Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36382e302f32342d3234203d3e2039303039.roa
File: 3231332e3133392e36382e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: vfZaTN2Yf/fmXByNlYvPl5D/II7iMpeoY3OZSHPC08Q=
Subject key identifier: 40:7D:DE:B6:C5:1C:BD:08:0E:4F:F9:F5:ED:20:8B:C5:05:F9:89:FF
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1F43A8B6A45DBBF96A6523CD6B6F0DDC49610D94
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36382e302f32342d3234203d3e2039303039.roa
Signing time: Tue 06 Feb 2024 11:53:02 +0000
ROA not before: Tue 06 Feb 2024 11:48:02 +0000
ROA not after: Tue 04 Feb 2025 11:53:02 +0000
asID: 9009
IP address blocks: 213.139.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 15:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:43:a8:b6:a4:5d:bb:f9:6a:65:23:cd:6b:6f:0d:dc:49:61:0d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 6 11:48:02 2024 GMT
Not After : Feb 4 11:53:02 2025 GMT
Subject: CN=407DDEB6C51CBD080E4FF9F5ED208BC505F989FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:fc:7e:30:56:1a:d4:4e:ed:4e:e2:b5:35:
fe:00:e6:2e:8e:e2:c0:62:d1:73:5d:69:48:e7:04:
31:73:ce:f3:f0:1e:3e:70:21:37:7c:10:57:22:02:
5e:75:c4:c1:54:d0:e5:39:0c:f5:87:d2:f5:86:62:
e1:9d:e7:5b:26:ad:c0:8d:f1:ca:97:11:eb:47:5b:
16:13:63:4b:83:48:09:86:6d:ef:7e:6c:60:52:7a:
e0:08:7f:25:ac:8b:d7:6b:2e:85:f6:f3:bb:b2:f0:
e5:62:64:04:c7:9f:49:0b:70:6e:af:96:4a:6e:b4:
0b:52:b3:c7:b7:03:90:d6:f7:4a:f5:75:1b:45:f9:
44:de:30:6c:11:e3:4d:05:5e:57:e2:82:0d:83:6b:
5a:79:4c:d7:2a:9f:bb:86:7a:b5:97:8b:7c:f1:ff:
7a:9f:7e:f5:06:5b:78:d2:14:54:e7:ab:de:94:50:
d2:aa:0d:79:46:6d:d3:e7:c8:cd:48:27:f9:70:0c:
b9:22:b2:d2:00:b0:63:87:a1:79:1c:1c:55:c5:48:
bf:5e:63:e8:56:a3:e7:b5:77:f8:ab:49:19:93:d0:
9d:d3:ca:86:d8:c9:da:2c:6b:44:a0:ad:ae:03:8b:
9e:f0:f7:64:8a:25:03:1a:9f:91:8c:b9:9b:13:52:
c4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7D:DE:B6:C5:1C:BD:08:0E:4F:F9:F5:ED:20:8B:C5:05:F9:89:FF
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36382e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:cd:09:f4:c5:0d:2c:5f:c9:20:ba:d0:a0:e4:83:05:7e:0a:
76:ea:c3:1b:b0:36:e7:6f:56:67:43:a8:40:5d:2c:2b:a7:bc:
8d:20:f9:04:b4:75:c2:06:3e:6a:4e:b2:33:ae:22:eb:74:82:
10:ac:ce:de:3d:06:99:bb:cc:73:d3:b3:47:78:43:e7:7a:73:
04:a3:15:2b:d0:3b:ed:b3:80:36:a8:1d:78:cb:06:07:4e:a5:
ad:61:b8:81:c4:64:20:71:d8:02:dd:a5:f7:61:2c:50:94:f1:
0f:80:d8:46:3a:2c:ec:ca:19:63:1b:73:9f:ce:02:e7:c6:56:
a4:b8:62:44:ea:16:d4:e1:78:5b:00:5f:c1:ae:f2:d1:ac:06:
dd:90:85:9f:09:5c:cb:be:11:44:92:51:33:32:59:3a:24:2c:
27:50:32:1c:bb:b4:ff:27:6a:fa:fe:5b:2b:23:91:7c:ba:66:
60:94:e4:00:84:e9:db:51:0a:a9:c4:02:7c:2c:5d:13:87:b1:
34:00:ca:66:5d:0a:b6:cf:be:0e:c6:a0:32:ee:67:55:77:34:
c0:47:93:d3:95:b4:0d:15:cd:c4:50:58:c2:60:3c:f0:46:07:
5c:c9:2a:27:e4:b6:d5:92:5d:47:1f:b2:d0:3e:48:8e:bc:4e:
15:b6:b8:8a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUH0OotqRdu/lqZSPNa28N3ElhDZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAyMDYxMTQ4MDJaFw0yNTAyMDQxMTUzMDJaMDMxMTAvBgNV
BAMTKDQwN0RERUI2QzUxQ0JEMDgwRTRGRjlGNUVEMjA4QkM1MDVGOTg5RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdZfx+MFYa1E7tTuK1Nf4A5i6O
4sBi0XNdaUjnBDFzzvPwHj5wITd8EFciAl51xMFU0OU5DPWH0vWGYuGd51smrcCN
8cqXEetHWxYTY0uDSAmGbe9+bGBSeuAIfyWsi9drLoX287uy8OViZATHn0kLcG6v
lkputAtSs8e3A5DW90r1dRtF+UTeMGwR400FXlfigg2Da1p5TNcqn7uGerWXi3zx
/3qffvUGW3jSFFTnq96UUNKqDXlGbdPnyM1IJ/lwDLkistIAsGOHoXkcHFXFSL9e
Y+hWo+e1d/irSRmT0J3TyobYydosa0Sgra4Di57w92SKJQMan5GMuZsTUsQjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQH3etsUcvQgOT/n17SCLxQX5if8wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
RDANBgkqhkiG9w0BAQsFAAOCAQEAH80J9MUNLF/JILrQoOSDBX4KdurDG7A2529W
Z0OoQF0sK6e8jSD5BLR1wgY+ak6yM64i63SCEKzO3j0GmbvMc9OzR3hD53pzBKMV
K9A77bOANqgdeMsGB06lrWG4gcRkIHHYAt2l92EsUJTxD4DYRjos7MoZYxtzn84C
58ZWpLhiROoW1OF4WwBfwa7y0awG3ZCFnwlcy74RRJJRMzJZOiQsJ1AyHLu0/ydq
+v5bKyORfLpmYJTkAITp21EKqcQCfCxdE4exNADKZl0Kts++DsagMu5nVXc0wEeT
05W0DRXNxFBYwmA88EYHXMkqJ+S21ZJdRx+y0D5IjrxOFba4ig==
-----END CERTIFICATE-----
Generated at Sat Apr 27 21:50:25 2024 by rpki-client on console-ams.rpki-client.org