Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131352e302f32342d3234203d3e203234383735.roa
File: 3231322e31382e3131352e302f32342d3234203d3e203234383735.roa (raw, json)
Hash identifier: nwG+md6YcmyBZ+WooY2vEw30iaiyEbLwTnUa/7QLNG4=
Subject key identifier: A3:8E:62:7E:94:25:C6:CC:7E:28:D6:2D:BC:D5:38:A8:82:25:09:87
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 22B1D382C71E8DB23A6CC80C69BD7C13363B8CBE
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131352e302f32342d3234203d3e203234383735.roa
Signing time: Wed 06 Nov 2024 08:43:27 +0000
ROA not before: Wed 06 Nov 2024 08:38:27 +0000
ROA not after: Wed 05 Nov 2025 08:43:27 +0000
asID: 24875
IP address blocks: 212.18.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:b1:d3:82:c7:1e:8d:b2:3a:6c:c8:0c:69:bd:7c:13:36:3b:8c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 6 08:38:27 2024 GMT
Not After : Nov 5 08:43:27 2025 GMT
Subject: CN=A38E627E9425C6CC7E28D62DBCD538A882250987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:43:58:e4:eb:4c:bd:98:a0:9d:e8:ee:ca:
21:fa:5d:ab:aa:0c:5d:f5:29:37:8d:ae:28:2b:f2:
2f:bc:57:1b:f1:c4:ac:0d:28:18:ca:ca:5f:67:fd:
f3:de:30:b7:8d:b1:30:5c:f4:6a:c9:42:1b:cd:9a:
c7:c4:45:35:a5:e2:38:16:29:3b:06:3f:06:bf:ec:
9c:34:4f:d9:bd:da:fb:df:ae:44:86:28:69:1c:95:
37:68:7a:9e:d1:00:15:be:5a:fb:6e:c2:64:67:09:
3c:52:ab:da:8c:17:7b:f4:44:81:56:be:af:16:03:
f3:44:eb:c2:2d:ec:24:4f:2c:dc:fb:b5:98:18:59:
55:42:5a:48:63:c7:0c:a9:90:71:15:2a:81:db:aa:
00:1a:8c:37:b2:e1:91:9d:53:87:e8:98:b6:27:bf:
4f:fa:a6:25:0e:b5:43:42:93:1c:ec:bc:57:8c:68:
6a:4b:68:c8:06:b7:f0:61:5e:bf:d1:9b:73:9b:f4:
9c:64:4c:7c:23:3a:ab:ac:16:08:41:7e:05:d3:c1:
f5:75:7e:75:e5:c6:cf:f9:6f:d5:5d:72:18:24:a4:
98:56:a3:27:90:5f:39:a9:3e:2d:f4:35:59:d0:3d:
cc:39:21:85:9e:7b:a0:14:60:b1:ec:f3:30:21:ec:
af:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8E:62:7E:94:25:C6:CC:7E:28:D6:2D:BC:D5:38:A8:82:25:09:87
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131352e302f32342d3234203d3e203234383735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.115.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:3f:f2:70:78:74:ff:90:8b:78:14:b3:49:8d:6f:36:d2:80:
76:48:dd:ee:48:87:48:16:73:38:f5:bd:5b:80:dc:3f:fb:3a:
75:b1:e8:72:b7:a0:11:61:58:40:07:60:f1:bd:7c:44:79:0f:
01:61:5f:eb:d3:41:fc:84:5c:12:79:95:4c:25:ad:05:15:3a:
ef:8e:5f:6b:91:be:a3:f0:e3:a4:21:ee:61:02:9d:46:08:84:
db:81:23:82:42:0d:6c:63:c1:f4:ea:83:b0:e6:5b:67:80:69:
3e:4c:1c:7b:6e:3c:47:75:58:28:6c:b5:20:30:df:f2:47:61:
8a:eb:37:06:59:05:25:c2:4c:e3:4c:02:7f:0b:84:b3:4b:e5:
e3:82:00:3f:60:bf:bb:e7:67:2a:8e:27:7d:6b:88:19:78:46:
7c:31:82:f5:6b:c4:d8:ac:12:75:25:3a:b0:68:d8:f5:25:e9:
25:41:a4:48:c9:01:cf:32:ec:6d:a7:35:b8:e6:f1:f6:11:9f:
d2:f4:7f:6a:6d:6e:77:0b:88:36:e9:f2:6f:85:f8:b2:3e:d7:
06:69:30:0b:da:b3:d9:6c:7a:06:7e:68:92:97:6c:4e:16:98:
69:ec:e9:36:30:28:9d:19:ea:88:76:e3:00:9b:88:05:e8:62:
92:3b:19:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIrHTgscejbI6bMgMab18EzY7jL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDExMDYwODM4MjdaFw0yNTExMDUwODQzMjdaMDMxMTAvBgNV
BAMTKEEzOEU2MjdFOTQyNUM2Q0M3RTI4RDYyREJDRDUzOEE4ODIyNTA5ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfb0NY5OtMvZignejuyiH6Xauq
DF31KTeNrigr8i+8VxvxxKwNKBjKyl9n/fPeMLeNsTBc9GrJQhvNmsfERTWl4jgW
KTsGPwa/7Jw0T9m92vvfrkSGKGkclTdoep7RABW+WvtuwmRnCTxSq9qMF3v0RIFW
vq8WA/NE68It7CRPLNz7tZgYWVVCWkhjxwypkHEVKoHbqgAajDey4ZGdU4fomLYn
v0/6piUOtUNCkxzsvFeMaGpLaMgGt/BhXr/Rm3Ob9JxkTHwjOqusFghBfgXTwfV1
fnXlxs/5b9VdchgkpJhWoyeQXzmpPi30NVnQPcw5IYWee6AUYLHs8zAh7K8RAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUo45ifpQlxsx+KNYtvNU4qIIlCYcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMTM4MmUzMTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM0MzgzNzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BJzMA0GCSqGSIb3DQEBCwUAA4IBAQCwP/JweHT/kIt4FLNJjW820oB2SN3uSIdI
FnM49b1bgNw/+zp1sehyt6ARYVhAB2DxvXxEeQ8BYV/r00H8hFwSeZVMJa0FFTrv
jl9rkb6j8OOkIe5hAp1GCITbgSOCQg1sY8H06oOw5ltngGk+TBx7bjxHdVgobLUg
MN/yR2GK6zcGWQUlwkzjTAJ/C4SzS+XjggA/YL+752cqjid9a4gZeEZ8MYL1a8TY
rBJ1JTqwaNj1JeklQaRIyQHPMuxtpzW45vH2EZ/S9H9qbW53C4g26fJvhfiyPtcG
aTAL2rPZbHoGfmiSl2xOFphp7Ok2MCidGeqIduMAm4gF6GKSOxlg
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org