Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38392e302f32342d3234203d3e203239383032.roa
File: 3231332e3133392e38392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: UAXnl/iw9cd9qcaevE5seUKCMZPpCBRsej3/OFvVOCU=
Subject key identifier: 3D:02:6A:F9:23:63:59:0E:8F:B1:89:5F:0F:19:38:27:B8:5B:C8:F2
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1521321C423DA7AF87D27EF17B976FAF799ED896
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38392e302f32342d3234203d3e203239383032.roa
Signing time: Tue 19 Mar 2024 15:05:14 +0000
ROA not before: Tue 19 Mar 2024 15:00:14 +0000
ROA not after: Tue 18 Mar 2025 15:05:14 +0000
asID: 29802
IP address blocks: 213.139.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:21:32:1c:42:3d:a7:af:87:d2:7e:f1:7b:97:6f:af:79:9e:d8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Mar 19 15:00:14 2024 GMT
Not After : Mar 18 15:05:14 2025 GMT
Subject: CN=3D026AF92363590E8FB1895F0F193827B85BC8F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:b7:80:e5:7f:b1:9a:f1:ec:17:93:1d:d1:
c8:a9:34:cb:fb:02:16:a7:70:f3:de:a9:1a:45:43:
5b:78:71:56:ed:62:7f:e4:aa:03:3b:0e:80:d8:b9:
e3:64:b8:e9:c6:39:17:b0:a8:84:41:3a:9c:84:cf:
88:c0:18:5d:f2:a5:68:7f:e3:cb:2c:a5:01:77:f4:
0e:66:4a:51:f1:1e:94:c6:ea:c8:3b:ea:bf:34:00:
fb:af:0d:4e:64:1d:ef:ec:e3:40:3f:5c:fa:77:a4:
cd:bc:38:61:96:2a:08:fe:6a:af:70:ae:af:a4:cb:
4f:eb:c1:d9:14:f1:17:96:4c:c9:3d:97:54:09:55:
24:8d:05:af:f4:9e:f1:e0:78:e3:dc:8d:c1:ba:30:
ff:19:26:c6:92:85:bc:e7:6d:3a:78:e6:50:33:00:
8b:1e:92:bd:38:fe:cc:46:5d:d0:1c:77:8d:37:06:
1e:b3:f2:18:e7:6f:64:f5:20:8a:db:f8:c7:94:7a:
7d:94:f6:4b:6b:2f:d2:88:39:55:b9:2b:6a:c1:73:
0f:9b:ad:98:75:74:4c:13:1d:1b:c6:12:b9:c2:db:
bf:3f:c3:46:95:5b:83:55:83:3d:11:8b:e5:83:77:
00:8c:d0:57:2b:0c:80:4b:7b:40:e6:5c:3e:b2:11:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:02:6A:F9:23:63:59:0E:8F:B1:89:5F:0F:19:38:27:B8:5B:C8:F2
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38392e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.89.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f9:21:45:8e:17:ca:01:e3:eb:de:1f:dc:c0:db:9d:03:21:
47:8b:2d:a0:07:ce:df:2c:e6:46:07:af:59:8b:cb:ac:f3:51:
26:cc:6d:b8:30:b6:3a:68:ea:ad:b0:17:4a:17:79:89:80:a6:
6c:1c:65:56:5a:95:89:1c:13:c7:dc:77:21:d2:6e:a6:b1:ff:
e1:c1:53:6b:0f:b4:25:84:03:69:09:c6:f9:ff:f6:93:45:f2:
7c:24:68:32:0f:12:03:e5:41:96:6c:e5:b1:bd:de:02:9a:2f:
73:fc:2e:3c:e2:c6:fe:33:53:f4:5b:ee:b8:a3:3b:36:a2:d6:
74:e9:57:8f:6d:96:21:92:86:1c:59:8d:ed:c0:51:3f:cc:f9:
ed:3d:7c:0d:53:31:12:cf:89:4c:11:b1:56:13:28:bc:f0:12:
51:aa:fd:ee:93:3e:2c:76:16:bf:da:82:36:0d:97:0f:f5:25:
02:a3:fb:a4:e3:11:93:5a:1b:a3:19:9d:5e:e3:c4:b8:20:26:
b5:e2:fe:a1:5a:22:58:7a:79:eb:bd:64:da:17:eb:9f:54:56:
01:1e:b2:af:10:01:c5:ad:65:21:df:11:63:88:be:38:1b:0a:
fc:cd:54:e9:db:d6:01:f9:d9:8a:a6:68:15:33:33:f3:d9:96:
0a:f6:f8:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFSEyHEI9p6+H0n7xe5dvr3me2JYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAzMTkxNTAwMTRaFw0yNTAzMTgxNTA1MTRaMDMxMTAvBgNV
BAMTKDNEMDI2QUY5MjM2MzU5MEU4RkIxODk1RjBGMTkzODI3Qjg1QkM4RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC41LeA5X+xmvHsF5Md0cipNMv7
AhancPPeqRpFQ1t4cVbtYn/kqgM7DoDYueNkuOnGORewqIRBOpyEz4jAGF3ypWh/
48sspQF39A5mSlHxHpTG6sg76r80APuvDU5kHe/s40A/XPp3pM28OGGWKgj+aq9w
rq+ky0/rwdkU8ReWTMk9l1QJVSSNBa/0nvHgeOPcjcG6MP8ZJsaShbznbTp45lAz
AIsekr04/sxGXdAcd403Bh6z8hjnb2T1IIrb+MeUen2U9ktrL9KIOVW5K2rBcw+b
rZh1dEwTHRvGErnC278/w0aVW4NVgz0Ri+WDdwCM0FcrDIBLe0DmXD6yEWmxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPQJq+SNjWQ6PsYlfDxk4J7hbyPIwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtZMA0GCSqGSIb3DQEBCwUAA4IBAQAG+SFFjhfKAePr3h/cwNudAyFHiy2gB87f
LOZGB69Zi8us81EmzG24MLY6aOqtsBdKF3mJgKZsHGVWWpWJHBPH3Hch0m6msf/h
wVNrD7QlhANpCcb5//aTRfJ8JGgyDxID5UGWbOWxvd4Cmi9z/C484sb+M1P0W+64
ozs2otZ06VePbZYhkoYcWY3twFE/zPntPXwNUzESz4lMEbFWEyi88BJRqv3ukz4s
dha/2oI2DZcP9SUCo/uk4xGTWhujGZ1e48S4ICa14v6hWiJYennrvWTaF+ufVFYB
HrKvEAHFrWUh3xFjiL44Gwr8zVTp29YB+dmKpmgVMzPz2ZYK9viN
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:22:45 2024 by rpki-client on console-fra.rpki-client.org