Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3135312e3231362e34342e302f32342d3234203d3e20323131323836.roa
File: 3135312e3231362e34342e302f32342d3234203d3e20323131323836.roa (raw, json)
Hash identifier: 2x8izybOlAqRmjJIibRt/pH31uos/466Afkgnq3wGcQ=
Subject key identifier: 8D:44:11:6B:8B:8C:44:E7:05:FC:C0:63:B9:68:4F:24:BE:74:09:E8
Certificate issuer: /CN=0839a93dab544c296ffa143456844a8b2818b1d0
Certificate serial: 41AD55D7DD323409B6581FA9C6B0A0CAE63C92C1
Authority key identifier: 08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3135312e3231362e34342e302f32342d3234203d3e20323131323836.roa
Signing time: Mon 02 Sep 2024 11:59:46 +0000
ROA not before: Mon 02 Sep 2024 11:54:46 +0000
ROA not after: Mon 01 Sep 2025 11:59:46 +0000
asID: 211286
IP address blocks: 151.216.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ad:55:d7:dd:32:34:09:b6:58:1f:a9:c6:b0:a0:ca:e6:3c:92:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0839a93dab544c296ffa143456844a8b2818b1d0
Validity
Not Before: Sep 2 11:54:46 2024 GMT
Not After : Sep 1 11:59:46 2025 GMT
Subject: CN=8D44116B8B8C44E705FCC063B9684F24BE7409E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:d8:67:f8:6a:65:8c:38:ec:97:e1:be:72:
79:0b:6c:95:c0:fb:d4:48:79:33:9e:c3:8c:f8:1e:
ad:8e:68:0d:93:5b:6d:89:3d:57:99:35:6e:f1:be:
07:3a:fe:c6:99:ad:bf:07:89:a5:22:4a:88:fd:b2:
6f:15:57:67:20:11:ae:51:c4:c5:f3:51:85:b1:0b:
53:2b:6f:39:09:cd:3f:b6:a5:d4:62:78:5d:02:1e:
92:b1:61:9d:1b:f6:34:b1:1c:5c:34:37:8f:a1:48:
ee:e0:3c:62:a3:b0:b8:8b:c7:c4:3d:d1:59:69:f3:
f1:bc:a3:fb:84:bd:a5:5b:cc:a8:5f:69:6b:5c:f9:
e0:bf:c9:e1:71:18:26:e0:11:df:6f:2c:cd:8d:b6:
be:24:cf:e9:c3:bb:fd:33:b4:d5:43:5c:d2:ac:ec:
75:e9:43:ac:eb:a4:8e:e5:b7:04:a3:b0:14:5f:5d:
38:9d:2f:30:66:02:2f:0f:8f:f8:db:bc:2f:b2:59:
a3:d6:7f:30:bf:08:a0:98:68:ab:57:c6:09:b6:fe:
5d:1f:a3:9f:5d:60:d0:18:27:8f:ae:a3:92:f7:b4:
01:a4:f9:a8:d0:57:5f:49:4b:9f:74:64:91:4b:9c:
5e:24:c7:1d:44:71:28:b5:46:c2:ff:84:c2:9c:20:
41:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:44:11:6B:8B:8C:44:E7:05:FC:C0:63:B9:68:4F:24:BE:74:09:E8
X509v3 Authority Key Identifier:
keyid:08:39:A9:3D:AB:54:4C:29:6F:FA:14:34:56:84:4A:8B:28:18:B1:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/3135312e3231362e34342e302f32342d3234203d3e20323131323836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.216.44.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e6:4a:ff:e3:c4:8e:fe:1a:7a:b1:0f:78:d9:cd:33:e3:58:
b3:14:d3:79:46:65:40:d3:28:ad:fb:6e:71:ea:34:bf:d4:e6:
c9:43:bc:6b:87:4e:e8:90:84:08:a8:ec:e7:03:73:72:dd:c0:
58:5a:dd:08:58:8c:53:4f:47:1c:5d:d6:a7:7e:09:6b:b7:a8:
e2:fd:44:19:bc:a8:ba:30:e8:ca:38:96:49:f1:2f:f3:3f:1d:
81:d5:5a:a2:94:4e:28:83:94:f7:ae:a5:c3:38:96:c8:a0:1b:
bc:38:7c:fe:12:16:33:26:54:14:31:d2:ca:02:46:30:cf:17:
de:3f:2c:18:ca:dc:4b:71:ad:43:b2:f1:ed:5a:41:ff:75:a1:
09:2c:b9:94:50:fd:f2:20:3d:78:43:60:de:ff:fa:a1:3f:ec:
b9:11:4c:43:ab:48:2a:92:9d:8e:70:6c:09:23:22:65:06:f3:
38:37:b1:a6:a9:00:c9:fb:27:8a:65:c8:92:42:bc:d9:39:ff:
99:25:f1:0a:fe:f5:b1:46:a5:87:0e:57:6c:b8:6c:5d:9b:30:
25:ce:5f:44:d3:63:4f:47:05:de:29:d9:0f:61:57:6b:be:32:
ac:72:2d:8b:7f:a8:ca:6f:c0:59:7a:fd:31:44:1e:2a:77:38:
50:d4:29:56
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQa1V190yNAm2WB+pxrCgyuY8ksEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDgzOWE5M2RhYjU0NGMyOTZmZmExNDM0NTY4NDRhOGIy
ODE4YjFkMDAeFw0yNDA5MDIxMTU0NDZaFw0yNTA5MDExMTU5NDZaMDMxMTAvBgNV
BAMTKDhENDQxMTZCOEI4QzQ0RTcwNUZDQzA2M0I5Njg0RjI0QkU3NDA5RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv99hn+GpljDjsl+G+cnkLbJXA
+9RIeTOew4z4Hq2OaA2TW22JPVeZNW7xvgc6/saZrb8HiaUiSoj9sm8VV2cgEa5R
xMXzUYWxC1MrbzkJzT+2pdRieF0CHpKxYZ0b9jSxHFw0N4+hSO7gPGKjsLiLx8Q9
0Vlp8/G8o/uEvaVbzKhfaWtc+eC/yeFxGCbgEd9vLM2Ntr4kz+nDu/0ztNVDXNKs
7HXpQ6zrpI7ltwSjsBRfXTidLzBmAi8Pj/jbvC+yWaPWfzC/CKCYaKtXxgm2/l0f
o59dYNAYJ4+uo5L3tAGk+ajQV19JS590ZJFLnF4kxx1EcSi1RsL/hMKcIEGbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjUQRa4uMROcF/MBjuWhPJL50CegwHwYDVR0j
BBgwFoAUCDmpPatUTClv+hQ0VoRKiygYsdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGRlODM3ZmItNjM5MC00MWI1LTgyYTAtZjBkMDJjMDNh
MmM2LzcvMDgzOUE5M0RBQjU0NEMyOTZGRkExNDM0NTY4NDRBOEIyODE4QjFEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NEbXBQYXRVVENsdi1oUTBWb1JLaXln
WXNkQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGRlODM3ZmIt
NjM5MC00MWI1LTgyYTAtZjBkMDJjMDNhMmM2LzcvMzEzNTMxMmUzMjMxMzYyZTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMjM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACX2CwwDQYJKoZIhvcNAQELBQADggEBAI/mSv/jxI7+GnqxD3jZzTPjWLMU03lG
ZUDTKK37bnHqNL/U5slDvGuHTuiQhAio7OcDc3LdwFha3QhYjFNPRxxd1qd+CWu3
qOL9RBm8qLow6Mo4lknxL/M/HYHVWqKUTiiDlPeupcM4lsigG7w4fP4SFjMmVBQx
0soCRjDPF94/LBjK3EtxrUOy8e1aQf91oQksuZRQ/fIgPXhDYN7/+qE/7LkRTEOr
SCqSnY5wbAkjImUG8zg3saapAMn7J4plyJJCvNk5/5kl8Qr+9bFGpYcOV2y4bF2b
MCXOX0TTY09HBd4p2Q9hV2u+MqxyLYt/qMpvwFl6/TFEHip3OFDUKVY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:06:10 2024 by rpki-client on console-fra.rpki-client.org