Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234302e302f32322d3232203d3e203432363839.roa
File: 33312e3232302e3234302e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: cOnkI3S0DFXuafuu6pAUTt9737nHgnwY1QdkzESx7r4=
Subject key identifier: EF:FF:35:99:9B:C4:14:FF:37:72:98:DD:74:D2:32:71:F7:62:44:96
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 4EFCC97DE2D442DAFDEA27A2E675B59EF1B862B7
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234302e302f32322d3232203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:10:21 +0000
ROA not before: Thu 08 Aug 2024 10:05:21 +0000
ROA not after: Thu 07 Aug 2025 10:10:21 +0000
asID: 42689
IP address blocks: 31.220.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:fc:c9:7d:e2:d4:42:da:fd:ea:27:a2:e6:75:b5:9e:f1:b8:62:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:05:21 2024 GMT
Not After : Aug 7 10:10:21 2025 GMT
Subject: CN=EFFF35999BC414FF377298DD74D23271F7624496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:26:46:16:05:4a:ac:10:16:f0:47:0b:fd:40:
c5:44:38:b8:07:e1:1d:af:71:48:03:70:0a:ad:cc:
87:5d:45:ed:4e:d6:5a:22:6f:a1:a7:5f:af:1e:b1:
75:9e:37:d3:af:7e:e6:99:f5:1e:30:ef:a9:1a:b5:
66:a5:74:bc:40:37:e8:06:42:78:54:09:30:99:19:
cb:fe:23:9a:bc:97:7b:65:21:1e:f9:82:d4:1f:f8:
6c:ed:76:bc:91:43:92:5f:26:4b:b3:5b:b9:61:dd:
83:49:24:c3:57:0d:33:e0:19:4d:8f:63:35:41:0d:
b9:82:ec:37:f6:cd:32:2d:74:7e:50:83:e6:3e:70:
53:cd:5d:0f:fb:18:94:20:c1:2c:38:ba:17:77:5e:
80:eb:9f:6c:f3:41:9e:2e:99:0d:d3:8e:63:85:56:
11:06:dc:c8:fe:b5:02:4a:e8:57:5e:32:8b:72:2b:
fb:c3:ef:11:e4:4b:8c:6a:3c:91:8c:93:74:a0:48:
a5:82:d1:a5:b3:79:76:18:9f:8a:5b:6d:90:96:dc:
bb:d0:25:8c:97:57:fa:77:b7:4d:c5:30:09:45:d9:
b7:16:04:1d:7c:4d:5a:5f:94:bf:64:e2:dd:b5:5b:
9d:ab:54:2b:6e:85:9e:91:2a:71:5f:06:02:94:5b:
39:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FF:35:99:9B:C4:14:FF:37:72:98:DD:74:D2:32:71:F7:62:44:96
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234302e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.240.0/22
Signature Algorithm: sha256WithRSAEncryption
41:af:1e:58:8d:12:b7:c0:56:c6:12:37:b3:1e:6b:fa:91:ba:
f4:e9:d5:08:fe:f0:be:74:14:4b:dc:0f:41:c6:7c:06:2e:35:
5c:b8:7c:0c:84:99:a8:6e:77:cd:81:ce:b4:4a:c7:40:3b:fa:
bb:11:39:b0:43:68:ab:b0:80:6b:c2:df:8e:a4:e7:1b:e5:28:
66:3a:f7:21:3d:67:3f:91:12:fb:10:89:da:d0:66:0c:1d:7b:
b2:da:93:40:60:6e:02:48:60:9c:29:30:40:2b:d8:30:52:c0:
9a:89:2f:ef:9c:e8:7b:19:aa:e2:48:25:e3:7f:9a:19:5c:f3:
f7:ee:5f:37:f9:55:38:69:fb:29:0b:5f:e3:25:f7:7d:c7:2d:
c0:f2:0a:0b:1e:70:e2:6e:89:ff:b8:c3:0b:e0:bb:64:2b:5b:
97:45:1b:b2:e0:7c:65:f3:68:d2:f1:cd:d9:75:fd:d5:d3:bd:
bd:1c:b5:61:81:ad:04:01:e8:ef:c3:07:0c:d2:6f:50:05:3e:
f4:2e:bf:5f:fd:a6:6b:ea:7b:2f:60:96:3c:f8:a3:68:6e:51:
1a:aa:0f:ad:ff:16:c1:89:85:a1:5b:af:ec:ef:9d:80:c9:26:
a0:ab:6e:69:74:c1:64:de:83:13:d8:64:d0:a3:1d:fe:bc:e6:
f6:8e:c0:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTvzJfeLUQtr96iei5nW1nvG4YrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDA1MjFaFw0yNTA4MDcxMDEwMjFaMDMxMTAvBgNV
BAMTKEVGRkYzNTk5OUJDNDE0RkYzNzcyOThERDc0RDIzMjcxRjc2MjQ0OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCJkYWBUqsEBbwRwv9QMVEOLgH
4R2vcUgDcAqtzIddRe1O1loib6GnX68esXWeN9OvfuaZ9R4w76katWaldLxAN+gG
QnhUCTCZGcv+I5q8l3tlIR75gtQf+GztdryRQ5JfJkuzW7lh3YNJJMNXDTPgGU2P
YzVBDbmC7Df2zTItdH5Qg+Y+cFPNXQ/7GJQgwSw4uhd3XoDrn2zzQZ4umQ3TjmOF
VhEG3Mj+tQJK6FdeMotyK/vD7xHkS4xqPJGMk3SgSKWC0aWzeXYYn4pbbZCW3LvQ
JYyXV/p3t03FMAlF2bcWBB18TVpflL9k4t21W52rVCtuhZ6RKnFfBgKUWznfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7/81mZvEFP83cpjddNIycfdiRJYwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjM0
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
H9zwMA0GCSqGSIb3DQEBCwUAA4IBAQBBrx5YjRK3wFbGEjezHmv6kbr06dUI/vC+
dBRL3A9BxnwGLjVcuHwMhJmobnfNgc60SsdAO/q7ETmwQ2irsIBrwt+OpOcb5Shm
OvchPWc/kRL7EIna0GYMHXuy2pNAYG4CSGCcKTBAK9gwUsCaiS/vnOh7GariSCXj
f5oZXPP37l83+VU4afspC1/jJfd9xy3A8goLHnDibon/uMML4LtkK1uXRRuy4Hxl
82jS8c3Zdf3V0729HLVhga0EAejvwwcM0m9QBT70Lr9f/aZr6nsvYJY8+KNoblEa
qg+t/xbBiYWhW6/s752AySagq25pdMFk3oMT2GTQox3+vOb2jsDc
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:14:51 2024 by rpki-client on console-fra.rpki-client.org