Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32332d3234203d3e20383334.roa
File: 3231332e3133392e39322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: a3Cyny7tY//5kyYdeF2Lso0Pnpk8zPrkwcblGo+4aHw=
Subject key identifier: E7:A8:2F:78:BE:C1:61:26:FD:41:C2:BB:0D:C9:A9:C7:0E:B1:11:29
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 5B1D5C418391E2F59D57793076AC70E1C88DC786
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32332d3234203d3e20383334.roa
Signing time: Wed 27 Dec 2023 13:05:08 +0000
ROA not before: Wed 27 Dec 2023 13:00:08 +0000
ROA not after: Wed 25 Dec 2024 13:05:08 +0000
asID: 834
IP address blocks: 213.139.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:1d:5c:41:83:91:e2:f5:9d:57:79:30:76:ac:70:e1:c8:8d:c7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Dec 27 13:00:08 2023 GMT
Not After : Dec 25 13:05:08 2024 GMT
Subject: CN=E7A82F78BEC16126FD41C2BB0DC9A9C70EB11129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:79:4a:34:37:27:0e:da:d5:26:c2:ad:23:63:
c5:a1:20:a6:9b:b9:69:35:98:da:68:22:53:73:4f:
a3:35:c3:3e:e3:6a:ad:01:04:ab:d1:70:ec:2b:ce:
4f:26:83:f4:30:5d:f8:b1:0e:fd:10:39:99:92:f7:
e6:4d:13:7f:40:ee:8d:97:12:fa:81:ec:6b:f6:73:
2b:14:e0:cf:78:1a:2a:dc:55:cc:db:92:2c:72:db:
9c:b4:39:ea:22:84:93:14:28:f3:11:4d:da:77:1f:
13:42:46:f0:61:d7:c6:db:43:2b:ad:d7:e7:0a:b7:
ca:6b:75:52:59:b3:86:89:9a:2f:91:46:04:06:6f:
d8:24:86:89:c6:17:1a:ef:6e:75:92:c4:76:8f:5b:
b2:cb:cd:af:c8:0a:bc:0c:22:9f:60:d4:2f:9e:e4:
80:69:03:bf:94:61:fd:8a:de:be:4a:32:5f:24:22:
d3:9b:3b:f7:89:06:8f:99:0e:53:a5:51:be:f5:fa:
64:91:9d:11:3d:67:24:bf:57:93:59:fb:79:56:84:
22:14:d0:3f:8a:76:7a:bc:fb:f4:e9:dd:38:4e:28:
4a:ec:4a:94:0d:07:be:78:5c:2a:a1:b6:22:6c:4d:
47:d5:15:f5:df:d6:83:4a:bd:e1:35:19:30:4c:42:
ad:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A8:2F:78:BE:C1:61:26:FD:41:C2:BB:0D:C9:A9:C7:0E:B1:11:29
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.92.0/23
Signature Algorithm: sha256WithRSAEncryption
03:cb:12:28:34:0b:11:72:c6:e2:ce:81:03:14:5b:86:81:5b:
c2:e7:79:b1:f5:de:bb:4a:7d:29:0e:35:22:9d:20:ad:3d:fa:
27:7a:67:32:82:34:fe:35:1d:48:53:dd:34:78:ac:0c:9e:f4:
4b:04:8a:a6:b3:c2:56:7f:cd:08:55:6e:56:43:b3:bb:ca:9b:
38:87:ec:68:71:0b:85:83:da:6d:7a:7e:da:09:aa:a8:26:6d:
dc:92:1d:77:29:4c:63:ad:77:92:81:c6:dc:a6:7a:de:c6:6f:
b0:af:85:b2:a9:fb:97:16:f0:ce:ba:39:34:1e:f6:db:6c:18:
f4:0a:d0:b1:1c:75:23:ff:18:bb:85:66:37:9c:b8:e4:55:1e:
5d:37:37:91:e4:0d:2d:9f:f3:50:d8:ed:d1:74:47:63:fa:3c:
5f:86:be:66:57:be:7b:ec:bc:cb:61:bd:49:f4:be:dd:6b:06:
c2:cd:ba:d7:25:5e:2d:36:f2:1a:04:c6:bc:fb:63:af:da:ee:
e6:11:72:31:4f:cc:89:61:25:e1:3e:eb:f5:cf:61:48:95:b3:
a0:eb:59:e0:e3:f3:9a:06:0c:6f:68:d3:4f:58:e8:81:85:7e:
9c:9d:82:29:c8:4b:d4:a4:e9:39:c8:a6:49:e1:cb:9f:07:91:
53:8a:41:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWx1cQYOR4vWdV3kwdqxw4ciNx4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yMzEyMjcxMzAwMDhaFw0yNDEyMjUxMzA1MDhaMDMxMTAvBgNV
BAMTKEU3QTgyRjc4QkVDMTYxMjZGRDQxQzJCQjBEQzlBOUM3MEVCMTExMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2eUo0NycO2tUmwq0jY8WhIKab
uWk1mNpoIlNzT6M1wz7jaq0BBKvRcOwrzk8mg/QwXfixDv0QOZmS9+ZNE39A7o2X
EvqB7Gv2cysU4M94GircVczbkixy25y0OeoihJMUKPMRTdp3HxNCRvBh18bbQyut
1+cKt8prdVJZs4aJmi+RRgQGb9gkhonGFxrvbnWSxHaPW7LLza/ICrwMIp9g1C+e
5IBpA7+UYf2K3r5KMl8kItObO/eJBo+ZDlOlUb71+mSRnRE9ZyS/V5NZ+3lWhCIU
0D+Kdnq8+/Tp3ThOKErsSpQNB754XCqhtiJsTUfVFfXf1oNKveE1GTBMQq15AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU56gveL7BYSb9QcK7Dcmpxw6xESkwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHVi1ww
DQYJKoZIhvcNAQELBQADggEBAAPLEig0CxFyxuLOgQMUW4aBW8LnebH13rtKfSkO
NSKdIK09+id6ZzKCNP41HUhT3TR4rAye9EsEiqazwlZ/zQhVblZDs7vKmziH7Ghx
C4WD2m16ftoJqqgmbdySHXcpTGOtd5KBxtymet7Gb7CvhbKp+5cW8M66OTQe9tts
GPQK0LEcdSP/GLuFZjecuORVHl03N5HkDS2f81DY7dF0R2P6PF+GvmZXvnvsvMth
vUn0vt1rBsLNutclXi028hoExrz7Y6/a7uYRcjFPzIlhJeE+6/XPYUiVs6DrWeDj
85oGDG9o009Y6IGFfpydginIS9Sk6TnIpknhy58HkVOKQWY=
-----END CERTIFICATE-----
Generated at Thu May 2 05:35:05 2024 by rpki-client on console-fra.rpki-client.org