Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38372e302f32342d3234203d3e203239383032.roa
File: 3231332e3133392e38372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: W6Cmsu3UHslV9l1LnCIkWilopTPnvzIp0Sfbe7XMQMw=
Subject key identifier: 77:DA:5C:90:60:31:7E:27:A3:93:E5:B8:77:7F:51:33:DC:A6:89:9B
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4AF93B9D9018D66A865FF25114A5072AADD0FDD1
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38372e302f32342d3234203d3e203239383032.roa
Signing time: Tue 19 Mar 2024 15:05:14 +0000
ROA not before: Tue 19 Mar 2024 15:00:14 +0000
ROA not after: Tue 18 Mar 2025 15:05:14 +0000
asID: 29802
IP address blocks: 213.139.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:f9:3b:9d:90:18:d6:6a:86:5f:f2:51:14:a5:07:2a:ad:d0:fd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Mar 19 15:00:14 2024 GMT
Not After : Mar 18 15:05:14 2025 GMT
Subject: CN=77DA5C9060317E27A393E5B8777F5133DCA6899B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:8f:be:56:4b:eb:e4:c3:d7:19:38:a2:be:
83:db:26:76:2c:f2:28:c3:c6:e4:b0:ab:5c:ee:41:
3f:47:c5:d1:5e:9b:64:35:61:d7:60:fe:7c:d8:43:
58:cb:72:f4:d8:32:cc:40:6b:25:af:08:39:80:11:
1a:57:1f:e6:39:20:82:4a:7c:79:8f:bf:a8:b2:0f:
d8:5f:b1:66:da:a1:67:26:aa:fe:0a:72:fd:a5:a1:
65:72:3a:91:f0:6b:c5:86:93:3a:23:72:82:67:b8:
a0:02:d4:f1:48:a0:ce:d3:45:c2:ce:f2:3c:a6:db:
7d:41:01:bb:db:63:6c:ec:f2:67:92:1c:9e:f3:d7:
d0:93:de:34:f1:d1:3b:8f:67:45:fb:23:ff:47:d6:
86:73:b0:fb:37:b9:2a:ea:e4:fe:02:d5:3d:e4:ad:
0f:2d:cb:ea:87:bc:67:6f:24:73:d6:0d:34:71:77:
ef:8b:6e:7f:e4:69:bb:fa:66:c8:e4:69:56:fa:7f:
6b:e2:c5:b3:0f:40:9e:b8:a3:40:f9:db:67:df:73:
3f:a8:ff:0e:e2:43:13:4d:13:7a:17:ad:40:3f:d3:
c0:0b:8e:1c:3b:15:d7:94:2a:73:35:a7:53:a2:3e:
fb:ca:63:ea:52:77:08:23:4d:d8:16:6d:57:0d:8a:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DA:5C:90:60:31:7E:27:A3:93:E5:B8:77:7F:51:33:DC:A6:89:9B
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38372e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.87.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:42:73:d6:72:cf:75:47:b2:02:e1:e5:01:f8:e4:ba:72:92:
14:d2:39:92:a7:23:cd:2e:c7:69:d3:37:61:bb:82:bb:da:3d:
15:27:ce:eb:7a:94:08:11:7e:1e:8c:7d:db:80:9f:fd:63:57:
11:31:43:d9:ae:df:00:5e:75:40:34:de:9b:9e:23:21:46:bb:
2d:a7:d4:15:b4:13:fb:80:d5:b1:29:9c:62:78:8a:0f:74:91:
f5:0e:8a:2d:bf:d2:db:8a:c6:07:87:81:d4:cc:6d:5d:da:f2:
a4:e9:35:32:d2:5b:73:49:f8:64:45:e6:7c:5b:62:c1:c0:4e:
ba:da:71:48:25:14:f4:3b:6e:68:4c:01:dc:3b:f8:02:0e:4f:
75:92:ed:cc:b0:dd:bf:14:82:a6:1b:34:4c:65:48:b4:ef:4b:
c8:fd:bc:0d:3a:7a:a3:a3:34:4d:3a:e9:ad:47:94:16:f5:6b:
07:f7:6f:3c:03:a5:fc:22:0e:24:38:66:dc:63:ab:bb:c0:30:
09:d6:10:0e:fc:8c:06:a6:4e:b8:93:c8:a9:54:a8:45:eb:69:
c0:ff:56:f4:9b:cf:0e:f3:ae:4e:1e:bc:88:e9:9c:4e:a3:ee:
50:76:d2:01:17:ca:d4:72:d0:ea:10:23:2e:c9:34:39:44:5c:
5b:2a:b1:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSvk7nZAY1mqGX/JRFKUHKq3Q/dEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAzMTkxNTAwMTRaFw0yNTAzMTgxNTA1MTRaMDMxMTAvBgNV
BAMTKDc3REE1QzkwNjAzMTdFMjdBMzkzRTVCODc3N0Y1MTMzRENBNjg5OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh1o++Vkvr5MPXGTiivoPbJnYs
8ijDxuSwq1zuQT9HxdFem2Q1Yddg/nzYQ1jLcvTYMsxAayWvCDmAERpXH+Y5IIJK
fHmPv6iyD9hfsWbaoWcmqv4Kcv2loWVyOpHwa8WGkzojcoJnuKAC1PFIoM7TRcLO
8jym231BAbvbY2zs8meSHJ7z19CT3jTx0TuPZ0X7I/9H1oZzsPs3uSrq5P4C1T3k
rQ8ty+qHvGdvJHPWDTRxd++Lbn/kabv6ZsjkaVb6f2vixbMPQJ64o0D522ffcz+o
/w7iQxNNE3oXrUA/08ALjhw7FdeUKnM1p1OiPvvKY+pSdwgjTdgWbVcNij05AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUd9pckGAxfiejk+W4d39RM9ymiZswHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtXMA0GCSqGSIb3DQEBCwUAA4IBAQCgQnPWcs91R7IC4eUB+OS6cpIU0jmSpyPN
Lsdp0zdhu4K72j0VJ87repQIEX4ejH3bgJ/9Y1cRMUPZrt8AXnVANN6bniMhRrst
p9QVtBP7gNWxKZxieIoPdJH1Dootv9LbisYHh4HUzG1d2vKk6TUy0ltzSfhkReZ8
W2LBwE662nFIJRT0O25oTAHcO/gCDk91ku3MsN2/FIKmGzRMZUi070vI/bwNOnqj
ozRNOumtR5QW9WsH9288A6X8Ig4kOGbcY6u7wDAJ1hAO/IwGpk64k8ipVKhF62nA
/1b0m88O865OHryI6ZxOo+5QdtIBF8rUctDqECMuyTQ5RFxbKrH/
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:22:45 2024 by rpki-client on console-fra.rpki-client.org