Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e20313939303538.roa
File: 3231332e352e3132382e302f32342d3234203d3e20313939303538.roa (raw, json)
Hash identifier: SSud8t3KKHalWdE+mUUMbvPhl3XLTRW/1sSDsjx9Cpk=
Subject key identifier: BF:5E:86:29:93:DF:00:9C:37:6C:25:98:4D:79:36:88:90:1E:27:AB
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 29C8DD50C6AC3C6A6D9593B768AE23884DF1DB57
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e20313939303538.roa
Signing time: Thu 05 Sep 2024 07:36:08 +0000
ROA not before: Thu 05 Sep 2024 07:31:08 +0000
ROA not after: Thu 04 Sep 2025 07:36:08 +0000
asID: 199058
IP address blocks: 213.5.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c8:dd:50:c6:ac:3c:6a:6d:95:93:b7:68:ae:23:88:4d:f1:db:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Sep 5 07:31:08 2024 GMT
Not After : Sep 4 07:36:08 2025 GMT
Subject: CN=BF5E862993DF009C376C25984D793688901E27AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bc:32:9d:54:65:97:c0:ca:e9:6b:f6:00:25:
ba:30:82:b0:16:80:d5:ec:76:5d:a5:c3:3f:57:ec:
48:96:0e:0c:47:81:fe:02:27:e6:93:b1:f5:ee:cf:
1d:2b:e2:a4:ae:af:78:17:2a:1e:04:c1:b8:01:d6:
0f:bd:92:06:b5:f3:0d:e0:88:34:32:5f:9a:8a:f0:
98:64:ef:c4:05:3e:89:cf:da:4f:bc:79:8e:e7:aa:
74:50:d8:af:4a:40:61:be:11:30:eb:90:5a:97:3b:
5e:ff:7b:7e:5e:b0:6c:b0:c7:f5:5b:b8:56:ed:2b:
f0:e9:55:e3:8e:dd:fc:c2:6e:02:74:86:9a:91:9a:
ea:6a:b7:94:18:80:63:e0:27:b1:4d:fe:71:2f:d1:
2c:f0:d8:46:84:6d:a5:62:6c:53:8e:cd:dd:2f:af:
f2:e9:bb:9d:a0:55:13:31:59:95:60:1c:10:a5:bf:
70:7f:7f:47:18:3f:97:8f:d7:6a:60:89:01:12:ed:
24:bc:68:f6:c9:d0:fc:10:c2:e9:37:1e:e5:6c:af:
c2:ca:b2:73:68:21:ae:6a:0b:bb:31:63:e3:a0:c0:
eb:f8:d9:ac:a4:b4:66:2c:66:78:bc:16:5f:92:cc:
22:a0:81:91:0e:ea:f2:7c:16:61:c0:55:9d:5a:d1:
0f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5E:86:29:93:DF:00:9C:37:6C:25:98:4D:79:36:88:90:1E:27:AB
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e20313939303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.128.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d6:76:a5:31:05:c5:da:03:97:c7:cf:25:e5:af:94:37:5e:
46:bb:6f:7a:96:2f:7b:fe:28:34:2b:9e:55:b5:c1:13:87:fe:
d1:11:5e:ed:82:cd:97:99:44:35:6c:db:72:b7:6e:86:7c:8a:
89:37:8f:fe:1c:a0:b4:e3:e5:f8:2e:71:40:ba:ba:50:2a:b5:
6c:13:fb:5f:f2:0c:2b:a0:45:30:93:20:24:4d:97:f0:2d:2d:
33:3e:53:37:ad:0b:22:28:98:09:ae:77:34:17:fa:a4:55:98:
bd:47:c4:32:42:aa:37:be:36:eb:d9:07:0f:77:6c:58:df:b4:
9e:bf:cd:ab:29:48:f1:c0:2b:5a:1f:a3:34:f8:7a:85:aa:b4:
59:69:d1:b0:a6:ab:02:01:7b:5a:3f:7d:7b:58:bf:dc:b6:c9:
b0:d0:e9:62:b9:d8:d4:7d:c6:ac:6f:e6:21:40:82:e4:32:e2:
1c:9d:43:3d:63:b4:b1:f9:dc:fe:02:e4:f9:7b:0c:4c:aa:a9:
e8:0e:12:ff:fb:7f:bf:bb:98:ce:c4:45:a9:ff:aa:85:39:1e:
09:52:5d:44:bc:8f:4a:9b:a8:53:ae:a3:db:51:25:63:c4:5d:
72:d8:ea:9d:81:ad:7b:3e:94:3c:2f:ed:a6:13:37:60:1e:1e:
78:2e:f0:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKcjdUMasPGptlZO3aK4jiE3x21cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA5MDUwNzMxMDhaFw0yNTA5MDQwNzM2MDhaMDMxMTAvBgNV
BAMTKEJGNUU4NjI5OTNERjAwOUMzNzZDMjU5ODRENzkzNjg4OTAxRTI3QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzvDKdVGWXwMrpa/YAJbowgrAW
gNXsdl2lwz9X7EiWDgxHgf4CJ+aTsfXuzx0r4qSur3gXKh4EwbgB1g+9kga18w3g
iDQyX5qK8Jhk78QFPonP2k+8eY7nqnRQ2K9KQGG+ETDrkFqXO17/e35esGywx/Vb
uFbtK/DpVeOO3fzCbgJ0hpqRmupqt5QYgGPgJ7FN/nEv0Szw2EaEbaVibFOOzd0v
r/Lpu52gVRMxWZVgHBClv3B/f0cYP5eP12pgiQES7SS8aPbJ0PwQwuk3HuVsr8LK
snNoIa5qC7sxY+OgwOv42ayktGYsZni8Fl+SzCKggZEO6vJ8FmHAVZ1a0Q9FAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUv16GKZPfAJw3bCWYTXk2iJAeJ6swHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMzMmUzNTJlMzEzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM5MzAzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1QWAMA0GCSqGSIb3DQEBCwUAA4IBAQAY1nalMQXF2gOXx88l5a+UN15Gu296li97
/ig0K55VtcETh/7REV7tgs2XmUQ1bNtyt26GfIqJN4/+HKC04+X4LnFAurpQKrVs
E/tf8gwroEUwkyAkTZfwLS0zPlM3rQsiKJgJrnc0F/qkVZi9R8QyQqo3vjbr2QcP
d2xY37Sev82rKUjxwCtaH6M0+HqFqrRZadGwpqsCAXtaP317WL/ctsmw0OliudjU
fcasb+YhQILkMuIcnUM9Y7Sx+dz+AuT5ewxMqqnoDhL/+3+/u5jOxEWp/6qFOR4J
Ul1EvI9Km6hTrqPbUSVjxF1y2Oqdga17PpQ8L+2mEzdgHh54LvBs
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:59:20 2024 by rpki-client on console-fra.rpki-client.org