Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323130353432.roa
File: 3231332e3133392e37372e302f32342d3234203d3e20323130353432.roa (raw, json)
Hash identifier: J665VeL+ta2lvtf028bxqxOBWVLZFouFffMzBhchlUE=
Subject key identifier: F1:DD:37:2A:2F:A5:CB:27:23:CF:65:C5:2A:CA:74:D7:39:7B:E4:47
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 0A8F6AB44735A88CB30717BD7D96B609A9BDDA90
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323130353432.roa
Signing time: Fri 03 May 2024 04:56:17 +0000
ROA not before: Fri 03 May 2024 04:51:17 +0000
ROA not after: Fri 02 May 2025 04:56:17 +0000
asID: 210542
IP address blocks: 213.139.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:8f:6a:b4:47:35:a8:8c:b3:07:17:bd:7d:96:b6:09:a9:bd:da:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: May 3 04:51:17 2024 GMT
Not After : May 2 04:56:17 2025 GMT
Subject: CN=F1DD372A2FA5CB2723CF65C52ACA74D7397BE447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e9:34:be:7b:90:f3:66:20:ce:40:ee:90:61:
cf:b0:04:ab:d9:95:92:09:ef:16:e4:1d:04:ce:8b:
fb:04:35:6d:83:f8:ca:81:17:65:9a:68:c9:73:38:
7d:95:f5:d8:30:87:e7:b8:6e:ac:18:c8:5b:27:fc:
40:25:c9:5e:f0:f9:20:81:df:b2:3a:5d:97:a9:4a:
48:55:e9:a3:f6:20:bd:2b:6a:61:64:a0:4a:75:0a:
35:4d:5d:02:98:93:99:2c:ac:b7:cb:b1:51:1a:c3:
3d:58:09:c3:4a:d4:18:f8:98:a3:20:61:0a:1e:42:
b3:a4:be:19:c8:6e:e9:e6:03:65:c1:55:a8:65:bf:
79:93:56:1d:a5:40:e6:76:2f:5b:b1:9d:51:c5:0c:
33:b8:b7:4a:99:54:be:09:89:50:e5:76:79:6e:ff:
b3:7f:2b:e4:9f:7e:e5:ee:e5:ea:f5:a4:b0:5c:1b:
42:b0:a5:63:18:7b:85:2f:be:a6:41:0d:29:00:3c:
db:34:21:0f:60:52:fa:33:d1:84:d5:86:70:84:53:
e6:62:77:48:de:bb:1d:fa:13:f1:f4:e2:9e:2e:1c:
04:8e:72:00:3f:b3:ce:f6:02:87:e7:10:f1:29:8b:
48:07:95:70:1e:e7:2a:bf:92:66:64:79:ed:f5:b5:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DD:37:2A:2F:A5:CB:27:23:CF:65:C5:2A:CA:74:D7:39:7B:E4:47
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.77.0/24
Signature Algorithm: sha256WithRSAEncryption
69:b1:e6:a0:52:af:58:de:33:6d:d2:af:a2:01:04:92:fa:e5:
92:f4:fd:c6:7a:38:56:6b:cb:db:f8:20:5e:74:93:18:b1:8a:
77:54:d5:db:90:76:0a:36:fd:b0:a9:b7:f0:39:64:2a:76:97:
ab:52:0e:fa:f1:53:05:85:77:7b:6e:df:db:68:dc:34:c2:d5:
31:61:67:ad:85:89:65:a4:92:0c:91:af:c5:81:d0:ec:cc:07:
1f:8a:da:22:c3:43:68:9b:78:1e:dd:00:fd:39:ce:50:b1:6d:
7c:e0:94:0a:e2:7d:fe:ef:42:bf:02:fa:47:0e:fc:46:a3:04:
39:a7:a0:67:79:2a:8e:36:37:93:18:a4:40:b2:f2:7f:da:14:
02:43:9e:ba:e9:82:c2:c3:96:d7:1d:b5:cb:35:35:cc:e4:60:
dd:7a:62:c4:09:00:4a:4d:c9:03:1d:8f:58:c0:16:50:ff:fc:
f4:af:52:0d:58:b2:79:22:17:d2:c8:c9:0e:95:23:4d:3c:c5:
50:b2:5c:4c:90:94:e7:89:7b:de:ca:15:50:ab:83:d8:0a:10:
cf:1f:97:a4:c1:bb:c8:39:f8:43:ad:b3:07:1a:b2:d7:d4:d7:
e2:df:ce:22:1c:6d:5b:a7:8e:db:7b:00:80:31:0b:c3:5f:22:
22:84:b3:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCo9qtEc1qIyzBxe9fZa2Cam92pAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDA1MDMwNDUxMTdaFw0yNTA1MDIwNDU2MTdaMDMxMTAvBgNV
BAMTKEYxREQzNzJBMkZBNUNCMjcyM0NGNjVDNTJBQ0E3NEQ3Mzk3QkU0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu6TS+e5DzZiDOQO6QYc+wBKvZ
lZIJ7xbkHQTOi/sENW2D+MqBF2WaaMlzOH2V9dgwh+e4bqwYyFsn/EAlyV7w+SCB
37I6XZepSkhV6aP2IL0ramFkoEp1CjVNXQKYk5ksrLfLsVEawz1YCcNK1Bj4mKMg
YQoeQrOkvhnIbunmA2XBVahlv3mTVh2lQOZ2L1uxnVHFDDO4t0qZVL4JiVDldnlu
/7N/K+SffuXu5er1pLBcG0KwpWMYe4UvvqZBDSkAPNs0IQ9gUvoz0YTVhnCEU+Zi
d0jeux36E/H04p4uHASOcgA/s872AofnEPEpi0gHlXAe5yq/kmZkee31tckZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8d03Ki+lyycjz2XFKsp01zl75EcwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAzNTM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi00wDQYJKoZIhvcNAQELBQADggEBAGmx5qBSr1jeM23Sr6IBBJL65ZL0/cZ6
OFZry9v4IF50kxixindU1duQdgo2/bCpt/A5ZCp2l6tSDvrxUwWFd3tu39to3DTC
1TFhZ62FiWWkkgyRr8WB0OzMBx+K2iLDQ2ibeB7dAP05zlCxbXzglAriff7vQr8C
+kcO/EajBDmnoGd5Ko42N5MYpECy8n/aFAJDnrrpgsLDltcdtcs1NczkYN16YsQJ
AEpNyQMdj1jAFlD//PSvUg1YsnkiF9LIyQ6VI008xVCyXEyQlOeJe97KFVCrg9gK
EM8fl6TBu8g5+EOtswcastfU1+LfziIcbVunjtt7AIAxC8NfIiKEs18=
-----END CERTIFICATE-----
Generated at Thu May 23 01:27:24 2024 by rpki-client on console-ams.rpki-client.org