Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233372e302f32342d3234203d3e203432363839.roa
File: 33312e3232302e3233372e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: ztKExkprT7JUO/4oOGa8INnF5FihLPFZoTYvCkrYY0g=
Subject key identifier: 06:08:1E:DE:8C:4A:F3:B6:8A:D5:AF:F7:37:3B:C5:AA:5C:88:27:3A
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4A5C3819E5DA86500FAAB08881336CE038798803
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233372e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:08:58 +0000
ROA not before: Thu 08 Aug 2024 10:03:58 +0000
ROA not after: Thu 07 Aug 2025 10:08:58 +0000
asID: 42689
IP address blocks: 31.220.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:5c:38:19:e5:da:86:50:0f:aa:b0:88:81:33:6c:e0:38:79:88:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:03:58 2024 GMT
Not After : Aug 7 10:08:58 2025 GMT
Subject: CN=06081EDE8C4AF3B68AD5AFF7373BC5AA5C88273A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:b2:a2:85:9f:e1:c0:0b:6f:43:56:2e:6a:
6f:02:56:93:45:92:00:95:91:9e:7e:3f:84:ea:9f:
e7:e2:c2:13:2e:e6:89:03:3d:82:73:70:ef:6b:9b:
7c:c0:dd:99:c2:bf:00:68:a2:3c:76:42:49:7f:38:
79:1e:79:fd:e4:42:c1:79:f5:6d:1c:ad:18:34:d5:
ef:94:13:31:91:4c:bc:11:24:05:bb:42:33:e0:33:
15:12:ab:57:11:e3:55:15:b0:d7:b3:45:20:02:0f:
b2:4f:fc:ff:b2:31:14:b1:86:2b:8e:18:d9:50:83:
ec:ea:e7:10:2f:d6:39:c0:67:15:da:e7:fa:e3:0b:
a5:bd:6f:02:03:48:85:ce:9b:a3:42:99:c7:ec:7b:
48:e8:dd:4c:1a:74:ce:f1:39:ef:ef:a2:7d:fe:de:
ac:02:a2:dd:7c:d3:42:98:ca:24:fc:71:b1:98:85:
d3:f7:15:5c:a8:35:be:2e:1d:dd:4d:ed:07:39:f7:
5e:fd:3c:3a:79:dc:3d:61:48:ae:3c:bc:46:e6:b9:
dc:84:14:8f:0c:a2:fb:8b:ff:11:b7:a2:ae:05:c5:
23:d4:9c:e9:88:f4:00:af:9e:70:6a:f3:ed:bf:8b:
07:9f:c7:30:1d:48:f2:16:18:9a:fe:f1:05:46:07:
59:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:1E:DE:8C:4A:F3:B6:8A:D5:AF:F7:37:3B:C5:AA:5C:88:27:3A
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233372e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.237.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:78:3f:fc:6e:f7:1c:99:e4:bb:0c:0d:cf:a5:f7:5b:b7:a7:
6c:fd:5c:d2:85:26:4c:c7:22:61:44:71:1c:ac:53:04:a1:e5:
51:87:49:a0:f2:a7:7e:0e:e0:fc:7c:9a:03:91:ce:c3:e7:2f:
3f:97:02:0c:31:bd:76:49:61:c4:dd:cb:54:02:4a:55:b8:d1:
4e:ed:12:fc:8b:2d:6e:04:b7:b3:10:b1:43:36:b4:aa:59:4e:
94:bd:c7:34:60:7b:63:7f:f5:b3:39:e8:cf:e4:6f:6c:6d:91:
50:9a:67:6f:2e:70:26:e3:9b:12:7d:ee:19:db:70:79:09:2d:
fd:5c:3c:7a:fe:2c:97:cb:f6:5a:67:fb:47:d1:4e:84:6b:d9:
5b:52:bf:2a:f1:cf:90:92:11:eb:b7:04:32:d0:76:6e:1a:80:
bf:ea:14:58:d3:24:16:5d:f0:e5:f7:82:0e:32:e8:ea:2d:d5:
81:1a:65:98:e8:bd:ac:ed:5e:a1:e3:18:72:94:c8:7f:0e:84:
1d:a9:b2:cd:67:38:ad:37:cd:6f:08:13:be:12:27:b5:5d:57:
a3:ad:99:47:92:0c:0b:82:4a:b2:cc:79:39:0d:0b:00:06:9d:
4e:7d:4a:bd:c0:f0:71:de:87:51:d6:c7:cc:43:eb:f5:78:90:
bf:99:01:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSlw4GeXahlAPqrCIgTNs4Dh5iAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDAzNThaFw0yNTA4MDcxMDA4NThaMDMxMTAvBgNV
BAMTKDA2MDgxRURFOEM0QUYzQjY4QUQ1QUZGNzM3M0JDNUFBNUM4ODI3M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6F7KihZ/hwAtvQ1Yuam8CVpNF
kgCVkZ5+P4Tqn+fiwhMu5okDPYJzcO9rm3zA3ZnCvwBoojx2Qkl/OHkeef3kQsF5
9W0crRg01e+UEzGRTLwRJAW7QjPgMxUSq1cR41UVsNezRSACD7JP/P+yMRSxhiuO
GNlQg+zq5xAv1jnAZxXa5/rjC6W9bwIDSIXOm6NCmcfse0jo3UwadM7xOe/von3+
3qwCot1800KYyiT8cbGYhdP3FVyoNb4uHd1N7Qc59179PDp53D1hSK48vEbmudyE
FI8MovuL/xG3oq4FxSPUnOmI9ACvnnBq8+2/iwefxzAdSPIWGJr+8QVGB1lzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBgge3oxK87aK1a/3NzvFqlyIJzowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9ztMA0GCSqGSIb3DQEBCwUAA4IBAQCPeD/8bvccmeS7DA3Ppfdbt6ds/VzShSZM
xyJhRHEcrFMEoeVRh0mg8qd+DuD8fJoDkc7D5y8/lwIMMb12SWHE3ctUAkpVuNFO
7RL8iy1uBLezELFDNrSqWU6Uvcc0YHtjf/WzOejP5G9sbZFQmmdvLnAm45sSfe4Z
23B5CS39XDx6/iyXy/ZaZ/tH0U6Ea9lbUr8q8c+QkhHrtwQy0HZuGoC/6hRY0yQW
XfDl94IOMujqLdWBGmWY6L2s7V6h4xhylMh/DoQdqbLNZzitN81vCBO+Eie1XVej
rZlHkgwLgkqyzHk5DQsABp1OfUq9wPBx3odR1sfMQ+v1eJC/mQHH
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org