Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
File: 322e35382e38352e302f32342d3234203d3e203437343336.roa (raw, json)
Hash identifier: fqA71PdlXOG8fkrThemWoyT9EUV8aS4x85zKtL1ncVo=
Subject key identifier: 45:0F:5D:66:F8:CE:17:37:F2:2B:A5:DB:A6:00:F1:BE:56:1E:7E:6B
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 237103600B266F3329FF6F31B8BEF19136A98E88
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
Signing time: Thu 06 Jun 2024 15:56:51 +0000
ROA not before: Thu 06 Jun 2024 15:51:51 +0000
ROA not after: Thu 05 Jun 2025 15:56:51 +0000
asID: 47436
IP address blocks: 2.58.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 13:20:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:71:03:60:0b:26:6f:33:29:ff:6f:31:b8:be:f1:91:36:a9:8e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 15:51:51 2024 GMT
Not After : Jun 5 15:56:51 2025 GMT
Subject: CN=450F5D66F8CE1737F22BA5DBA600F1BE561E7E6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:52:31:7c:e5:8c:bb:2f:8a:eb:88:5a:4a:77:
d8:8e:81:ea:a4:08:f9:de:63:87:8c:64:84:58:fa:
cc:ef:be:98:0e:70:c0:2f:5c:1a:ab:ac:76:74:a4:
4f:d2:cb:b9:01:c1:93:d5:28:84:44:08:cb:e7:02:
f0:8d:01:84:db:61:13:cb:58:c2:96:42:5b:bf:a2:
53:f1:f7:f3:ad:b0:ee:71:cc:21:b4:79:bd:fa:5d:
8e:a7:d6:91:68:c2:2b:c9:33:c6:e9:05:25:6d:05:
3d:08:6e:27:c5:46:b6:9d:c7:37:87:db:42:cf:86:
cc:70:33:74:3e:0f:ab:ca:3c:3f:e0:61:6a:62:a7:
c5:5f:a9:d9:71:50:1d:74:26:9e:c5:f1:c9:0f:ec:
46:ff:d6:a3:53:5e:78:0c:2d:67:84:3a:60:97:8f:
df:fc:ee:00:40:fd:a8:4b:6f:6e:b4:c8:5f:cc:30:
89:1c:5e:05:fc:4e:ab:92:9b:56:eb:24:28:30:6a:
1c:9d:49:21:1e:e0:9c:09:6f:55:63:b6:42:0b:57:
f4:8a:38:0b:e0:37:7e:6a:8c:f8:c6:79:48:05:e9:
fc:58:ca:fc:66:e4:0b:f7:31:79:86:9a:0f:8f:b2:
06:a9:60:41:81:4a:7e:77:87:77:93:0e:77:f5:66:
35:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:0F:5D:66:F8:CE:17:37:F2:2B:A5:DB:A6:00:F1:BE:56:1E:7E:6B
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
76:07:cb:ab:f0:b8:fa:95:4e:3d:a0:1c:c8:85:2f:c3:bb:c8:
5f:b6:54:8c:02:8e:52:f8:e5:d8:29:31:da:84:a6:2c:34:39:
8a:fc:b0:5a:6d:5d:a5:eb:46:84:54:be:27:53:d6:c9:21:bc:
04:cd:eb:ad:8c:d4:50:a3:60:77:b1:91:7c:83:7c:34:f5:01:
bd:59:d1:4d:47:33:0b:6e:fb:9f:ad:5f:c4:cb:c3:dc:26:52:
8f:3f:db:73:b0:87:8a:7e:c3:88:16:2a:36:06:c6:37:a7:bb:
5e:90:9b:2f:09:5a:e0:39:38:e7:bd:ec:59:d3:4f:49:22:d2:
74:e3:b3:3c:78:51:fc:48:81:1f:45:f2:5b:32:69:3a:1f:39:
03:c4:47:80:52:b3:c1:88:0b:7e:00:c6:4e:6f:bb:be:c6:9d:
9d:1e:00:df:00:db:30:15:49:95:e7:e3:52:94:a7:53:dd:da:
ed:b8:17:b9:2b:b1:2c:b7:d8:1c:bf:44:19:08:7b:36:f0:91:
53:97:c5:43:00:42:26:a5:e9:49:df:7f:3c:09:e9:64:d8:4b:
58:a6:63:80:18:7f:61:3c:99:fb:7b:31:77:79:08:a2:c8:ce:
51:5d:f5:95:d2:22:e2:33:28:9a:51:23:ac:8d:5a:e1:bf:37:
21:e9:07:a1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUI3EDYAsmbzMp/28xuL7xkTapjogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNTUxNTFaFw0yNTA2MDUxNTU2NTFaMDMxMTAvBgNV
BAMTKDQ1MEY1RDY2RjhDRTE3MzdGMjJCQTVEQkE2MDBGMUJFNTYxRTdFNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgUjF85Yy7L4rriFpKd9iOgeqk
CPneY4eMZIRY+szvvpgOcMAvXBqrrHZ0pE/Sy7kBwZPVKIRECMvnAvCNAYTbYRPL
WMKWQlu/olPx9/OtsO5xzCG0eb36XY6n1pFowivJM8bpBSVtBT0IbifFRradxzeH
20LPhsxwM3Q+D6vKPD/gYWpip8VfqdlxUB10Jp7F8ckP7Eb/1qNTXngMLWeEOmCX
j9/87gBA/ahLb260yF/MMIkcXgX8TquSm1brJCgwahydSSEe4JwJb1VjtkILV/SK
OAvgN35qjPjGeUgF6fxYyvxm5Av3MXmGmg+PsgapYEGBSn53h3eTDnf1ZjV3AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQURQ9dZvjOFzfyK6XbpgDxvlYefmswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzQzMzM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpVMA0G
CSqGSIb3DQEBCwUAA4IBAQB2B8ur8Lj6lU49oBzIhS/Du8hftlSMAo5S+OXYKTHa
hKYsNDmK/LBabV2l60aEVL4nU9bJIbwEzeutjNRQo2B3sZF8g3w09QG9WdFNRzML
bvufrV/Ey8PcJlKPP9tzsIeKfsOIFio2BsY3p7tekJsvCVrgOTjnvexZ009JItJ0
47M8eFH8SIEfRfJbMmk6HzkDxEeAUrPBiAt+AMZOb7u+xp2dHgDfANswFUmV5+NS
lKdT3drtuBe5K7Est9gcv0QZCHs28JFTl8VDAEImpelJ3388Celk2EtYpmOAGH9h
PJn7ezF3eQiiyM5RXfWV0iLiMyiaUSOsjVrhvzch6Qeh
-----END CERTIFICATE-----
Generated at Mon Oct 14 17:29:35 2024 by rpki-client on console-ams.rpki-client.org