Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
File: 3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa (raw, json)
Hash identifier: FtVG28VZ3wmv0nqxlf5hM7EPx4RXFWVhnQ2viRW8YyU=
Subject key identifier: 80:BA:30:93:63:3C:C5:C9:63:97:B3:A1:6C:BC:DD:67:1D:AE:B5:09
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 15DC9D9481801E292C8A2A9F0B709B3D41B0A84A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
Signing time: Wed 27 Dec 2023 13:01:55 +0000
ROA not before: Wed 27 Dec 2023 12:56:55 +0000
ROA not after: Wed 25 Dec 2024 13:01:55 +0000
asID: 265919
IP address blocks: 212.18.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:dc:9d:94:81:80:1e:29:2c:8a:2a:9f:0b:70:9b:3d:41:b0:a8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 27 12:56:55 2023 GMT
Not After : Dec 25 13:01:55 2024 GMT
Subject: CN=80BA3093633CC5C96397B3A16CBCDD671DAEB509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:2f:de:9b:38:9b:8d:0b:9d:80:48:58:11:
3a:20:9c:f5:41:92:28:65:cb:19:32:4a:3d:bb:3a:
37:85:2e:52:a2:94:db:0a:a8:38:c1:20:12:cf:27:
b0:eb:cd:f3:7e:e9:bf:4f:af:19:a9:af:83:cd:3e:
76:ca:60:ec:9d:f2:b7:b6:60:bd:ca:b6:14:58:e4:
c2:b0:49:1a:3a:14:c2:18:ea:b8:de:33:04:ac:97:
66:a4:96:00:dd:20:13:44:d9:c6:5b:c3:fa:72:8a:
47:61:5d:e2:b3:02:50:06:05:e4:f2:1e:f7:a3:e6:
ac:63:d4:f1:00:68:2b:ab:06:7f:81:35:91:df:76:
c9:ba:d2:76:98:e9:25:5a:c0:ac:cb:3a:00:dd:ef:
01:04:f1:b8:03:b2:52:0a:26:a0:1c:fa:39:84:a4:
c2:ce:60:7e:17:50:47:56:11:6e:ba:2b:a6:5d:7a:
cf:c0:a0:fb:22:b5:d8:fa:22:70:ef:48:0b:6a:86:
50:f0:de:1a:37:21:f4:b9:b7:dd:14:f0:65:33:19:
23:2e:06:b3:2e:25:4b:14:d1:df:fb:da:f6:24:01:
4a:aa:30:b7:4f:3b:13:07:a2:af:6b:28:9c:2e:af:
0b:b7:bb:14:18:ef:4c:44:9d:28:0d:33:eb:50:9d:
52:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BA:30:93:63:3C:C5:C9:63:97:B3:A1:6C:BC:DD:67:1D:AE:B5:09
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20323635393139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.114.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:37:3a:ac:04:49:d2:e6:fd:74:af:d1:a5:d2:a5:0d:5d:69:
7d:82:e4:8e:f5:ee:0d:df:2e:e0:32:27:96:8b:6f:4e:60:d2:
65:59:63:28:22:ff:a8:46:c1:13:e6:57:ea:a8:ee:6d:e3:80:
8e:89:16:6c:7e:91:01:93:d4:a0:e5:7f:7e:bb:0d:cd:91:1f:
74:4d:bf:07:8e:a4:86:ba:e1:51:1e:40:82:ee:25:63:da:12:
c3:ed:de:a3:e9:84:bf:b7:2b:9f:a1:6a:fa:ea:d7:8b:a4:71:
aa:f7:ec:38:2e:d4:6e:b0:2e:6b:c8:34:17:53:20:bc:c7:e8:
78:ea:3f:23:b5:ae:68:02:66:64:c9:62:79:9c:c0:e6:b4:f6:
b1:71:18:05:81:91:ab:e9:ad:c5:b3:23:a3:b5:71:60:88:1c:
6c:65:94:ff:4a:69:d8:e0:24:31:81:de:94:3c:31:c6:35:27:
11:ce:31:11:6e:00:72:4f:93:64:97:6b:81:42:ce:d9:a5:88:
7d:a7:fd:0c:d5:1e:b7:aa:cc:e9:b8:7d:eb:1a:ef:99:c8:23:
f6:1e:ca:f4:5f:4a:09:4a:b8:e2:5f:05:f9:8d:a7:9d:15:06:
f8:2c:fe:32:a0:1e:56:9e:c9:96:1b:41:97:43:f8:1a:f5:3b:
28:d3:77:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFdydlIGAHiksiiqfC3CbPUGwqEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjcxMjU2NTVaFw0yNDEyMjUxMzAxNTVaMDMxMTAvBgNV
BAMTKDgwQkEzMDkzNjMzQ0M1Qzk2Mzk3QjNBMTZDQkNERDY3MURBRUI1MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Ti/emzibjQudgEhYETognPVB
kihlyxkySj27OjeFLlKilNsKqDjBIBLPJ7DrzfN+6b9Prxmpr4PNPnbKYOyd8re2
YL3KthRY5MKwSRo6FMIY6rjeMwSsl2aklgDdIBNE2cZbw/pyikdhXeKzAlAGBeTy
Hvej5qxj1PEAaCurBn+BNZHfdsm60naY6SVawKzLOgDd7wEE8bgDslIKJqAc+jmE
pMLOYH4XUEdWEW66K6Zdes/AoPsitdj6InDvSAtqhlDw3ho3IfS5t90U8GUzGSMu
BrMuJUsU0d/72vYkAUqqMLdPOxMHoq9rKJwurwu3uxQY70xEnSgNM+tQnVKnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgLowk2M8xcljl7OhbLzdZx2utQkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIzMTMyMmUzMTM4MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzOTMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUEnIwDQYJKoZIhvcNAQELBQADggEBAFo3OqwESdLm/XSv0aXSpQ1daX2C5I71
7g3fLuAyJ5aLb05g0mVZYygi/6hGwRPmV+qo7m3jgI6JFmx+kQGT1KDlf367Dc2R
H3RNvweOpIa64VEeQILuJWPaEsPt3qPphL+3K5+havrq14ukcar37Dgu1G6wLmvI
NBdTILzH6HjqPyO1rmgCZmTJYnmcwOa09rFxGAWBkavprcWzI6O1cWCIHGxllP9K
adjgJDGB3pQ8McY1JxHOMRFuAHJPk2SXa4FCztmliH2n/QzVHreqzOm4fesa75nI
I/YeyvRfSglKuOJfBfmNp50VBvgs/jKgHlaeyZYbQZdD+Br1OyjTd8o=
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:54:13 2024 by rpki-client on console-fra.rpki-client.org