Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34312e302f32342d3234203d3e203232333633.roa
File: 33312e362e34312e302f32342d3234203d3e203232333633.roa (raw, json)
Hash identifier: PzzPfDAXqpJICDPw3sKqmTBk+6yTbn0OU/2PQFo+UkI=
Subject key identifier: 38:EF:3D:AA:3D:1A:84:16:8A:24:DC:2D:71:00:DC:B5:00:83:0A:C7
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 0CBF5C60164AD6B4997C23587FC14EC2A0851EDB
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34312e302f32342d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:22:15 +0000
ROA not before: Mon 02 Oct 2023 05:17:15 +0000
ROA not after: Mon 30 Sep 2024 05:22:15 +0000
asID: 22363
IP address blocks: 31.6.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:bf:5c:60:16:4a:d6:b4:99:7c:23:58:7f:c1:4e:c2:a0:85:1e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:17:15 2023 GMT
Not After : Sep 30 05:22:15 2024 GMT
Subject: CN=38EF3DAA3D1A84168A24DC2D7100DCB500830AC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:96:72:3b:c2:b7:eb:b7:cb:71:5d:b9:81:9f:
51:7e:c6:fb:c3:c1:fc:e0:ef:20:36:6e:f3:99:29:
1f:fc:c8:5c:59:0c:50:50:7f:4d:3f:56:50:f6:ef:
22:0b:63:21:05:b3:2c:69:2a:64:66:87:22:40:66:
d1:bc:34:bf:a2:46:01:9b:00:0f:25:af:c1:76:c9:
44:23:23:30:b4:27:ea:34:00:67:07:87:72:05:58:
f3:82:00:ef:72:da:96:34:61:99:97:6f:79:fa:c9:
c9:90:3c:4d:98:b1:e8:d8:38:6e:a5:50:59:ca:a1:
f1:ce:fa:18:12:cc:20:ca:08:83:b3:1d:a6:a6:82:
03:ff:fa:ac:2c:ab:5d:61:b9:f7:ee:6c:1c:3c:a2:
d0:fe:0f:4d:ea:e0:23:a2:40:ca:e2:89:c1:65:9d:
e0:c3:90:a1:74:57:25:4c:7e:9b:41:20:12:63:3c:
9d:5a:de:ce:25:84:46:b9:dd:a3:b7:a5:52:6e:79:
b3:ca:a1:e3:1f:9a:36:03:48:4b:5b:c0:56:72:15:
1e:c5:34:01:f1:d1:e2:85:57:aa:76:cb:51:6f:0e:
59:86:8d:25:9c:f9:42:13:30:14:75:c5:ab:ad:cb:
cf:ce:08:54:77:96:ed:bd:e4:bc:de:2d:93:9c:a7:
b1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EF:3D:AA:3D:1A:84:16:8A:24:DC:2D:71:00:DC:B5:00:83:0A:C7
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34312e302f32342d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.41.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4e:f8:80:2b:09:ce:72:35:14:25:1a:17:35:b6:1a:37:b2:
8c:58:7d:c4:01:af:df:cd:60:5b:f4:1c:66:f0:62:4c:ce:5a:
51:4f:8b:c4:4c:f5:42:84:67:4b:ca:fb:e1:de:56:6a:e6:62:
60:16:4d:8c:d0:3f:c6:59:54:cf:ed:f4:85:b2:dc:93:37:e0:
7a:34:d1:6c:19:3c:86:a0:fd:74:a9:f2:fa:58:a2:d2:17:15:
0e:fa:55:77:d4:91:a1:52:46:cf:67:3f:e7:b9:e9:d9:6c:9e:
97:60:a7:65:4f:1f:e2:91:b4:8d:24:c4:a0:87:7c:06:41:bb:
e1:27:c6:42:48:f6:10:9e:bc:0b:bf:74:c5:26:61:cc:b8:f7:
ac:ac:8b:89:9e:0c:7a:53:8a:30:7d:a7:ce:1f:47:b5:d4:74:
51:bb:1b:b0:ea:83:ac:1e:2d:ea:79:20:9b:15:7d:89:ac:00:
a3:cb:32:f1:6d:2a:f2:a6:36:82:1a:06:0e:c2:45:b0:ab:04:
96:4f:71:5e:66:22:ca:29:9f:0d:04:7a:66:0d:da:57:4a:f9:
b7:35:89:80:24:69:aa:f0:39:b5:f5:ea:24:14:2a:27:49:26:
3e:4a:40:e8:bf:5f:35:7f:a3:64:6f:f8:1f:29:70:1c:e1:a3:
cf:9d:df:8b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUDL9cYBZK1rSZfCNYf8FOwqCFHtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE3MTVaFw0yNDA5MzAwNTIyMTVaMDMxMTAvBgNV
BAMTKDM4RUYzREFBM0QxQTg0MTY4QTI0REMyRDcxMDBEQ0I1MDA4MzBBQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDylnI7wrfrt8txXbmBn1F+xvvD
wfzg7yA2bvOZKR/8yFxZDFBQf00/VlD27yILYyEFsyxpKmRmhyJAZtG8NL+iRgGb
AA8lr8F2yUQjIzC0J+o0AGcHh3IFWPOCAO9y2pY0YZmXb3n6ycmQPE2YsejYOG6l
UFnKofHO+hgSzCDKCIOzHaamggP/+qwsq11huffubBw8otD+D03q4COiQMriicFl
neDDkKF0VyVMfptBIBJjPJ1a3s4lhEa53aO3pVJuebPKoeMfmjYDSEtbwFZyFR7F
NAHx0eKFV6p2y1FvDlmGjSWc+UITMBR1xauty8/OCFR3lu295LzeLZOcp7G7AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUOO89qj0ahBaKJNwtcQDctQCDCscwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM0MzEyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzMzNjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYpMA0G
CSqGSIb3DQEBCwUAA4IBAQCNTviAKwnOcjUUJRoXNbYaN7KMWH3EAa/fzWBb9Bxm
8GJMzlpRT4vETPVChGdLyvvh3lZq5mJgFk2M0D/GWVTP7fSFstyTN+B6NNFsGTyG
oP10qfL6WKLSFxUO+lV31JGhUkbPZz/nuenZbJ6XYKdlTx/ikbSNJMSgh3wGQbvh
J8ZCSPYQnrwLv3TFJmHMuPesrIuJngx6U4owfafOH0e11HRRuxuw6oOsHi3qeSCb
FX2JrACjyzLxbSrypjaCGgYOwkWwqwSWT3FeZiLKKZ8NBHpmDdpXSvm3NYmAJGmq
8Dm19eokFConSSY+SkDov181f6Nkb/gfKXAc4aPPnd+L
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:49:43 2024 by rpki-client on console-ams.rpki-client.org