:D1:E4:31:0C:88:5F:8C:77:9D:0A
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.105.0/24
Signature Algorithm: sha256WithRSAEncryption
56:75:f7:a2:ac:41:d6:56:af:4b:43:78:52:c2:3a:c4:02:3b:
fb:60:ad:63:0c:8a:8b:e6:d2:ff:63:49:ef:17:3e:e9:f1:c1:
82:d7:33:d9:d8:09:d6:43:fb:fa:78:ad:7b:19:7c:d0:43:a4:
ee:f1:c4:54:77:34:37:2e:ce:f4:54:76:08:71:94:98:b3:70:
fa:19:8a:5a:7a:f9:71:59:e8:65:12:39:94:8b:a8:ac:ae:a3:
19:6d:e4:aa:9b:78:a3:10:87:58:c7:70:d8:fa:4f:86:da:12:
1a:1b:ef:3d:24:47:7d:39:b0:a2:f7:dd:ca:4c:06:51:71:d6:
39:43:73:64:ad:66:72:f5:5f:f0:05:e5:77:c9:32:4e:94:af:
9a:09:2f:3b:48:0b:ff:bc:db:5c:5a:59:a4:b3:0f:16:88:e2:
15:3b:38:71:b2:88:bd:e7:de:76:a5:58:0b:e9:ed:4d:38:b6:
1d:ba:15:81:48:e1:bc:23:3b:a9:ad:02:22:d0:71:1d:8c:1d:
23:47:61:31:6e:82:80:92:7d:6f:36:d7:ff:35:82:45:8c:dd:
e7:dd:96:2f:25:20:63:db:44:72:51:d7:48:a9:22:aa:23:14:
fd:17:20:e8:b3:58:38:d8:bb:1e:2f:a9:c9:82:f2:61:18:2d:
07:7a:4a:1b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDc42Au9L8941Ssmt5xZ06aVBREMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA1MTIwMzIyMDBaFw0yNTA1MTEwMzI3MDBaMDMxMTAvBgNV
BAMTKDRBOURDMkJFREMyMUVGODU2OTQzRDFFNDMxMEM4ODVGOEM3NzlEMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxnlM6/sMO2JDFCbHj0dCTQSDS
xTH2clNPjjllBgx1FaXGwp08bqM7lxrLdSeGsfrjKYXfIuP346fxs/4WRpLwLell
QqWA3jLfRUAtaoov+t/DVGCfeQcQk6jHfgSaBK9Cpv2a4vhGxrqtT2CXIaaODXv+
gXZNYYmtJI7dXTKeWga0NA/JYIbGR3zH/Tw3m8nbZ5WVK+PtUuuiTAdWUJIAG/bN
IclF8uFAeMTqbzpepJD1HPaB8WfJFeDBsjJdM8w/Sl3zINkSnSpXetk9+dc09sKF
NZKw10mupKyCrxb+wCoWTsiiuFMcMLx1+Rmo2KgnV6qs6eUIh4yPGlpxrZ8nAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSp3Cvtwh74VpQ9HkMQyIX4x3nQowHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNzM2MmUzMTMyMzYyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM2MzczMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB+aTANBgkqhkiG9w0BAQsFAAOCAQEAVnX3oqxB1lavS0N4UsI6xAI7+2Ct
YwyKi+bS/2NJ7xc+6fHBgtcz2dgJ1kP7+nitexl80EOk7vHEVHc0Ny7O9FR2CHGU
mLNw+hmKWnr5cVnoZRI5lIuorK6jGW3kqpt4oxCHWMdw2PpPhtoSGhvvPSRHfTmw
ovfdykwGUXHWOUNzZK1mcvVf8AXld8kyTpSvmgkvO0gL/7zbXFpZpLMPFojiFTs4
cbKIvefedqVYC+ntTTi2HboVgUjhvCM7qa0CItBxHYwdI0dhMW6CgJJ9bzbX/zWC
RYzd592WLyUgY9tEclHXSKkiqiMU/Rcg6LNYONi7Hi+pyYLyYRgtB3pKGw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:02 2024 by rpki-client on console-ams.rpki-client.org