Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233342e302f32342d3234203d3e203432363839.roa
File: 33312e3232302e3233342e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: P0bK5Gnrc5lVJ+g4MvHzSaUQxBP7q5ixq6r05pTPHfw=
Subject key identifier: 06:B2:51:B0:42:8C:AA:C9:3D:5A:90:C2:A9:13:93:6A:FD:1B:D7:E2
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 1B6C6036F46B7C934791B4017604064EABB86B73
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233342e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:08:32 +0000
ROA not before: Thu 08 Aug 2024 10:03:32 +0000
ROA not after: Thu 07 Aug 2025 10:08:32 +0000
asID: 42689
IP address blocks: 31.220.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:6c:60:36:f4:6b:7c:93:47:91:b4:01:76:04:06:4e:ab:b8:6b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:03:32 2024 GMT
Not After : Aug 7 10:08:32 2025 GMT
Subject: CN=06B251B0428CAAC93D5A90C2A913936AFD1BD7E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:13:b0:0f:88:2f:86:12:23:db:17:d4:2b:cc:
fc:ec:5b:59:e4:94:cc:2d:d9:75:e3:1f:79:56:64:
c8:f2:0f:66:ae:a0:4c:42:ac:71:6b:13:93:c4:ce:
4c:50:c8:8c:b6:bd:03:66:5c:29:7a:2d:1b:1d:81:
8f:b3:ff:bf:a8:93:67:fe:ce:a9:96:5b:1a:ca:d6:
84:5b:9f:66:3c:20:67:66:16:28:23:ff:2f:87:06:
8e:fa:90:b8:6f:db:27:8a:84:84:db:39:8c:34:db:
28:8c:6b:93:21:13:7e:33:3c:87:e3:32:b4:d3:c5:
cf:d2:fd:be:d2:d2:ea:af:68:33:7a:4f:61:e2:a7:
fe:38:1d:7d:e9:48:17:d6:b7:ea:68:06:a2:13:7e:
8b:3b:01:73:18:3c:7b:73:8d:3a:e1:04:2d:89:8e:
1b:4a:52:34:94:13:7c:70:0e:5e:e3:f9:28:92:9e:
6e:bb:e9:6f:09:59:d9:30:27:6b:ab:c0:83:1f:98:
3b:1b:99:aa:41:47:79:1e:56:ec:08:fb:b2:6a:11:
48:b6:ec:6a:ca:99:80:b8:d1:e5:46:05:bd:c3:dd:
22:a4:97:5f:c0:9a:3c:be:8b:33:89:3a:1e:47:12:
a3:d5:31:a5:d8:fd:18:a3:05:dd:d9:1c:70:7f:cb:
97:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B2:51:B0:42:8C:AA:C9:3D:5A:90:C2:A9:13:93:6A:FD:1B:D7:E2
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233342e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.234.0/24
Signature Algorithm: sha256WithRSAEncryption
96:1d:9a:de:9d:4d:b8:4c:12:ab:92:db:78:04:7a:0e:7b:39:
31:76:bd:b9:fc:df:4c:ac:28:63:cf:dd:19:ea:7d:4a:b9:9b:
21:61:8c:f7:51:9c:99:b8:5b:5b:67:46:fc:90:f0:e3:9d:dc:
b1:9a:34:eb:dc:14:fa:e3:47:1a:50:97:57:76:2c:c3:52:83:
69:1d:fe:ab:93:e3:36:b6:bc:0b:0f:85:ec:37:2c:f9:57:43:
82:63:cc:a9:37:7b:f7:07:04:20:cc:86:e5:6d:1e:7d:7e:b5:
fc:aa:b9:e6:fd:6b:66:06:4f:73:b8:a1:af:10:56:73:9f:6e:
67:66:d9:7c:39:36:d6:c2:31:2d:6f:40:16:87:b6:ba:4a:60:
39:e0:08:00:c0:3a:b4:9d:b9:40:34:24:f7:f1:0c:20:df:5d:
a5:73:e1:1e:c0:5a:4f:17:10:18:df:60:cf:0e:a4:e8:86:50:
d1:ae:b0:8f:86:0f:4d:1a:e5:f3:9b:aa:2f:53:67:67:de:58:
89:68:5b:23:77:5b:28:ff:3b:74:0b:b3:78:22:5f:9a:eb:8d:
ee:ef:89:91:99:15:d6:15:0d:9c:bc:97:ed:16:38:69:2e:f1:
88:da:f3:51:3b:5b:d0:0f:13:b4:c8:78:3e:aa:4c:40:05:19:
28:a0:28:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG2xgNvRrfJNHkbQBdgQGTqu4a3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDAzMzJaFw0yNTA4MDcxMDA4MzJaMDMxMTAvBgNV
BAMTKDA2QjI1MUIwNDI4Q0FBQzkzRDVBOTBDMkE5MTM5MzZBRkQxQkQ3RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClE7APiC+GEiPbF9QrzPzsW1nk
lMwt2XXjH3lWZMjyD2auoExCrHFrE5PEzkxQyIy2vQNmXCl6LRsdgY+z/7+ok2f+
zqmWWxrK1oRbn2Y8IGdmFigj/y+HBo76kLhv2yeKhITbOYw02yiMa5MhE34zPIfj
MrTTxc/S/b7S0uqvaDN6T2Hip/44HX3pSBfWt+poBqITfos7AXMYPHtzjTrhBC2J
jhtKUjSUE3xwDl7j+SiSnm676W8JWdkwJ2urwIMfmDsbmapBR3keVuwI+7JqEUi2
7GrKmYC40eVGBb3D3SKkl1/Amjy+izOJOh5HEqPVMaXY/RijBd3ZHHB/y5c7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBrJRsEKMqsk9WpDCqROTav0b1+IwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9zqMA0GCSqGSIb3DQEBCwUAA4IBAQCWHZrenU24TBKrktt4BHoOezkxdr25/N9M
rChjz90Z6n1KuZshYYz3UZyZuFtbZ0b8kPDjndyxmjTr3BT640caUJdXdizDUoNp
Hf6rk+M2trwLD4XsNyz5V0OCY8ypN3v3BwQgzIblbR59frX8qrnm/WtmBk9zuKGv
EFZzn25nZtl8OTbWwjEtb0AWh7a6SmA54AgAwDq0nblANCT38Qwg312lc+EewFpP
FxAY32DPDqTohlDRrrCPhg9NGuXzm6ovU2dn3liJaFsjd1so/zt0C7N4Il+a643u
74mRmRXWFQ2cvJftFjhpLvGI2vNRO1vQDxO0yHg+qkxABRkooCjr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org