Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35382e302f32342d3234203d3e203232333633.roa
File: 33312e362e35382e302f32342d3234203d3e203232333633.roa (raw, json)
Hash identifier: QvXQtSbcf0pyN3Shk8ewJE9ED4cioWl6cf74uTap+FM=
Subject key identifier: CC:C5:05:37:E9:1B:C5:F8:36:6A:F2:EE:75:13:B9:25:3C:94:4F:50
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 45D77EB667B4041ED402B8A8D99D8FD7C9544CDE
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35382e302f32342d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:22:11 +0000
ROA not before: Mon 02 Oct 2023 05:17:11 +0000
ROA not after: Mon 30 Sep 2024 05:22:11 +0000
asID: 22363
IP address blocks: 31.6.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d7:7e:b6:67:b4:04:1e:d4:02:b8:a8:d9:9d:8f:d7:c9:54:4c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:17:11 2023 GMT
Not After : Sep 30 05:22:11 2024 GMT
Subject: CN=CCC50537E91BC5F8366AF2EE7513B9253C944F50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:fe:af:94:f4:da:eb:fc:ba:04:db:e0:ed:
0e:7c:3c:a9:93:57:58:fc:ed:09:9a:bb:a5:49:27:
cf:69:b9:f6:1c:b8:68:bb:f3:36:fe:5a:da:59:36:
8d:6c:7b:3a:ea:fe:8f:ce:e0:6e:91:17:6f:0f:46:
97:ae:5a:46:a7:f8:4c:66:63:5c:55:b5:84:62:81:
14:2d:2b:53:14:a8:83:88:19:10:8a:74:63:df:90:
4d:e3:40:1e:ae:a8:b0:f6:55:c9:39:57:03:e9:ac:
a4:3c:fa:b1:61:c5:c1:46:af:fa:9a:3e:c7:cf:23:
4e:9b:b0:7b:e9:b6:67:14:82:16:4e:53:09:28:7d:
dd:15:6a:61:8e:83:4d:5e:9f:bd:cf:7a:80:78:bb:
ff:1c:5c:2a:27:01:da:13:0b:24:2a:66:ee:c8:e1:
ad:b8:3b:ca:bc:c4:48:a3:ae:7f:08:b1:8d:9c:3d:
1a:73:0a:91:a9:dd:6c:b8:d4:43:49:49:f7:b8:19:
a9:00:4a:64:9b:7e:4e:a3:6d:95:06:01:44:7f:c1:
de:57:45:e2:8f:bf:9d:5d:ce:4d:66:b0:87:bd:2f:
72:01:0f:d9:fc:20:28:3a:47:02:06:76:f4:c1:0e:
59:b2:b2:19:e0:00:29:04:b4:fc:24:cc:58:57:d1:
2e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C5:05:37:E9:1B:C5:F8:36:6A:F2:EE:75:13:B9:25:3C:94:4F:50
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35382e302f32342d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.58.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:c3:66:78:e0:e7:fa:54:8e:f9:00:e3:49:9d:c1:22:9c:b4:
9e:06:4a:69:6c:29:11:3d:59:dc:16:fa:ee:0e:16:90:99:3d:
36:f1:58:3a:b8:ab:c6:7e:8f:69:94:8b:83:27:71:eb:f4:0a:
0d:d9:d7:a7:5c:46:5a:65:f9:1c:3f:b0:ab:c2:2b:73:7f:b1:
2d:75:94:f0:26:4f:4f:7f:38:56:0e:b7:9a:16:10:81:11:9a:
62:a2:d9:42:fe:1c:6a:6c:ca:3f:7b:f4:75:3e:49:7d:99:e3:
0a:2a:69:96:c1:b9:2b:ba:15:ef:7f:64:31:74:56:97:39:4e:
0c:da:69:ec:5b:d1:5c:bd:25:04:bd:ea:31:39:6b:22:7c:90:
26:0c:4a:d8:30:80:1b:66:d0:12:a3:18:90:81:fc:c9:6c:ca:
d9:e1:75:3a:0c:2a:31:95:c3:e3:82:26:e2:e4:b3:ca:0b:2a:
13:ac:bb:f5:22:83:24:bf:90:9f:b1:44:e7:d4:45:a5:ea:66:
05:2d:ee:d4:66:38:54:44:e6:c9:04:8a:07:90:e2:e5:49:d8:
5c:74:55:38:f8:3f:1e:8b:90:a1:b8:58:3b:47:e3:0f:a7:4f:
ce:c2:43:c7:95:0b:55:98:d5:1d:02:73:13:7a:72:33:1d:f2:
20:b2:04:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURdd+tme0BB7UArio2Z2P18lUTN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE3MTFaFw0yNDA5MzAwNTIyMTFaMDMxMTAvBgNV
BAMTKENDQzUwNTM3RTkxQkM1RjgzNjZBRjJFRTc1MTNCOTI1M0M5NDRGNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Nv6vlPTa6/y6BNvg7Q58PKmT
V1j87Qmau6VJJ89pufYcuGi78zb+WtpZNo1sezrq/o/O4G6RF28PRpeuWkan+Exm
Y1xVtYRigRQtK1MUqIOIGRCKdGPfkE3jQB6uqLD2Vck5VwPprKQ8+rFhxcFGr/qa
PsfPI06bsHvptmcUghZOUwkofd0VamGOg01en73PeoB4u/8cXConAdoTCyQqZu7I
4a24O8q8xEijrn8IsY2cPRpzCpGp3Wy41ENJSfe4GakASmSbfk6jbZUGAUR/wd5X
ReKPv51dzk1msIe9L3IBD9n8ICg6RwIGdvTBDlmyshngACkEtPwkzFhX0S4hAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUzMUFN+kbxfg2avLudRO5JTyUT1AwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM1MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzMzNjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwY6MA0G
CSqGSIb3DQEBCwUAA4IBAQB+w2Z44Of6VI75AONJncEinLSeBkppbCkRPVncFvru
DhaQmT028Vg6uKvGfo9plIuDJ3Hr9AoN2denXEZaZfkcP7Crwitzf7EtdZTwJk9P
fzhWDreaFhCBEZpiotlC/hxqbMo/e/R1Pkl9meMKKmmWwbkruhXvf2QxdFaXOU4M
2mnsW9FcvSUEveoxOWsifJAmDErYMIAbZtASoxiQgfzJbMrZ4XU6DCoxlcPjgibi
5LPKCyoTrLv1IoMkv5CfsUTn1EWl6mYFLe7UZjhURObJBIoHkOLlSdhcdFU4+D8e
i5ChuFg7R+MPp0/OwkPHlQtVmNUdAnMTenIzHfIgsgRh
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:48:53 2024 by rpki-client on console-fra.rpki-client.org