Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e2033323233.roa
File: 3231322e32342e3132372e302f32342d3234203d3e2033323233.roa (raw, json)
Hash identifier: isRTAAL3Mo9fbk3evy1FHWNVLVXWHce/DqtU+oMrtU0=
Subject key identifier: 29:02:19:BC:DF:9F:C4:91:E7:F1:BF:9A:E7:25:4F:E4:25:C0:34:B3
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 1AD3D940A69EE532434E26D98400DAE836071FC5
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e2033323233.roa
Signing time: Fri 15 Dec 2023 03:49:22 +0000
ROA not before: Fri 15 Dec 2023 03:44:22 +0000
ROA not after: Fri 13 Dec 2024 03:49:22 +0000
asID: 3223
IP address blocks: 212.24.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d3:d9:40:a6:9e:e5:32:43:4e:26:d9:84:00:da:e8:36:07:1f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Dec 15 03:44:22 2023 GMT
Not After : Dec 13 03:49:22 2024 GMT
Subject: CN=290219BCDF9FC491E7F1BF9AE7254FE425C034B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:33:22:94:2d:a0:67:0f:8c:c3:a8:30:80:a1:
42:c5:6e:6c:05:b1:2c:71:6f:43:2c:b9:2f:03:2d:
5b:78:ab:b0:e8:75:65:3f:31:27:1a:3c:40:fc:95:
9e:ea:18:81:a5:15:6f:7b:ab:3c:43:cd:2d:cb:e8:
5e:11:c4:95:f4:72:4f:d5:73:da:60:27:06:40:66:
d0:f7:1e:a8:57:c6:86:ae:be:16:9e:b3:cd:d6:1a:
8b:7b:55:23:b1:a6:f0:e7:00:31:9e:8c:92:d1:fc:
5b:4e:80:fd:e8:62:46:42:00:5f:b6:15:2b:45:e7:
02:fe:a7:27:57:eb:15:b6:80:dd:38:8c:65:28:8f:
2c:1e:62:4e:66:38:9e:90:8e:92:a2:f1:7b:48:76:
4f:d8:58:98:25:b6:b4:49:07:24:f9:e8:45:47:27:
b8:e3:9a:d2:c8:f8:2d:85:98:03:1e:e1:68:57:54:
11:20:84:91:44:64:0e:86:8f:52:b5:46:8d:ab:e0:
e6:59:6f:85:24:1c:42:b3:23:df:40:73:a9:25:d1:
ae:6e:cd:76:cd:10:97:f4:49:6e:88:17:3e:20:49:
10:76:8b:73:11:df:33:89:01:fc:e9:a6:4a:51:67:
04:c1:43:eb:54:a4:8a:12:84:3e:25:6e:f7:66:9a:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:02:19:BC:DF:9F:C4:91:E7:F1:BF:9A:E7:25:4F:E4:25:C0:34:B3
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e2033323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:66:9e:2e:43:98:cf:83:95:23:0e:ab:ce:35:7c:49:45:e6:
46:e2:05:d5:2b:e1:16:cc:06:f5:79:ba:28:39:0c:fa:f3:4f:
0a:f7:9b:b8:88:0b:33:4b:1d:48:0e:de:6f:78:c4:e5:ba:e3:
cb:a6:35:6d:cc:9d:31:62:3c:fc:76:db:9f:4d:9b:ef:3f:18:
d5:b0:f3:3e:b6:8f:66:33:e4:a0:97:36:bd:f6:bc:99:47:d7:
3d:9c:da:5e:d3:c0:0e:61:3b:e1:19:d9:85:1f:4f:1a:f9:a6:
9a:24:6d:a2:05:19:c0:c7:2a:d2:5a:4b:6a:58:f4:0a:6d:f9:
42:dc:55:bc:ad:f5:83:96:e1:c8:e6:de:d8:23:8c:8f:f4:f4:
2d:d0:12:5f:62:a0:ad:c2:2a:a9:02:bf:22:a8:6c:28:e0:fe:
c9:5c:91:6a:6b:61:c3:a9:e4:d5:fd:bd:02:be:42:f9:6d:c1:
ad:07:76:e6:88:29:1e:d9:04:cc:a9:24:09:b8:75:9a:4e:da:
c6:14:89:92:78:8f:1d:72:d3:bf:28:3f:35:06:78:58:4f:cc:
64:68:13:6c:18:de:4b:37:d5:11:db:84:e1:18:0d:72:18:93:
d9:eb:64:a2:a1:59:87:94:d7:7a:7f:8b:77:36:fe:ee:2b:4c:
6e:b9:6e:8e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGtPZQKae5TJDTibZhADa6DYHH8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yMzEyMTUwMzQ0MjJaFw0yNDEyMTMwMzQ5MjJaMDMxMTAvBgNV
BAMTKDI5MDIxOUJDREY5RkM0OTFFN0YxQkY5QUU3MjU0RkU0MjVDMDM0QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZMyKULaBnD4zDqDCAoULFbmwF
sSxxb0MsuS8DLVt4q7DodWU/MScaPED8lZ7qGIGlFW97qzxDzS3L6F4RxJX0ck/V
c9pgJwZAZtD3HqhXxoauvhaes83WGot7VSOxpvDnADGejJLR/FtOgP3oYkZCAF+2
FStF5wL+pydX6xW2gN04jGUojyweYk5mOJ6QjpKi8XtIdk/YWJgltrRJByT56EVH
J7jjmtLI+C2FmAMe4WhXVBEghJFEZA6Gj1K1Ro2r4OZZb4UkHEKzI99Ac6kl0a5u
zXbNEJf0SW6IFz4gSRB2i3MR3zOJAfzppkpRZwTBQ+tUpIoShD4lbvdmmodbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUKQIZvN+fxJHn8b+a5yVP5CXANLMwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMjM0MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzIzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQY
fzANBgkqhkiG9w0BAQsFAAOCAQEAHGaeLkOYz4OVIw6rzjV8SUXmRuIF1SvhFswG
9Xm6KDkM+vNPCvebuIgLM0sdSA7eb3jE5brjy6Y1bcydMWI8/Hbbn02b7z8Y1bDz
PraPZjPkoJc2vfa8mUfXPZzaXtPADmE74RnZhR9PGvmmmiRtogUZwMcq0lpLalj0
Cm35QtxVvK31g5bhyObe2COMj/T0LdASX2KgrcIqqQK/IqhsKOD+yVyRamthw6nk
1f29Ar5C+W3BrQd25ogpHtkEzKkkCbh1mk7axhSJkniPHXLTvyg/NQZ4WE/MZGgT
bBjeSzfVEduE4RgNchiT2etkoqFZh5TXen+Ldzb+7itMbrlujg==
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:37:36 2024 by rpki-client on console-ams.rpki-client.org