Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38372e302f32342d3234203d3e20313532363732.roa
File: 322e35382e38372e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: 4thOFDSKDIU79PqinoSmRs7CZOHr/mbWbQI5pKHhcrM=
Subject key identifier: 52:B8:AC:6F:29:28:28:6D:FB:5F:F4:9E:EA:3B:20:B8:61:99:22:70
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 61FD04595CD6740E474BD095F624072692625A14
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38372e302f32342d3234203d3e20313532363732.roa
Signing time: Thu 06 Jun 2024 16:23:55 +0000
ROA not before: Thu 06 Jun 2024 16:18:55 +0000
ROA not after: Thu 05 Jun 2025 16:23:55 +0000
asID: 152672
IP address blocks: 2.58.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:fd:04:59:5c:d6:74:0e:47:4b:d0:95:f6:24:07:26:92:62:5a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 6 16:18:55 2024 GMT
Not After : Jun 5 16:23:55 2025 GMT
Subject: CN=52B8AC6F2928286DFB5FF49EEA3B20B861992270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f5:af:ea:7d:21:40:ce:8c:64:14:3c:7f:de:
db:b5:2f:e9:59:51:ae:1c:51:ab:9c:51:d5:42:92:
44:ad:1e:51:6c:e9:e2:57:2d:a1:ec:0f:2e:c7:e9:
a0:21:3d:1a:ef:17:0a:fa:9c:aa:c2:31:7d:4a:64:
42:aa:9c:06:2e:17:f5:6a:5f:51:bb:50:01:ad:7b:
ff:a3:36:be:04:cc:7b:b1:14:7b:a5:8a:cd:06:e3:
d3:5e:03:7c:b6:9d:74:08:a5:95:f8:cd:81:0c:da:
2d:ed:01:64:5b:79:f4:4c:86:a3:8e:73:75:8a:63:
94:d8:8e:06:03:cc:47:f7:e5:b6:db:b5:40:dc:46:
71:b6:06:aa:ea:4b:b6:94:2d:5d:a6:50:1a:86:5b:
51:2f:2e:a3:d5:0b:8a:56:a5:a9:58:5a:0d:34:89:
0b:ab:c9:9e:04:cb:45:7b:5a:ff:39:be:82:f8:01:
1f:6c:fe:87:e9:95:72:f2:b6:a7:2f:01:49:57:6e:
28:54:2a:a8:0c:41:69:5c:38:53:53:c0:51:f2:8d:
80:a8:69:c8:22:62:28:b1:59:44:ac:54:c6:0c:04:
3c:11:7b:f2:59:27:4a:e7:3b:b7:92:25:2a:1f:4d:
64:5a:73:f8:29:78:29:84:ef:40:3d:4f:5c:5b:1c:
93:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B8:AC:6F:29:28:28:6D:FB:5F:F4:9E:EA:3B:20:B8:61:99:22:70
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38372e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.87.0/24
Signature Algorithm: sha256WithRSAEncryption
82:f6:ea:e0:03:97:71:d6:91:1c:3c:93:c8:09:37:b2:1d:ca:
e4:b1:79:ef:cf:0c:83:f0:fd:80:47:fb:bc:a3:a1:3f:07:81:
46:a6:c4:34:39:63:84:0c:4a:dd:0f:d5:95:52:be:94:67:90:
fa:db:95:e2:6a:eb:2c:00:02:7d:c4:83:44:f0:16:b8:b5:f6:
ae:78:f7:6b:7e:60:e6:06:88:5b:14:ab:1e:8a:d0:8b:52:b5:
38:f9:ff:b2:e7:4e:bf:93:d7:1a:30:15:10:f7:1f:4a:e6:ce:
15:25:eb:c2:f1:a2:58:25:82:69:1e:8f:7e:4b:c6:86:25:ac:
9a:b0:11:63:39:e7:32:c7:e9:91:44:9e:93:4a:e9:15:ab:7b:
29:35:80:a4:46:f2:aa:3f:b0:9f:31:f8:1f:82:31:5b:09:8f:
cb:2d:83:8d:54:93:d4:ec:c9:34:3f:92:5f:97:79:7b:f0:36:
cc:00:16:f3:b7:e4:b0:55:8f:57:0f:4d:40:39:85:3d:84:f6:
d0:82:34:63:71:25:e0:e0:b4:95:77:af:b4:b9:f9:f4:39:20:
f0:6a:6e:37:f0:fd:45:80:e8:35:b0:07:d4:e4:2e:d8:8a:8d:
24:f0:aa:db:f9:73:db:60:82:c8:5b:2d:6c:da:e7:5d:cf:ae:
81:1f:cf:4a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUYf0EWVzWdA5HS9CV9iQHJpJiWhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MDYxNjE4NTVaFw0yNTA2MDUxNjIzNTVaMDMxMTAvBgNV
BAMTKDUyQjhBQzZGMjkyODI4NkRGQjVGRjQ5RUVBM0IyMEI4NjE5OTIyNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC49a/qfSFAzoxkFDx/3tu1L+lZ
Ua4cUaucUdVCkkStHlFs6eJXLaHsDy7H6aAhPRrvFwr6nKrCMX1KZEKqnAYuF/Vq
X1G7UAGte/+jNr4EzHuxFHulis0G49NeA3y2nXQIpZX4zYEM2i3tAWRbefRMhqOO
c3WKY5TYjgYDzEf35bbbtUDcRnG2BqrqS7aULV2mUBqGW1EvLqPVC4pWpalYWg00
iQuryZ4Ey0V7Wv85voL4AR9s/ofplXLytqcvAUlXbihUKqgMQWlcOFNTwFHyjYCo
acgiYiixWUSsVMYMBDwRe/JZJ0rnO7eSJSofTWRac/gpeCmE70A9T1xbHJNDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUUrisbykoKG37X/Se6jsguGGZInAwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzIzNjM3MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOlcw
DQYJKoZIhvcNAQELBQADggEBAIL26uADl3HWkRw8k8gJN7IdyuSxee/PDIPw/YBH
+7yjoT8HgUamxDQ5Y4QMSt0P1ZVSvpRnkPrbleJq6ywAAn3Eg0TwFri19q5492t+
YOYGiFsUqx6K0ItStTj5/7LnTr+T1xowFRD3H0rmzhUl68Lxolglgmkej35LxoYl
rJqwEWM55zLH6ZFEnpNK6RWreyk1gKRG8qo/sJ8x+B+CMVsJj8stg41Uk9TsyTQ/
kl+XeXvwNswAFvO35LBVj1cPTUA5hT2E9tCCNGNxJeDgtJV3r7S5+fQ5IPBqbjfw
/UWA6DWwB9TkLtiKjSTwqtv5c9tggshbLWza513ProEfz0o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:24 2024 by rpki-client on console-ams.rpki-client.org