Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e203133333335.roa
File: 3231322e31382e3131342e302f32342d3234203d3e203133333335.roa (raw, json)
Hash identifier: 4aSZMgy9GuN/xpZRO2ih3pNCEKG9xM20x5nMU1KD93w=
Subject key identifier: 2B:5A:A1:AE:9C:9C:7B:E3:65:73:51:37:D7:44:DE:AE:24:C1:D3:54
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 31C87E4DA613E0D99C53E4F8BCCD71C6E67F88E7
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e203133333335.roa
Signing time: Wed 27 Dec 2023 13:26:05 +0000
ROA not before: Wed 27 Dec 2023 13:21:05 +0000
ROA not after: Wed 25 Dec 2024 13:26:05 +0000
asID: 13335
IP address blocks: 212.18.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c8:7e:4d:a6:13:e0:d9:9c:53:e4:f8:bc:cd:71:c6:e6:7f:88:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 27 13:21:05 2023 GMT
Not After : Dec 25 13:26:05 2024 GMT
Subject: CN=2B5AA1AE9C9C7BE365735137D744DEAE24C1D354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2c:db:7d:51:e8:58:34:50:5f:a9:dd:fc:c9:
e1:2f:4f:bd:77:0c:a6:42:60:4e:3f:d7:a1:45:51:
7c:d7:dd:61:a1:77:fd:ed:d0:e2:20:61:0d:7e:f0:
45:2c:0b:36:9b:b5:b0:0a:67:41:2a:d2:85:88:9d:
b8:9f:fc:f1:c5:e9:cc:ab:a6:38:80:09:6d:b4:f1:
4a:5e:ee:c1:f9:ab:8e:87:9b:a7:72:cf:ba:87:02:
50:08:d8:fd:bc:9c:3b:9e:b8:07:ca:3e:73:d4:48:
8e:3b:ea:78:26:df:b7:2c:53:b6:59:c6:19:bc:81:
ea:68:5f:c8:45:55:cb:02:8f:10:80:d2:26:61:d6:
5b:d7:4b:0e:69:0a:7c:16:53:0e:ff:2e:c6:25:80:
68:7d:72:99:f9:d4:30:a7:74:b7:f1:cf:52:bd:43:
b0:88:f4:da:10:3d:08:9b:b4:26:b3:93:65:a7:48:
35:cc:6e:2b:75:d1:9c:c7:67:e1:af:f4:4e:0e:89:
f2:8d:6c:d1:21:54:5b:c0:14:cc:50:3d:dc:40:5d:
71:77:73:4a:c3:a9:a9:ca:a9:4f:3d:e6:0c:16:46:
96:61:0f:6b:c0:80:e1:af:4b:5b:d8:c6:cc:29:8c:
25:e0:18:ec:d3:15:ff:78:a7:5b:2c:0e:21:59:54:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5A:A1:AE:9C:9C:7B:E3:65:73:51:37:D7:44:DE:AE:24:C1:D3:54
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.114.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:3e:9a:f2:8f:da:78:6f:69:0c:85:48:8c:bb:98:6a:e9:1e:
91:82:0d:1d:41:63:08:f8:9b:ab:41:eb:98:17:9e:a0:b2:ba:
37:fd:52:f4:e4:6c:f9:11:6f:59:83:1f:13:82:45:39:71:6c:
15:25:72:40:7c:e0:32:ba:a7:21:23:f0:ff:cf:4e:72:d9:89:
9e:b3:f9:55:8d:19:86:42:93:00:c9:32:25:c8:7b:d8:0f:6b:
ce:a4:16:b6:ce:3e:bf:87:af:fb:80:d4:69:f2:f7:0e:69:67:
84:23:96:f2:97:81:47:fd:83:92:ee:18:2b:46:48:ef:e2:91:
49:54:89:0d:ad:91:2f:19:92:36:bf:ae:f5:7b:12:d9:34:10:
b4:2f:8d:98:83:a1:2f:e6:1e:ce:11:ab:00:0c:02:fd:0d:98:
a8:ae:e5:5b:68:12:23:c1:17:ad:2d:4d:ad:07:18:69:53:0e:
7d:2c:5f:ed:85:0e:b0:89:e1:07:a1:4c:2e:62:10:6f:64:62:
26:32:ab:18:43:3c:51:52:7f:89:e1:9f:8b:b5:54:21:af:25:
45:b1:1e:8f:a3:5d:59:61:94:c8:71:2e:45:fd:77:2d:2b:5b:
d4:b3:57:ac:74:5b:4c:e7:87:b0:72:3a:0b:25:a3:5c:5f:69:
9e:38:c3:c2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMch+TaYT4NmcU+T4vM1xxuZ/iOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjcxMzIxMDVaFw0yNDEyMjUxMzI2MDVaMDMxMTAvBgNV
BAMTKDJCNUFBMUFFOUM5QzdCRTM2NTczNTEzN0Q3NDRERUFFMjRDMUQzNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeLNt9UehYNFBfqd38yeEvT713
DKZCYE4/16FFUXzX3WGhd/3t0OIgYQ1+8EUsCzabtbAKZ0Eq0oWInbif/PHF6cyr
pjiACW208Upe7sH5q46Hm6dyz7qHAlAI2P28nDueuAfKPnPUSI476ngm37csU7ZZ
xhm8gepoX8hFVcsCjxCA0iZh1lvXSw5pCnwWUw7/LsYlgGh9cpn51DCndLfxz1K9
Q7CI9NoQPQibtCazk2WnSDXMbit10ZzHZ+Gv9E4OifKNbNEhVFvAFMxQPdxAXXF3
c0rDqanKqU895gwWRpZhD2vAgOGvS1vYxswpjCXgGOzTFf94p1ssDiFZVEO/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUK1qhrpyce+Nlc1E310TeriTB01QwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIzMTMyMmUzMTM4MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzMzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BJyMA0GCSqGSIb3DQEBCwUAA4IBAQBrPpryj9p4b2kMhUiMu5hq6R6Rgg0dQWMI
+JurQeuYF56gsro3/VL05Gz5EW9Zgx8TgkU5cWwVJXJAfOAyuqchI/D/z05y2Yme
s/lVjRmGQpMAyTIlyHvYD2vOpBa2zj6/h6/7gNRp8vcOaWeEI5byl4FH/YOS7hgr
Rkjv4pFJVIkNrZEvGZI2v671exLZNBC0L42Yg6Ev5h7OEasADAL9DZioruVbaBIj
wRetLU2tBxhpUw59LF/thQ6wieEHoUwuYhBvZGImMqsYQzxRUn+J4Z+LtVQhryVF
sR6Po11ZYZTIcS5F/XctK1vUs1esdFtM54ewcjoLJaNcX2meOMPC
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:42 2024 by rpki-client on console-ams.rpki-client.org