Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e203437343336.roa
File: 33312e362e31332e302f32342d3234203d3e203437343336.roa (raw, json)
Hash identifier: GihQeqK74UybrcqQi3rl0dT8nFQybEShntS1BJO3XGQ=
Subject key identifier: FA:5B:D9:E7:87:72:C6:29:C0:C2:B5:AE:66:F6:06:16:0A:55:2D:95
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 173744517E62A4B6FFBCA7751A39B649A857D9A7
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e203437343336.roa
Signing time: Wed 08 May 2024 13:47:13 +0000
ROA not before: Wed 08 May 2024 13:42:13 +0000
ROA not after: Wed 07 May 2025 13:47:13 +0000
asID: 47436
IP address blocks: 31.6.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:37:44:51:7e:62:a4:b6:ff:bc:a7:75:1a:39:b6:49:a8:57:d9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: May 8 13:42:13 2024 GMT
Not After : May 7 13:47:13 2025 GMT
Subject: CN=FA5BD9E78772C629C0C2B5AE66F606160A552D95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:c3:fd:cf:0b:6f:01:87:be:a8:f9:60:db:
6d:05:23:8d:23:58:cd:81:38:e4:66:76:f6:04:48:
9d:e0:0d:b5:34:ca:aa:c5:6f:30:63:25:75:ff:82:
10:3f:0b:6f:c5:63:17:62:6b:c8:15:fb:77:e2:e8:
80:de:65:4d:9a:2e:ce:5c:74:8a:b3:8d:43:b2:d8:
97:7e:ad:c0:64:a8:52:0f:fe:95:c4:5f:32:21:16:
cf:20:e2:69:6f:26:14:04:c3:70:5e:ff:a0:c7:14:
8c:63:da:ed:23:f6:c5:b4:b0:d2:76:75:49:0c:5d:
2f:03:73:f7:6e:05:55:5d:b9:54:a3:96:dd:61:8f:
e1:43:8f:6e:f9:e9:45:bd:88:1c:5f:17:5e:62:9f:
85:72:89:84:64:f9:99:71:f1:11:e8:1d:6b:73:a8:
5e:ed:e4:be:8d:27:53:f4:af:89:83:e5:d2:52:46:
44:8e:11:39:16:31:6e:ec:b9:22:ba:62:f8:ff:bd:
f6:05:0e:da:62:80:c1:04:7e:61:da:13:bd:10:cc:
c4:1e:ff:5b:e1:1c:1d:44:e3:24:5f:d3:78:86:0b:
48:6c:fb:64:f2:65:e0:e6:87:72:66:e6:58:f1:ef:
1b:d2:ea:b7:6c:d3:ca:cd:d2:3c:eb:67:99:ab:6e:
5b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5B:D9:E7:87:72:C6:29:C0:C2:B5:AE:66:F6:06:16:0A:55:2D:95
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31332e302f32342d3234203d3e203437343336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.13.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:8e:ad:2c:21:66:c9:ec:87:56:53:3a:c8:1d:ec:ad:e7:40:
be:b4:12:ea:a2:f7:a3:99:76:b1:84:a0:23:03:ba:11:98:2c:
c1:6f:0c:2d:53:5e:b0:53:c5:48:34:2c:eb:11:00:0e:14:0c:
1e:0a:f8:a8:45:4a:fb:ca:a6:f7:04:29:52:cd:3b:4a:27:1c:
70:21:e2:07:b7:c9:9c:db:2d:20:06:eb:4c:c4:9e:95:61:b5:
e5:9c:da:aa:d9:27:84:b1:26:81:d7:f9:50:10:0f:f5:26:f0:
9a:30:95:9d:ff:4d:fb:0e:68:ba:93:6d:fe:04:25:c2:76:f6:
05:69:d0:68:26:e5:97:1e:e8:f7:1c:8a:bb:e1:e1:5c:71:5d:
81:18:72:1c:5a:99:86:0b:bd:07:28:52:98:17:29:9c:8c:51:
9b:da:36:03:6b:f9:d0:ac:d1:13:f2:c5:ba:a4:7e:f6:c4:d1:
e5:e2:05:7f:6a:c3:a1:c2:3e:45:df:86:38:18:0d:49:d3:d6:
00:ed:d8:43:90:cb:c1:88:bb:62:9e:b9:5c:fa:73:5e:6d:79:
29:ff:ce:1d:5d:d5:a7:44:72:97:22:f9:04:72:91:92:e4:e7:
a4:9a:3b:62:2c:24:1d:97:23:b9:3c:fd:0b:8f:df:14:2d:f6:
62:df:4b:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUFzdEUX5ipLb/vKd1Gjm2SahX2acwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDA1MDgxMzQyMTNaFw0yNTA1MDcxMzQ3MTNaMDMxMTAvBgNV
BAMTKEZBNUJEOUU3ODc3MkM2MjlDMEMyQjVBRTY2RjYwNjE2MEE1NTJEOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmEcP9zwtvAYe+qPlg220FI40j
WM2BOORmdvYESJ3gDbU0yqrFbzBjJXX/ghA/C2/FYxdia8gV+3fi6IDeZU2aLs5c
dIqzjUOy2Jd+rcBkqFIP/pXEXzIhFs8g4mlvJhQEw3Be/6DHFIxj2u0j9sW0sNJ2
dUkMXS8Dc/duBVVduVSjlt1hj+FDj2756UW9iBxfF15in4VyiYRk+Zlx8RHoHWtz
qF7t5L6NJ1P0r4mD5dJSRkSOETkWMW7suSK6Yvj/vfYFDtpigMEEfmHaE70QzMQe
/1vhHB1E4yRf03iGC0hs+2TyZeDmh3Jm5ljx7xvS6rds08rN0jzrZ5mrblsvAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU+lvZ54dyxinAwrWuZvYGFgpVLZUwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMxMzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzQzMzM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYNMA0G
CSqGSIb3DQEBCwUAA4IBAQB9jq0sIWbJ7IdWUzrIHeyt50C+tBLqovejmXaxhKAj
A7oRmCzBbwwtU16wU8VINCzrEQAOFAweCvioRUr7yqb3BClSzTtKJxxwIeIHt8mc
2y0gButMxJ6VYbXlnNqq2SeEsSaB1/lQEA/1JvCaMJWd/037Dmi6k23+BCXCdvYF
adBoJuWXHuj3HIq74eFccV2BGHIcWpmGC70HKFKYFymcjFGb2jYDa/nQrNET8sW6
pH72xNHl4gV/asOhwj5F34Y4GA1J09YA7dhDkMvBiLtinrlc+nNebXkp/84dXdWn
RHKXIvkEcpGS5OekmjtiLCQdlyO5PP0Lj98ULfZi30uo
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:02:33 2024 by rpki-client on console-ams.rpki-client.org