Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234342e302f32342d3234203d3e203432363839.roa
File: 33312e3232302e3234342e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: NlCKqfGAYDhcWlBWNJMS7R7D3uRLjPG1ssfXyOJ+r6E=
Subject key identifier: 3A:B4:8E:8C:2A:36:30:7E:99:5B:6D:B3:51:66:01:03:96:7C:09:6D
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 76A0847C89BEC8C7C25BC941A973DDB8F22010CE
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234342e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:10:49 +0000
ROA not before: Thu 08 Aug 2024 10:05:49 +0000
ROA not after: Thu 07 Aug 2025 10:10:49 +0000
asID: 42689
IP address blocks: 31.220.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:a0:84:7c:89:be:c8:c7:c2:5b:c9:41:a9:73:dd:b8:f2:20:10:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:05:49 2024 GMT
Not After : Aug 7 10:10:49 2025 GMT
Subject: CN=3AB48E8C2A36307E995B6DB351660103967C096D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:24:23:04:17:f1:df:c0:d2:c6:c0:2f:e8:
45:b4:1d:35:cb:f8:73:20:33:b9:a0:07:35:65:1a:
f9:77:93:1f:0e:9c:e5:a0:c1:7c:bd:81:d5:ef:a3:
43:52:52:26:5d:1d:53:47:fa:8b:31:1d:5b:c5:1e:
ef:e6:17:aa:3b:be:d0:17:c7:eb:51:6e:27:6b:9c:
d6:86:9b:01:97:4d:ee:94:29:ff:5c:84:fe:87:ba:
89:c2:97:34:e0:bf:42:fc:72:97:81:0d:2e:1d:b9:
50:ad:b3:74:f6:c7:e2:84:61:d0:5f:5b:09:55:f0:
a8:02:a3:f3:db:13:a6:39:33:64:d9:1e:5e:78:48:
a5:7f:02:94:cc:13:06:f8:3c:89:4e:ba:0d:4e:4d:
aa:c6:21:9c:c2:1f:c9:28:fe:74:6f:75:e4:01:71:
72:92:85:93:37:7a:b4:d4:c6:39:bf:7f:a3:ad:7d:
0a:c6:bb:5a:f1:93:08:5b:7f:47:24:5a:bb:dd:66:
83:cc:2b:a7:27:d2:88:e1:44:e6:eb:77:88:5d:46:
4d:54:97:74:96:84:55:a9:af:32:dd:6e:90:cd:2f:
79:5c:e8:1e:e0:ca:52:1e:59:86:d8:88:66:54:bf:
f3:b5:f9:16:e8:d5:93:3a:60:c8:5e:2f:05:c0:e6:
1e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B4:8E:8C:2A:36:30:7E:99:5B:6D:B3:51:66:01:03:96:7C:09:6D
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3234342e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.244.0/24
Signature Algorithm: sha256WithRSAEncryption
41:31:ba:4d:96:32:ef:b3:cd:a7:05:91:97:a1:57:ae:22:0f:
74:ae:db:b5:5c:66:a3:5c:10:be:5a:dc:2d:06:09:29:d9:02:
67:78:d1:60:37:5d:a4:ed:72:fe:57:c7:c3:d3:a8:c6:24:0f:
ec:51:81:88:a8:91:fa:3c:2c:94:01:93:32:29:42:8a:1b:7d:
86:b1:7b:6a:c3:11:fd:3e:15:09:89:6e:de:f7:1b:f0:b4:d6:
91:95:54:20:65:3e:d8:3f:b7:36:36:11:05:8c:55:31:7c:59:
b9:72:03:24:ad:54:eb:03:cb:a6:81:db:8f:1d:86:2c:fc:a1:
20:e2:67:62:b3:a8:2b:d7:ab:a8:44:5c:98:c6:f3:23:56:ba:
0d:5e:a2:b4:19:ae:0d:44:68:94:b9:c0:59:2a:a1:9d:c7:bd:
55:8b:d2:c9:7a:06:e1:83:5d:79:38:a5:2b:4f:40:89:91:23:
3d:7d:14:8d:7e:f0:31:ea:0e:1f:c6:1d:cb:59:38:e9:3e:64:
e8:7a:60:ca:66:83:08:78:3b:d9:14:de:16:9b:47:2a:fc:10:
50:2f:47:ce:6a:23:e7:d3:ee:b5:ee:b9:cf:fe:f3:18:d6:d8:
0f:d0:ce:ba:13:cf:9e:52:9b:54:92:07:43:12:6e:f5:01:02:
8f:e9:e8:30
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdqCEfIm+yMfCW8lBqXPduPIgEM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDA1NDlaFw0yNTA4MDcxMDEwNDlaMDMxMTAvBgNV
BAMTKDNBQjQ4RThDMkEzNjMwN0U5OTVCNkRCMzUxNjYwMTAzOTY3QzA5NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yyQjBBfx38DSxsAv6EW0HTXL
+HMgM7mgBzVlGvl3kx8OnOWgwXy9gdXvo0NSUiZdHVNH+osxHVvFHu/mF6o7vtAX
x+tRbidrnNaGmwGXTe6UKf9chP6HuonClzTgv0L8cpeBDS4duVCts3T2x+KEYdBf
WwlV8KgCo/PbE6Y5M2TZHl54SKV/ApTMEwb4PIlOug1OTarGIZzCH8ko/nRvdeQB
cXKShZM3erTUxjm/f6OtfQrGu1rxkwhbf0ckWrvdZoPMK6cn0ojhRObrd4hdRk1U
l3SWhFWprzLdbpDNL3lc6B7gylIeWYbYiGZUv/O1+Rbo1ZM6YMheLwXA5h7nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOrSOjCo2MH6ZW22zUWYBA5Z8CW0wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9z0MA0GCSqGSIb3DQEBCwUAA4IBAQBBMbpNljLvs82nBZGXoVeuIg90rtu1XGaj
XBC+WtwtBgkp2QJneNFgN12k7XL+V8fD06jGJA/sUYGIqJH6PCyUAZMyKUKKG32G
sXtqwxH9PhUJiW7e9xvwtNaRlVQgZT7YP7c2NhEFjFUxfFm5cgMkrVTrA8umgduP
HYYs/KEg4mdis6gr16uoRFyYxvMjVroNXqK0Ga4NRGiUucBZKqGdx71Vi9LJegbh
g115OKUrT0CJkSM9fRSNfvAx6g4fxh3LWTjpPmToemDKZoMIeDvZFN4Wm0cq/BBQ
L0fOaiPn0+617rnP/vMY1tgP0M66E8+eUptUkgdDEm71AQKP6egw
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org