Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203239353338.roa
File: 3231322e32342e3132372e302f32342d3234203d3e203239353338.roa (raw, json)
Hash identifier: 1sNW1AAhEbGJiCJvObq8rtPZTgA7UIqt71Pz9l3jXqw=
Subject key identifier: 74:9F:8E:8C:35:9D:EC:7C:19:98:BC:78:C2:B3:83:4C:D5:90:AF:21
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 3CF9741644F13448010DFF75A7CDCFA0E15140BC
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203239353338.roa
Signing time: Fri 15 Nov 2024 15:43:28 +0000
ROA not before: Fri 15 Nov 2024 15:38:28 +0000
ROA not after: Fri 14 Nov 2025 15:43:28 +0000
asID: 29538
IP address blocks: 212.24.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:f9:74:16:44:f1:34:48:01:0d:ff:75:a7:cd:cf:a0:e1:51:40:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Nov 15 15:38:28 2024 GMT
Not After : Nov 14 15:43:28 2025 GMT
Subject: CN=749F8E8C359DEC7C1998BC78C2B3834CD590AF21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:62:d1:06:8b:5a:55:e9:46:bc:6a:b0:46:
ae:79:6e:9b:46:2e:2f:fc:1c:7f:7d:ac:f2:f9:7e:
9a:8e:61:ee:48:8c:fc:74:a1:8f:f5:74:09:a0:73:
81:f1:d4:e4:c3:99:b1:90:ef:06:da:b6:6f:19:a6:
da:e7:4f:27:5f:8e:53:79:90:a8:50:e6:a2:47:80:
1d:fc:4c:3f:44:91:27:e3:da:93:58:58:bd:84:b4:
da:e4:e9:b2:1f:57:03:77:a9:9a:57:44:20:70:3a:
10:3e:0a:bf:fc:35:36:3c:b8:05:08:88:a1:c8:dd:
ba:a8:27:9b:60:b6:ff:fc:d1:88:07:cb:90:23:9d:
6f:28:1a:bc:57:88:bd:82:52:26:6b:04:07:47:40:
85:a9:77:9c:94:78:f6:92:f2:99:cd:b5:68:cc:ac:
94:b7:70:cc:06:2d:68:2b:93:9d:49:2e:c6:85:bf:
e3:6a:43:35:ba:86:73:b4:20:67:85:c2:a9:67:6a:
bc:47:c3:35:c2:56:a5:fe:92:77:f1:29:fb:b5:e8:
e0:c4:81:1a:7c:02:fa:96:39:b3:da:1f:dd:e3:d2:
df:9b:6d:31:60:b8:57:39:60:2c:1e:96:fa:66:da:
8d:ca:f2:ab:14:3f:0f:5a:aa:ca:cc:54:76:77:a6:
9d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9F:8E:8C:35:9D:EC:7C:19:98:BC:78:C2:B3:83:4C:D5:90:AF:21
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e203239353338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.127.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9c:e1:13:d1:f8:a9:d8:dc:5d:16:6d:b1:08:cc:c4:fd:fa:
79:ac:87:97:56:f1:ae:a3:9b:c1:18:63:3a:d4:f1:e3:d3:d1:
dc:50:fb:4d:22:f5:ae:20:6d:9e:22:5e:0d:fc:92:43:a4:47:
b2:2c:df:54:02:8e:54:eb:5a:75:e5:41:b9:6e:0c:1c:40:dd:
72:70:aa:32:9d:0f:44:95:ac:3a:12:2a:10:48:83:86:fb:8b:
35:44:7f:07:de:d3:d7:49:5f:de:5c:cb:8b:0c:ca:8e:29:e1:
58:d6:b0:a1:20:b9:e0:6d:25:32:4c:b0:54:88:30:13:dd:db:
32:d5:84:9b:41:b9:ed:e8:4f:62:f7:fb:88:71:99:70:05:40:
52:9e:2c:1e:ea:3f:21:a1:67:f7:da:cd:40:84:a0:91:90:26:
5e:de:5c:99:be:29:7d:64:13:01:48:6e:e4:19:52:c1:e1:57:
82:06:c6:62:66:35:ad:5a:71:3c:cb:2c:1f:6f:29:72:29:d9:
6e:8d:c6:dd:d3:dc:52:0b:19:69:18:a2:67:39:84:d3:a0:76:
1b:89:6c:b4:1f:89:95:56:d3:d1:e6:95:d1:06:11:bd:6a:c8:
38:83:ce:34:7d:68:5d:3b:ac:3b:53:a2:13:57:c8:d2:b5:cc:
67:2f:72:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPPl0FkTxNEgBDf91p83PoOFRQLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDExMTUxNTM4MjhaFw0yNTExMTQxNTQzMjhaMDMxMTAvBgNV
BAMTKDc0OUY4RThDMzU5REVDN0MxOTk4QkM3OEMyQjM4MzRDRDU5MEFGMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz3mLRBotaVelGvGqwRq55bptG
Li/8HH99rPL5fpqOYe5IjPx0oY/1dAmgc4Hx1OTDmbGQ7wbatm8ZptrnTydfjlN5
kKhQ5qJHgB38TD9EkSfj2pNYWL2EtNrk6bIfVwN3qZpXRCBwOhA+Cr/8NTY8uAUI
iKHI3bqoJ5tgtv/80YgHy5AjnW8oGrxXiL2CUiZrBAdHQIWpd5yUePaS8pnNtWjM
rJS3cMwGLWgrk51JLsaFv+NqQzW6hnO0IGeFwqlnarxHwzXCVqX+knfxKfu16ODE
gRp8AvqWObPaH93j0t+bbTFguFc5YCwelvpm2o3K8qsUPw9aqsrMVHZ3pp2HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdJ+OjDWd7HwZmLx4wrODTNWQryEwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMjM0MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzUzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Bh/MA0GCSqGSIb3DQEBCwUAA4IBAQCQnOET0fip2NxdFm2xCMzE/fp5rIeXVvGu
o5vBGGM61PHj09HcUPtNIvWuIG2eIl4N/JJDpEeyLN9UAo5U61p15UG5bgwcQN1y
cKoynQ9Elaw6EioQSIOG+4s1RH8H3tPXSV/eXMuLDMqOKeFY1rChILngbSUyTLBU
iDAT3dsy1YSbQbnt6E9i9/uIcZlwBUBSniwe6j8hoWf32s1AhKCRkCZe3lyZvil9
ZBMBSG7kGVLB4VeCBsZiZjWtWnE8yywfbylyKdlujcbd09xSCxlpGKJnOYTToHYb
iWy0H4mVVtPR5pXRBhG9asg4g840fWhdO6w7U6ITV8jStcxnL3Kn
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org