Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39312e302f32342d3234203d3e203239383032.roa
File: 3231332e3133392e39312e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: bUy/nx+h0InuBO1UKZeFPfTatZgaSTj/yinC2P9xZ8E=
Subject key identifier: 21:A9:F8:8F:C1:25:54:6E:32:C0:6C:28:A7:62:14:0C:FF:DE:90:EC
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 357431AD5706C618466D2644673FD0C70E32179E
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39312e302f32342d3234203d3e203239383032.roa
Signing time: Tue 19 Mar 2024 15:05:14 +0000
ROA not before: Tue 19 Mar 2024 15:00:14 +0000
ROA not after: Tue 18 Mar 2025 15:05:14 +0000
asID: 29802
IP address blocks: 213.139.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:74:31:ad:57:06:c6:18:46:6d:26:44:67:3f:d0:c7:0e:32:17:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Mar 19 15:00:14 2024 GMT
Not After : Mar 18 15:05:14 2025 GMT
Subject: CN=21A9F88FC125546E32C06C28A762140CFFDE90EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:d6:8f:ad:8b:15:11:ea:ed:9f:28:80:7e:
80:a1:33:85:be:7b:e4:3b:80:67:d2:c2:eb:86:92:
ea:f3:a6:4b:df:8b:d5:4c:3a:89:f7:3c:10:ca:98:
30:f1:3b:1f:2c:d9:dc:b0:b8:32:4b:14:c1:c1:e5:
64:f6:9a:2a:70:e9:ba:4d:4d:31:42:db:f1:f4:f3:
f0:af:5a:f3:ee:4a:fc:7a:2d:d0:0f:c5:ee:cf:a9:
63:bd:ac:0b:80:99:b2:79:1f:da:86:a0:97:43:74:
e9:b6:35:1c:f7:73:a6:ab:3c:59:4d:47:9c:34:49:
ef:75:20:1b:63:0a:9b:34:7e:c2:61:22:80:62:e2:
74:f9:ac:85:d7:04:98:db:b6:d7:f5:ea:c3:0e:e6:
8e:ec:27:f4:42:85:38:28:8c:ac:83:a8:31:68:84:
0d:8c:fd:dc:0f:04:e7:70:0e:ad:be:00:e7:ae:48:
53:06:36:dc:eb:dc:40:5a:c6:40:c3:7d:40:0e:ff:
0e:d3:0e:b4:d9:1a:fb:14:a8:e1:85:46:f3:24:1d:
5b:b2:e3:6d:0c:85:39:8f:13:b1:43:ff:0d:17:92:
3e:ad:51:68:a4:e6:9d:27:a9:05:09:5d:4c:d0:2b:
85:a7:39:04:0e:58:b2:b4:f9:c0:bb:f2:65:d1:18:
88:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A9:F8:8F:C1:25:54:6E:32:C0:6C:28:A7:62:14:0C:FF:DE:90:EC
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39312e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.91.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:aa:c4:e5:b9:51:dc:10:51:63:0c:0e:47:e8:7d:f1:da:e3:
54:cc:9d:b5:fb:9c:b6:29:db:76:51:f2:56:b8:0a:51:6f:e9:
a1:ac:b6:a6:8e:b4:d8:f8:69:31:96:0f:b4:bb:a1:33:49:16:
26:5c:3b:ae:13:21:0f:62:6d:22:de:53:bf:95:9b:01:c4:88:
f5:e0:e1:84:23:70:bd:f9:e6:fc:d8:aa:b9:b6:d5:17:9a:f4:
2c:db:1c:62:0c:08:05:69:65:93:89:57:0e:ae:ca:2c:89:19:
c4:fe:ec:be:74:88:89:b1:21:ca:e1:a1:bc:8d:7d:af:52:fb:
d8:88:60:cd:fe:1b:c8:67:62:1b:66:2c:aa:b0:59:ec:63:f7:
61:b3:37:58:69:78:12:de:6c:22:a7:e9:ee:2b:65:25:71:85:
b5:96:47:fe:07:79:ab:1b:49:5f:18:39:a9:52:92:1a:63:7f:
16:d6:ca:61:ea:fd:df:e6:bb:e9:82:d9:48:df:9f:30:69:66:
7a:12:af:d3:73:65:24:6a:e7:3a:05:1b:c9:2a:34:c3:85:69:
3d:a9:37:46:17:ba:df:ac:d8:5e:2a:20:41:93:bb:8f:72:cc:
7e:93:dd:82:dd:a0:1d:0d:51:29:55:fa:7f:d7:ae:48:05:ff:
6d:cb:d9:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNXQxrVcGxhhGbSZEZz/Qxw4yF54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAzMTkxNTAwMTRaFw0yNTAzMTgxNTA1MTRaMDMxMTAvBgNV
BAMTKDIxQTlGODhGQzEyNTU0NkUzMkMwNkMyOEE3NjIxNDBDRkZERTkwRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvGdaPrYsVEertnyiAfoChM4W+
e+Q7gGfSwuuGkurzpkvfi9VMOon3PBDKmDDxOx8s2dywuDJLFMHB5WT2mipw6bpN
TTFC2/H08/CvWvPuSvx6LdAPxe7PqWO9rAuAmbJ5H9qGoJdDdOm2NRz3c6arPFlN
R5w0Se91IBtjCps0fsJhIoBi4nT5rIXXBJjbttf16sMO5o7sJ/RChTgojKyDqDFo
hA2M/dwPBOdwDq2+AOeuSFMGNtzr3EBaxkDDfUAO/w7TDrTZGvsUqOGFRvMkHVuy
420MhTmPE7FD/w0Xkj6tUWik5p0nqQUJXUzQK4WnOQQOWLK0+cC78mXRGIgZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIan4j8ElVG4ywGwop2IUDP/ekOwwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtbMA0GCSqGSIb3DQEBCwUAA4IBAQCbqsTluVHcEFFjDA5H6H3x2uNUzJ21+5y2
Kdt2UfJWuApRb+mhrLamjrTY+Gkxlg+0u6EzSRYmXDuuEyEPYm0i3lO/lZsBxIj1
4OGEI3C9+eb82Kq5ttUXmvQs2xxiDAgFaWWTiVcOrsosiRnE/uy+dIiJsSHK4aG8
jX2vUvvYiGDN/hvIZ2IbZiyqsFnsY/dhszdYaXgS3mwip+nuK2UlcYW1lkf+B3mr
G0lfGDmpUpIaY38W1sph6v3f5rvpgtlI358waWZ6Eq/Tc2Ukauc6BRvJKjTDhWk9
qTdGF7rfrNheKiBBk7uPcsx+k92C3aAdDVEpVfp/165IBf9ty9k3
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:22:45 2024 by rpki-client on console-fra.rpki-client.org