Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3230382e302f32312d3231203d3e203432363839.roa
File: 33312e3232302e3230382e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: xTDpWmInRwE+k8FhvU3wsGUaJuLygc3zSCwkIwaqnKc=
Subject key identifier: EA:68:49:F1:B0:68:46:BF:9A:01:04:4E:6E:08:7D:AC:AC:E3:91:86
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0E6BC862A94C63B39C4E94B2F9963B745FE89187
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3230382e302f32312d3231203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 09:42:39 +0000
ROA not before: Thu 08 Aug 2024 09:37:39 +0000
ROA not after: Thu 07 Aug 2025 09:42:39 +0000
asID: 42689
IP address blocks: 31.220.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:6b:c8:62:a9:4c:63:b3:9c:4e:94:b2:f9:96:3b:74:5f:e8:91:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 09:37:39 2024 GMT
Not After : Aug 7 09:42:39 2025 GMT
Subject: CN=EA6849F1B06846BF9A01044E6E087DACACE39186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cb:e4:37:3f:4e:fb:3a:b0:e0:8c:f0:13:4a:
ad:ae:8f:1a:fb:5e:85:06:8c:f9:c3:11:7a:ff:3c:
25:55:ba:38:33:1e:50:8d:17:3e:4a:04:16:14:d3:
9a:1b:3a:57:04:90:cd:a8:28:6b:b1:71:3e:40:b3:
de:cd:33:71:c1:a1:e7:3e:0a:c9:18:7c:49:6b:03:
13:d7:52:63:42:cd:39:71:05:5b:71:b3:23:73:e0:
2c:60:e7:3b:af:8a:e9:d8:f0:51:b3:db:ea:43:99:
83:56:32:d1:84:a5:a8:65:d6:c4:cb:61:8d:c9:96:
06:3e:37:d0:66:4f:a2:a7:b5:f4:f6:13:29:d0:83:
dd:97:47:13:d5:51:23:af:de:88:3c:bd:e5:85:e0:
eb:da:ad:4b:5e:fb:50:c5:41:f0:29:6d:eb:a3:f4:
03:90:55:fb:97:35:50:f6:b5:92:13:bf:ff:56:c9:
31:bb:8d:07:79:9e:1b:39:42:d2:d4:f9:28:0e:bb:
b9:5c:7b:95:34:cf:73:d7:5c:73:7e:fe:56:cf:ef:
45:6d:c4:c0:01:8b:82:75:52:c4:5d:a3:bb:f2:5e:
6b:7e:a8:94:61:29:ff:5d:33:7b:ee:5a:b3:f8:10:
c3:9f:8a:86:a0:56:10:20:13:49:0e:46:81:f4:2e:
66:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:68:49:F1:B0:68:46:BF:9A:01:04:4E:6E:08:7D:AC:AC:E3:91:86
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3230382e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.208.0/21
Signature Algorithm: sha256WithRSAEncryption
12:a9:91:2b:09:24:11:1b:82:57:04:85:3c:75:ba:d5:e8:79:
dc:41:72:71:e9:ea:80:18:b7:07:be:fb:85:ed:e9:25:3b:5a:
13:d5:61:48:29:79:ac:ac:9d:0d:82:c1:88:57:4c:f0:f9:70:
03:14:a6:49:6b:90:4b:db:df:5a:3e:ba:55:30:92:e1:9c:b5:
7f:1d:d9:6e:e7:9e:44:0b:86:3d:90:92:4b:f8:59:c0:0a:8d:
e0:16:6a:e4:57:05:43:ea:99:55:d0:ea:9d:46:42:a0:0d:6b:
98:d0:45:24:ed:f7:d2:96:d7:88:37:8e:78:73:8c:91:7c:19:
c3:f0:aa:15:d1:6f:9a:52:ca:f5:6b:26:6a:37:c0:ed:1b:41:
68:05:d8:e4:f3:9d:94:a8:17:5d:7c:83:53:f8:e0:9d:fd:06:
c5:8c:46:b8:72:0a:c6:9a:29:05:ae:f6:99:3a:e5:af:1f:83:
d5:2d:90:1f:e0:25:03:fd:83:f1:57:23:82:e6:8c:44:20:57:
0e:98:f0:52:92:62:fb:10:14:b9:53:e9:bc:ba:ce:8e:cd:15:
85:e5:59:ec:54:de:4e:99:94:cb:10:c3:4a:81:22:bf:30:44:
e7:05:73:b7:ea:0f:eb:ca:b3:bb:6f:75:06:90:33:19:a1:17:
1f:2d:84:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDmvIYqlMY7OcTpSy+ZY7dF/okYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgwOTM3MzlaFw0yNTA4MDcwOTQyMzlaMDMxMTAvBgNV
BAMTKEVBNjg0OUYxQjA2ODQ2QkY5QTAxMDQ0RTZFMDg3REFDQUNFMzkxODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDay+Q3P077OrDgjPATSq2ujxr7
XoUGjPnDEXr/PCVVujgzHlCNFz5KBBYU05obOlcEkM2oKGuxcT5As97NM3HBoec+
CskYfElrAxPXUmNCzTlxBVtxsyNz4Cxg5zuviunY8FGz2+pDmYNWMtGEpahl1sTL
YY3JlgY+N9BmT6KntfT2EynQg92XRxPVUSOv3og8veWF4OvarUte+1DFQfApbeuj
9AOQVfuXNVD2tZITv/9WyTG7jQd5nhs5QtLU+SgOu7lce5U0z3PXXHN+/lbP70Vt
xMABi4J1UsRdo7vyXmt+qJRhKf9dM3vuWrP4EMOfioagVhAgE0kORoH0LmbtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6mhJ8bBoRr+aAQRObgh9rKzjkYYwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMw
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
H9zQMA0GCSqGSIb3DQEBCwUAA4IBAQASqZErCSQRG4JXBIU8dbrV6HncQXJx6eqA
GLcHvvuF7eklO1oT1WFIKXmsrJ0NgsGIV0zw+XADFKZJa5BL299aPrpVMJLhnLV/
Hdlu555EC4Y9kJJL+FnACo3gFmrkVwVD6plV0OqdRkKgDWuY0EUk7ffSlteIN454
c4yRfBnD8KoV0W+aUsr1ayZqN8DtG0FoBdjk852UqBddfINT+OCd/QbFjEa4cgrG
mikFrvaZOuWvH4PVLZAf4CUD/YPxVyOC5oxEIFcOmPBSkmL7EBS5U+m8us6OzRWF
5VnsVN5OmZTLEMNKgSK/METnBXO36g/ryrO7b3UGkDMZoRcfLYSn
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org