Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3232382e302f32322d3232203d3e203432363839.roa
File: 33312e3232302e3232382e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: 05/NgLoX2F4BMMjBEWKKOVS9AOTugKGY4bBXYymc7Hw=
Subject key identifier: 06:C7:0B:0A:F0:6F:88:95:4F:95:45:D3:DE:BC:86:0B:2C:52:E0:F1
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 3C4C0E6E5FF2CCD59BCA42EF1D0F82612A4256B4
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3232382e302f32322d3232203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 09:43:01 +0000
ROA not before: Thu 08 Aug 2024 09:38:01 +0000
ROA not after: Thu 07 Aug 2025 09:43:01 +0000
asID: 42689
IP address blocks: 31.220.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4c:0e:6e:5f:f2:cc:d5:9b:ca:42:ef:1d:0f:82:61:2a:42:56:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 09:38:01 2024 GMT
Not After : Aug 7 09:43:01 2025 GMT
Subject: CN=06C70B0AF06F88954F9545D3DEBC860B2C52E0F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:f1:a4:50:5a:87:59:c0:00:54:6a:73:09:
66:ef:38:aa:03:47:40:41:60:86:f0:42:1d:4e:99:
52:1e:f9:a5:29:ff:0a:3a:42:e7:f5:5f:fd:7d:07:
04:89:d3:2b:df:1c:6f:54:b6:de:c5:89:01:0c:5e:
a5:f4:b5:52:30:e9:77:ad:6b:60:26:bb:44:5f:3a:
a4:5d:72:91:2f:ac:31:3b:53:8a:7c:e6:13:42:37:
70:39:a0:26:12:e8:61:4c:f6:22:63:e1:85:96:82:
aa:f3:0d:59:f2:ef:50:bd:9d:24:31:eb:eb:2f:cc:
be:5c:db:5b:f9:d1:ef:1e:05:a3:a6:6e:f3:eb:58:
c2:44:bb:6a:bc:e6:a1:e9:20:2c:66:a0:37:0e:5b:
12:af:c8:57:e5:b2:2b:a1:b7:b7:59:e7:32:7d:62:
ec:b2:4d:36:e2:db:01:d4:e7:be:d4:50:19:e9:78:
4f:4c:8c:4a:97:fe:8b:72:91:d1:c1:1d:a8:18:c0:
83:94:14:12:e3:47:17:24:39:fb:19:3d:29:f9:4e:
65:2a:14:c8:fd:01:e9:a2:84:0d:bb:c8:02:8b:32:
db:ea:c3:9d:ff:d0:d4:c5:b5:c6:0c:14:56:36:6c:
c5:38:e2:35:bd:ec:7b:b7:46:f7:72:ca:ee:a1:6e:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C7:0B:0A:F0:6F:88:95:4F:95:45:D3:DE:BC:86:0B:2C:52:E0:F1
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3232382e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:2b:bb:f0:9a:a1:5e:9d:5a:97:43:bf:7c:b6:75:dc:2d:3e:
05:a9:24:f1:c1:0d:54:4e:35:e6:1c:e3:cb:a9:5b:03:68:77:
96:37:40:e4:8e:0e:e9:5c:51:c7:d5:3f:bc:aa:f3:7b:97:0f:
6e:98:7b:ff:e2:33:d8:57:c6:d8:32:70:02:10:87:28:23:c1:
78:d6:6b:85:87:bd:bd:c3:f5:69:a6:cb:c1:e8:b8:85:c2:ef:
7e:44:cf:f4:d2:e9:a5:92:4c:2a:73:75:3c:73:a4:b9:b2:3a:
34:62:2d:66:8f:d9:61:07:67:27:33:43:f1:0a:e7:71:4e:60:
6a:73:cf:2d:c1:e8:7c:b8:f7:fe:13:5a:ce:65:a4:f9:7b:2b:
49:77:e4:11:d0:5f:10:27:3e:ff:8c:b1:e4:f0:70:37:cb:18:
51:34:03:e6:3a:a0:19:b5:99:1b:ab:3a:29:38:c9:3a:8e:19:
58:4e:98:e2:20:70:da:a2:45:b6:3f:77:43:21:18:cb:1f:1b:
67:d1:28:5c:64:f7:7d:c5:5b:43:9c:74:b2:6f:5c:bc:21:07:
1a:4f:6e:a4:f8:c5:54:52:c5:70:0c:f8:10:95:e8:d0:34:d5:
fb:4b:09:70:ab:3b:68:c8:f6:c5:06:34:20:3f:7d:48:1b:fa:
31:79:b5:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPEwObl/yzNWbykLvHQ+CYSpCVrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgwOTM4MDFaFw0yNTA4MDcwOTQzMDFaMDMxMTAvBgNV
BAMTKDA2QzcwQjBBRjA2Rjg4OTU0Rjk1NDVEM0RFQkM4NjBCMkM1MkUwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2vPGkUFqHWcAAVGpzCWbvOKoD
R0BBYIbwQh1OmVIe+aUp/wo6Quf1X/19BwSJ0yvfHG9Utt7FiQEMXqX0tVIw6Xet
a2Amu0RfOqRdcpEvrDE7U4p85hNCN3A5oCYS6GFM9iJj4YWWgqrzDVny71C9nSQx
6+svzL5c21v50e8eBaOmbvPrWMJEu2q85qHpICxmoDcOWxKvyFflsiuht7dZ5zJ9
YuyyTTbi2wHU577UUBnpeE9MjEqX/otykdHBHagYwIOUFBLjRxckOfsZPSn5TmUq
FMj9AemihA27yAKLMtvqw53/0NTFtcYMFFY2bMU44jW97Hu3Rvdyyu6hbsDHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBscLCvBviJVPlUXT3ryGCyxS4PEwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMy
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
H9zkMA0GCSqGSIb3DQEBCwUAA4IBAQCOK7vwmqFenVqXQ798tnXcLT4FqSTxwQ1U
TjXmHOPLqVsDaHeWN0Dkjg7pXFHH1T+8qvN7lw9umHv/4jPYV8bYMnACEIcoI8F4
1muFh729w/VppsvB6LiFwu9+RM/00umlkkwqc3U8c6S5sjo0Yi1mj9lhB2cnM0Px
CudxTmBqc88tweh8uPf+E1rOZaT5eytJd+QR0F8QJz7/jLHk8HA3yxhRNAPmOqAZ
tZkbqzopOMk6jhlYTpjiIHDaokW2P3dDIRjLHxtn0ShcZPd9xVtDnHSyb1y8IQca
T26k+MVUUsVwDPgQlejQNNX7SwlwqztoyPbFBjQgP31IG/oxebVr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org