Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233322e302f32332d3233203d3e203432363839.roa
File: 33312e3232302e3233322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: deFnVfsdAjpONqX+t5VdNkh5ERMlGVKZVDmFPgR5ufo=
Subject key identifier: 80:F3:69:C4:67:DD:31:CF:37:72:74:23:30:A0:39:C3:55:63:92:03
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 1D90E64756143AA91E81125C559909F518998BA2
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233322e302f32332d3233203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 09:44:08 +0000
ROA not before: Thu 08 Aug 2024 09:39:08 +0000
ROA not after: Thu 07 Aug 2025 09:44:08 +0000
asID: 42689
IP address blocks: 31.220.232.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:90:e6:47:56:14:3a:a9:1e:81:12:5c:55:99:09:f5:18:99:8b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 09:39:08 2024 GMT
Not After : Aug 7 09:44:08 2025 GMT
Subject: CN=80F369C467DD31CF3772742330A039C355639203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:10:a7:8b:a6:79:15:34:d5:f8:f5:15:8e:bc:
36:a5:25:95:fd:05:27:9a:05:e5:f0:ea:4c:11:7a:
fe:8b:34:b7:5b:e8:81:ae:66:79:a4:62:e5:69:4f:
c0:34:4b:cf:d6:7d:90:55:00:3e:17:5e:2f:a5:40:
ec:ea:4b:7e:d6:6b:d4:03:87:0a:79:b0:8a:f1:b3:
84:55:b5:5f:cd:fb:7b:c2:b3:4d:58:f2:1f:7d:07:
4f:b2:f1:c7:f6:e7:78:ac:1e:c3:f0:e0:56:25:57:
62:35:1d:e5:af:21:20:a4:dd:5e:b0:47:d4:56:4e:
9b:a6:f5:57:8f:66:a8:21:e7:69:cf:85:5e:41:49:
e3:ee:a8:8a:00:5f:6a:7f:2d:7c:42:07:c5:25:37:
40:64:a0:e8:44:d1:c5:2b:04:2b:af:99:e2:07:9a:
75:b6:f3:dc:64:67:95:d3:79:08:76:ab:0a:e2:60:
cf:97:14:89:e7:88:6d:bb:1d:62:cc:ad:3f:d2:9e:
c6:ed:ca:87:72:fc:4b:4a:91:33:ed:b8:05:a0:a3:
41:5b:fb:8a:43:44:e6:da:ce:4e:b6:da:fd:ba:81:
72:22:74:bf:1b:28:df:3d:bc:61:d7:88:9f:0b:93:
03:c5:11:c7:15:fe:46:3b:9c:6d:74:a2:46:19:76:
3a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F3:69:C4:67:DD:31:CF:37:72:74:23:30:A0:39:C3:55:63:92:03
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.232.0/23
Signature Algorithm: sha256WithRSAEncryption
68:81:aa:8a:81:47:d3:1f:97:a6:32:cc:29:a5:40:4b:9e:e9:
ad:4f:b5:84:c7:f0:23:6e:9b:48:9d:2d:a5:35:16:03:f3:7e:
6c:9b:39:0f:80:1d:de:e9:b2:ec:ab:cb:a9:00:36:6d:aa:47:
07:9f:a9:cb:2e:bd:51:c8:0f:dc:10:c1:c0:d8:56:2f:e0:da:
c0:73:f3:56:ef:17:ec:2f:50:7a:e1:ab:d0:0e:ac:6d:12:36:
22:cf:d1:ef:ef:c8:3d:39:21:5c:cb:39:f5:6a:fe:0d:f9:f2:
2c:74:d8:c5:4c:b3:5c:35:ba:e3:cf:19:fb:55:e7:75:f2:91:
b4:da:3c:f1:0b:99:e1:19:14:24:7f:ca:d7:6b:de:af:8a:3a:
1c:cc:19:ba:3e:63:09:89:75:df:52:98:af:6c:1c:32:ee:17:
b2:6f:08:11:32:50:a7:3e:db:25:8b:00:31:d4:82:c5:e8:3a:
ad:5f:b5:c9:9e:38:d9:31:f0:2b:a4:e9:4b:b2:4b:7e:50:37:
c6:bd:7f:3c:99:3b:1a:b9:d7:14:1f:e2:46:7d:5d:69:d6:15:
a5:6a:0c:08:bd:6c:00:2b:69:a6:0a:1e:cf:9c:7a:51:f8:52:
a3:c8:c3:d3:17:3d:11:af:78:f8:90:d5:50:dd:3d:41:b1:d7:
b8:2b:30:03
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHZDmR1YUOqkegRJcVZkJ9RiZi6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgwOTM5MDhaFw0yNTA4MDcwOTQ0MDhaMDMxMTAvBgNV
BAMTKDgwRjM2OUM0NjdERDMxQ0YzNzcyNzQyMzMwQTAzOUMzNTU2MzkyMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbEKeLpnkVNNX49RWOvDalJZX9
BSeaBeXw6kwRev6LNLdb6IGuZnmkYuVpT8A0S8/WfZBVAD4XXi+lQOzqS37Wa9QD
hwp5sIrxs4RVtV/N+3vCs01Y8h99B0+y8cf253isHsPw4FYlV2I1HeWvISCk3V6w
R9RWTpum9VePZqgh52nPhV5BSePuqIoAX2p/LXxCB8UlN0BkoOhE0cUrBCuvmeIH
mnW289xkZ5XTeQh2qwriYM+XFInniG27HWLMrT/Snsbtyody/EtKkTPtuAWgo0Fb
+4pDRObazk622v26gXIidL8bKN89vGHXiJ8LkwPFEccV/kY7nG10okYZdjqhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgPNpxGfdMc83cnQjMKA5w1VjkgMwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMz
MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H9zoMA0GCSqGSIb3DQEBCwUAA4IBAQBogaqKgUfTH5emMswppUBLnumtT7WEx/Aj
bptInS2lNRYD835smzkPgB3e6bLsq8upADZtqkcHn6nLLr1RyA/cEMHA2FYv4NrA
c/NW7xfsL1B64avQDqxtEjYiz9Hv78g9OSFcyzn1av4N+fIsdNjFTLNcNbrjzxn7
Ved18pG02jzxC5nhGRQkf8rXa96vijoczBm6PmMJiXXfUpivbBwy7heybwgRMlCn
PtsliwAx1ILF6DqtX7XJnjjZMfArpOlLskt+UDfGvX88mTsaudcUH+JGfV1p1hWl
agwIvWwAK2mmCh7PnHpR+FKjyMPTFz0Rr3j4kNVQ3T1Bsde4KzAD
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org