Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3139322e302f32302d3230203d3e203432363839.roa
File: 33312e3232302e3139322e302f32302d3230203d3e203432363839.roa (raw, json)
Hash identifier: FokP8f0i0GEeC3i2UJihi74Ytdmlh7CQEiEvf00qTo0=
Subject key identifier: 4F:EA:68:B8:23:5E:F1:2F:3E:A6:4E:5C:86:81:A7:53:97:6E:C3:33
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5ACEF57A8915A7AFF95E7CF5B8C1E963A3824678
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3139322e302f32302d3230203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 09:40:24 +0000
ROA not before: Thu 08 Aug 2024 09:35:24 +0000
ROA not after: Thu 07 Aug 2025 09:40:24 +0000
asID: 42689
IP address blocks: 31.220.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ce:f5:7a:89:15:a7:af:f9:5e:7c:f5:b8:c1:e9:63:a3:82:46:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 09:35:24 2024 GMT
Not After : Aug 7 09:40:24 2025 GMT
Subject: CN=4FEA68B8235EF12F3EA64E5C8681A753976EC333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7e:92:4d:f7:1b:48:d7:84:bb:ad:74:92:fc:
e5:92:72:c1:7d:5d:2e:3b:10:84:44:86:31:ee:a5:
1f:ca:df:88:2c:94:58:68:db:0d:03:57:6f:1e:ea:
c9:aa:c1:8c:06:ff:93:97:a6:c9:15:98:b4:46:d7:
f5:06:74:ea:46:45:0c:4b:19:17:3e:f8:d9:6f:1d:
92:cb:66:0e:09:c1:20:1a:4a:b4:87:6d:d7:2f:16:
40:9b:db:e2:4c:68:bc:05:e5:73:f7:9e:75:f2:de:
57:c6:28:40:13:34:37:41:c0:b0:af:e0:40:fc:1b:
ac:fd:e2:e0:42:3b:b0:52:17:cf:74:50:96:cb:be:
aa:b5:46:ba:fc:3e:42:4e:25:6f:cf:6f:9d:c0:10:
23:65:64:cb:7f:34:75:8b:35:52:2e:2e:9a:ac:93:
2b:64:e6:9a:e6:62:f3:40:11:b4:5d:b1:b8:21:a9:
d5:a3:1c:87:45:a6:9e:e7:19:12:93:ee:26:de:cf:
03:ad:47:04:41:5d:2e:66:ad:51:3c:ba:7d:a6:c2:
75:b5:b2:12:48:55:c8:99:23:d0:2e:35:ca:83:ff:
f3:8e:de:76:68:38:00:af:60:3a:f0:fe:6d:d6:e7:
62:bc:62:ab:83:3e:06:62:9d:00:a6:8c:94:3c:91:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:EA:68:B8:23:5E:F1:2F:3E:A6:4E:5C:86:81:A7:53:97:6E:C3:33
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3139322e302f32302d3230203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.192.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:43:fa:b9:eb:ff:49:44:3c:53:31:3b:e1:f2:1e:2d:83:ed:
44:63:ca:bd:b9:0c:2f:45:b8:72:4c:e4:84:cd:f3:db:99:36:
a2:a1:9e:38:ac:1f:96:53:14:d2:70:02:2f:ea:14:ca:03:55:
21:6b:af:fd:64:56:7d:fe:f5:e5:97:72:ba:f2:9f:d3:cc:ce:
86:80:94:5b:e9:e7:58:85:bd:3f:ce:3a:3d:73:7f:34:0a:08:
38:1e:dc:55:1e:6a:dc:25:31:d7:11:5f:4f:bc:15:0c:cb:97:
5d:a8:e4:5a:d1:7a:e9:55:ea:72:18:f2:25:b9:67:8a:e2:fe:
92:c5:b4:0a:90:db:52:d8:c5:3d:3d:39:4f:f8:46:a6:35:6c:
02:b4:c0:1b:e0:12:77:ec:4a:9a:60:67:75:81:ac:c0:8a:16:
b5:cc:9b:c1:2e:9f:c0:0f:1a:2a:f9:6d:02:72:0c:df:a2:93:
c5:90:ce:a0:a4:88:d7:f0:d0:55:cc:9c:00:82:dc:1a:ff:a9:
de:87:9f:1d:b7:46:b9:3d:5a:45:ac:1c:9f:52:0e:20:c2:66:
46:91:b1:b1:91:bd:2e:40:e7:0e:9c:e5:f9:04:f8:27:eb:c0:
62:3d:2a:d8:8f:c4:d2:23:2b:ec:dd:a0:22:96:fc:f9:dd:01:
16:a7:55:fa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWs71eokVp6/5Xnz1uMHpY6OCRngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgwOTM1MjRaFw0yNTA4MDcwOTQwMjRaMDMxMTAvBgNV
BAMTKDRGRUE2OEI4MjM1RUYxMkYzRUE2NEU1Qzg2ODFBNzUzOTc2RUMzMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZfpJN9xtI14S7rXSS/OWScsF9
XS47EIREhjHupR/K34gslFho2w0DV28e6smqwYwG/5OXpskVmLRG1/UGdOpGRQxL
GRc++NlvHZLLZg4JwSAaSrSHbdcvFkCb2+JMaLwF5XP3nnXy3lfGKEATNDdBwLCv
4ED8G6z94uBCO7BSF890UJbLvqq1Rrr8PkJOJW/Pb53AECNlZMt/NHWLNVIuLpqs
kytk5prmYvNAEbRdsbghqdWjHIdFpp7nGRKT7ibezwOtRwRBXS5mrVE8un2mwnW1
shJIVciZI9AuNcqD//OO3nZoOACvYDrw/m3W52K8YquDPgZinQCmjJQ8kbQ9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUT+pouCNe8S8+pk5choGnU5duwzMwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMTM5
MzIyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
H9zAMA0GCSqGSIb3DQEBCwUAA4IBAQBqQ/q56/9JRDxTMTvh8h4tg+1EY8q9uQwv
RbhyTOSEzfPbmTaioZ44rB+WUxTScAIv6hTKA1Uha6/9ZFZ9/vXll3K68p/TzM6G
gJRb6edYhb0/zjo9c380Cgg4HtxVHmrcJTHXEV9PvBUMy5ddqORa0XrpVepyGPIl
uWeK4v6SxbQKkNtS2MU9PTlP+EamNWwCtMAb4BJ37EqaYGd1gazAiha1zJvBLp/A
Dxoq+W0CcgzfopPFkM6gpIjX8NBVzJwAgtwa/6neh58dt0a5PVpFrByfUg4gwmZG
kbGxkb0uQOcOnOX5BPgn68BiPSrYj8TSIyvs3aAilvz53QEWp1X6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org