Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
File: 3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: WmujyuTcGJV5Jhy3p9Ndv+esxwr3EYsTPTW15wpSijM=
Subject key identifier: CE:AF:EA:0C:1B:B2:29:58:AC:0F:D1:56:F2:10:C1:41:70:D2:3B:F1
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3EBAC039E6661B634A1905BC06D38B6A6D716BEF
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 30 Jul 2024 14:04:27 +0000
ROA not before: Tue 30 Jul 2024 13:59:27 +0000
ROA not after: Tue 29 Jul 2025 14:04:27 +0000
asID: 209854
IP address blocks: 176.227.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:ba:c0:39:e6:66:1b:63:4a:19:05:bc:06:d3:8b:6a:6d:71:6b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jul 30 13:59:27 2024 GMT
Not After : Jul 29 14:04:27 2025 GMT
Subject: CN=CEAFEA0C1BB22958AC0FD156F210C14170D23BF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:26:7e:90:b4:1f:0a:df:3d:ab:5c:95:df:8b:
a8:e0:b8:a4:53:53:87:21:71:bc:4a:3b:98:e6:aa:
b2:56:82:73:f7:17:41:42:f6:3d:33:50:ea:bb:f2:
2f:22:43:3b:49:44:06:f4:d1:df:02:82:19:bd:2b:
e1:f9:ab:45:2b:9a:e6:e0:a7:10:a0:81:42:aa:32:
11:66:27:69:de:38:52:27:56:4c:62:4b:dc:9b:a7:
dc:7f:52:d9:14:c2:e1:7c:bd:95:d0:21:e2:52:f0:
4d:92:ff:aa:69:bf:fe:3c:ea:84:35:c0:45:c5:c9:
d9:87:67:e1:c8:6a:44:79:4e:3b:13:bd:fe:24:9b:
2c:1c:db:7e:04:66:46:f2:68:b5:61:34:48:43:fc:
7b:29:2c:6a:ed:94:9f:26:ec:5f:ec:9f:87:2e:ec:
58:39:d5:99:0b:e4:0e:38:26:b6:10:0f:91:a5:39:
f0:d2:e0:0b:c1:ad:dd:4b:c5:2a:5c:8b:a2:e4:08:
9b:e0:9d:23:f5:49:24:12:78:e3:00:1f:7f:a3:63:
ab:fd:19:b0:6b:ef:01:c5:24:00:6d:97:1a:e5:45:
c1:24:18:cb:2d:79:52:44:2c:60:57:1d:14:42:b6:
86:26:7a:85:13:f9:7b:8a:73:cf:64:67:b3:8f:dc:
30:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AF:EA:0C:1B:B2:29:58:AC:0F:D1:56:F2:10:C1:41:70:D2:3B:F1
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3137362e3232372e3234312e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.241.0/24
Signature Algorithm: sha256WithRSAEncryption
09:14:22:23:1d:5e:1d:0e:8c:3f:fa:a9:e2:f9:24:d5:ec:64:
ac:53:4a:07:cb:c0:76:f6:04:0f:15:a7:ba:b2:08:d0:1a:91:
a3:f1:88:72:aa:86:1b:14:1b:82:81:2a:df:20:ec:73:90:82:
04:a1:4d:ba:04:3f:5b:7c:82:3d:b4:67:84:94:ee:29:aa:3e:
09:f1:70:b3:0f:f0:eb:fe:2a:b0:9d:31:46:db:b9:b0:0b:75:
41:84:41:00:15:55:0f:cf:d1:bb:cf:88:ab:14:85:17:d4:36:
df:9b:83:2e:5d:11:3a:1e:15:a9:d4:e4:f7:b9:c0:89:e6:9f:
35:ae:8d:7e:7f:45:60:86:bd:61:1f:ca:d1:8a:09:01:a5:c1:
ab:96:7c:14:bc:26:e7:9a:a8:62:44:ec:92:f7:14:85:57:93:
f3:e9:0d:54:ad:29:d7:76:59:da:8b:b3:dc:5c:8e:23:d5:18:
e8:1e:f4:8c:b1:64:fd:37:cd:3c:dd:3c:c3:71:fa:94:d9:85:
f5:0f:ad:60:fc:c5:f6:44:47:ca:1c:fe:2f:35:06:d1:72:ee:
fd:73:f5:36:cc:9c:fe:c8:d2:e0:88:e0:04:f4:38:1d:13:6f:
a2:d6:82:e8:e6:e8:37:c4:18:c8:46:23:65:aa:d0:7f:39:c5:
66:ea:56:b9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPrrAOeZmG2NKGQW8BtOLam1xa+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA3MzAxMzU5MjdaFw0yNTA3MjkxNDA0MjdaMDMxMTAvBgNV
BAMTKENFQUZFQTBDMUJCMjI5NThBQzBGRDE1NkYyMTBDMTQxNzBEMjNCRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnJn6QtB8K3z2rXJXfi6jguKRT
U4chcbxKO5jmqrJWgnP3F0FC9j0zUOq78i8iQztJRAb00d8Cghm9K+H5q0Urmubg
pxCggUKqMhFmJ2neOFInVkxiS9ybp9x/UtkUwuF8vZXQIeJS8E2S/6ppv/486oQ1
wEXFydmHZ+HIakR5TjsTvf4kmywc234EZkbyaLVhNEhD/HspLGrtlJ8m7F/sn4cu
7Fg51ZkL5A44JrYQD5GlOfDS4AvBrd1LxSpci6LkCJvgnSP1SSQSeOMAH3+jY6v9
GbBr7wHFJABtlxrlRcEkGMsteVJELGBXHRRCtoYmeoUT+XuKc89kZ7OP3DCFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzq/qDBuyKVisD9FW8hDBQXDSO/EwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzNzM2MmUzMjMyMzcyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALDj8TANBgkqhkiG9w0BAQsFAAOCAQEACRQiIx1eHQ6MP/qp4vkk1exkrFNK
B8vAdvYEDxWnurII0BqRo/GIcqqGGxQbgoEq3yDsc5CCBKFNugQ/W3yCPbRnhJTu
Kao+CfFwsw/w6/4qsJ0xRtu5sAt1QYRBABVVD8/Ru8+IqxSFF9Q235uDLl0ROh4V
qdTk97nAieafNa6Nfn9FYIa9YR/K0YoJAaXBq5Z8FLwm55qoYkTskvcUhVeT8+kN
VK0p13ZZ2ouz3FyOI9UY6B70jLFk/TfNPN08w3H6lNmF9Q+tYPzF9kRHyhz+LzUG
0XLu/XP1Nsyc/sjS4IjgBPQ4HRNvotaC6OboN8QYyEYjZarQfznFZupWuQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org