Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20323031333634.roa
File: 322e35382e38352e302f32342d3234203d3e20323031333634.roa (raw, json)
Hash identifier: Z7CGoOxmV/FvC6Lxzfgi1yiH0QlQzaQf4sHgejVdqLE=
Subject key identifier: A4:29:EF:32:71:6D:77:6D:60:E3:5D:3C:BC:40:10:D1:D2:C5:CC:F7
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 5533BF12B2329F099D4F634BE3C75BF10C663E91
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20323031333634.roa
Signing time: Thu 06 Jun 2024 16:28:02 +0000
ROA not before: Thu 06 Jun 2024 16:23:02 +0000
ROA not after: Thu 05 Jun 2025 16:28:02 +0000
asID: 201364
IP address blocks: 2.58.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:33:bf:12:b2:32:9f:09:9d:4f:63:4b:e3:c7:5b:f1:0c:66:3e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:23:02 2024 GMT
Not After : Jun 5 16:28:02 2025 GMT
Subject: CN=A429EF32716D776D60E35D3CBC4010D1D2C5CCF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:aa:97:67:c8:cf:d4:c2:e8:25:a6:7d:28:b9:
46:61:b5:dd:1f:16:5c:ce:a4:7e:4e:d9:99:4f:7b:
f5:d7:55:7b:f8:a6:24:ec:43:85:a5:1f:08:d6:7f:
08:ca:2b:fe:d8:76:cc:d6:66:41:04:50:0e:ec:00:
44:65:62:2a:c1:28:b1:a1:53:64:dc:54:92:82:bd:
a3:32:53:98:c0:e3:f4:56:10:97:8e:96:72:a7:64:
60:ed:7f:fa:9d:ee:ea:d1:d0:90:4e:33:89:a4:13:
12:bf:bb:03:75:e1:20:29:70:98:40:29:d5:9c:49:
3a:f6:e7:1a:fc:26:99:54:eb:5e:d0:7d:18:08:47:
a5:87:8c:21:c5:a6:bb:16:3c:4c:8a:6b:bc:42:3d:
c9:9e:fe:0e:3c:d9:a2:a0:99:92:ee:54:c6:56:a9:
50:6e:b7:1c:33:30:80:c4:24:17:8d:2d:de:de:77:
91:63:02:aa:a3:62:0d:69:c5:39:4c:8d:0d:53:d7:
0d:ef:de:07:b4:ab:b5:78:ac:53:b2:37:94:a7:77:
a4:a4:2f:57:08:e4:be:54:cf:44:90:f2:d8:bc:c4:
29:3e:74:42:a4:00:45:73:c0:6b:bf:28:30:fb:fa:
f2:18:6f:eb:e6:04:c6:11:61:f3:41:31:fd:24:bf:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:29:EF:32:71:6D:77:6D:60:E3:5D:3C:BC:40:10:D1:D2:C5:CC:F7
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20323031333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:a7:7c:1c:d5:af:2e:e9:02:c2:73:5d:7f:ef:96:bc:f6:4b:
90:ab:65:b7:0d:3f:51:49:11:2a:9a:f5:a9:c1:3d:d7:e2:fa:
b0:93:09:cc:97:86:b1:15:02:63:36:54:b1:d0:8b:a5:2e:36:
a2:e4:67:00:48:86:46:31:f1:f8:50:52:e3:19:87:b4:05:55:
0c:4c:a1:69:e3:b7:ae:d8:c2:8a:2d:3d:ee:c5:82:23:f3:b3:
30:32:2b:31:37:8c:ea:ca:b3:ba:f5:da:4b:d8:12:91:97:0c:
45:37:8d:77:18:27:0d:03:d1:0e:78:d1:24:93:25:30:fa:95:
80:2b:14:c3:6a:18:a6:0e:f8:7e:71:bb:f9:c0:a6:ec:fc:98:
6d:8f:cf:2e:63:aa:cc:85:2e:cb:bd:98:6a:5a:20:f7:12:f3:
6c:2f:7d:30:f5:e8:bb:a9:31:62:79:1d:d7:9b:71:b1:39:41:
2e:69:79:38:a2:61:f9:43:75:0a:53:37:22:36:f7:ae:62:05:
c3:ea:1f:9d:13:75:82:56:3d:9a:f9:8a:f4:17:5c:e1:95:8c:
fa:01:79:78:42:f5:f9:ad:9f:a6:19:e0:cc:d8:b1:9c:24:01:
8f:2f:30:03:f4:59:9d:e4:dd:a1:ac:57:2f:00:6e:0e:2e:eb:
84:99:6a:70
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVTO/ErIynwmdT2NL48db8QxmPpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjIzMDJaFw0yNTA2MDUxNjI4MDJaMDMxMTAvBgNV
BAMTKEE0MjlFRjMyNzE2RDc3NkQ2MEUzNUQzQ0JDNDAxMEQxRDJDNUNDRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYqpdnyM/Uwuglpn0ouUZhtd0f
FlzOpH5O2ZlPe/XXVXv4piTsQ4WlHwjWfwjKK/7YdszWZkEEUA7sAERlYirBKLGh
U2TcVJKCvaMyU5jA4/RWEJeOlnKnZGDtf/qd7urR0JBOM4mkExK/uwN14SApcJhA
KdWcSTr25xr8JplU617QfRgIR6WHjCHFprsWPEyKa7xCPcme/g482aKgmZLuVMZW
qVButxwzMIDEJBeNLd7ed5FjAqqjYg1pxTlMjQ1T1w3v3ge0q7V4rFOyN5Snd6Sk
L1cI5L5Uz0SQ8ti8xCk+dEKkAEVzwGu/KDD7+vIYb+vmBMYRYfNBMf0kv3ALAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUpCnvMnFtd21g4108vEAQ0dLFzPcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM2MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOlUw
DQYJKoZIhvcNAQELBQADggEBAIunfBzVry7pAsJzXX/vlrz2S5CrZbcNP1FJESqa
9anBPdfi+rCTCcyXhrEVAmM2VLHQi6UuNqLkZwBIhkYx8fhQUuMZh7QFVQxMoWnj
t67YwootPe7FgiPzszAyKzE3jOrKs7r12kvYEpGXDEU3jXcYJw0D0Q540SSTJTD6
lYArFMNqGKYO+H5xu/nApuz8mG2Pzy5jqsyFLsu9mGpaIPcS82wvfTD16LupMWJ5
HdebcbE5QS5peTiiYflDdQpTNyI2965iBcPqH50TdYJWPZr5ivQXXOGVjPoBeXhC
9fmtn6YZ4MzYsZwkAY8vMAP0WZ3k3aGsVy8Abg4u64SZanA=
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org