Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235342e302f32332d3233203d3e203432363839.roa
File: 33312e3232302e3235342e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: 5B60fDWIitZxNkHXtXMa5BEmB2y5l1/BH6cj8v4vE28=
Subject key identifier: D5:3E:24:DD:40:C6:8C:B3:74:2B:C7:C7:0E:33:49:1B:B0:23:5C:6A
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7DD5383CC5760599A273857664D674EA60068DB8
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235342e302f32332d3233203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:15:16 +0000
ROA not before: Thu 08 Aug 2024 10:10:16 +0000
ROA not after: Thu 07 Aug 2025 10:15:16 +0000
asID: 42689
IP address blocks: 31.220.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d5:38:3c:c5:76:05:99:a2:73:85:76:64:d6:74:ea:60:06:8d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:10:16 2024 GMT
Not After : Aug 7 10:15:16 2025 GMT
Subject: CN=D53E24DD40C68CB3742BC7C70E33491BB0235C6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:02:b0:77:6f:07:58:45:5c:e5:3d:7c:54:6b:
9e:4e:71:97:67:6c:16:a1:d0:53:d4:79:66:cf:43:
06:4d:01:91:1f:1f:e9:c0:a5:6f:60:30:94:31:9d:
98:4c:c1:54:86:a9:c7:b6:a0:ef:4b:42:15:e1:65:
ee:41:33:31:91:c7:fb:5b:f8:c5:a5:99:8a:02:d7:
e4:d4:f0:b0:f2:d0:8c:a7:d0:9c:0a:ee:92:fe:7a:
6f:e1:f0:f3:08:42:3d:35:a4:97:88:2e:fc:b0:3c:
23:57:cb:70:68:8b:3d:c6:63:78:01:44:74:4b:2f:
cc:35:8a:eb:ad:0b:cd:81:02:21:5c:1a:d6:19:28:
92:c0:6b:b5:f6:25:00:ba:d8:96:5c:cb:88:ff:9e:
f6:3f:9d:00:1a:36:ab:47:a7:8e:54:98:df:8a:cd:
f3:ca:50:fe:f2:3f:c4:a8:9c:a0:69:59:b1:cb:43:
7d:d8:f6:9a:da:6b:0a:72:c1:41:98:39:9f:ce:cb:
4d:f6:0c:c7:ea:b3:3b:a2:a8:c1:97:a3:60:3b:01:
c1:56:6e:46:32:45:a4:18:77:ac:b7:35:c8:dd:f1:
f9:89:41:11:92:58:eb:cf:03:ef:db:d4:5e:e8:54:
09:01:0a:33:f6:3f:e9:db:ee:94:ea:0c:5e:aa:b7:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3E:24:DD:40:C6:8C:B3:74:2B:C7:C7:0E:33:49:1B:B0:23:5C:6A
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235342e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.254.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:66:30:5d:24:47:43:92:5b:6d:78:12:f0:f7:9e:ea:90:81:
a8:d7:8b:b2:c8:da:e8:4b:21:58:3d:5b:8e:bf:17:5a:b1:ed:
24:b7:5d:78:34:ed:d9:24:15:af:b1:7b:52:7e:0c:50:a9:4e:
aa:63:33:fd:42:38:ce:5f:db:35:34:da:42:15:76:d9:14:ee:
aa:5d:5c:91:7c:b4:07:3a:96:7a:bd:d8:d1:03:fe:b6:26:db:
29:35:2a:37:3f:f2:46:be:17:ae:0e:30:ff:1b:61:65:c5:f0:
54:5c:b7:6e:a5:45:92:17:38:5b:27:56:c6:8c:92:5a:fc:7a:
88:52:84:0a:a9:bb:89:2a:18:7b:a6:67:3a:67:e7:13:01:b2:
19:94:e5:20:03:35:a1:5d:71:4d:5c:19:cd:12:9f:b1:f0:c2:
b7:73:e4:d9:85:1f:20:c6:38:d8:87:96:7c:3c:29:c3:1a:15:
ef:2b:7d:a3:50:69:3a:0a:3b:28:d7:96:40:dc:2f:b8:af:70:
77:af:db:8f:32:9b:18:94:83:c4:3e:03:bd:62:31:44:6a:1e:
c7:df:64:ee:5e:0b:1a:ef:86:a4:de:0f:f0:dd:b9:e4:25:f0:
4c:40:f9:49:1d:6e:e8:3c:32:f3:65:58:17:3a:98:4e:33:46:
a9:ca:b2:c9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfdU4PMV2BZmic4V2ZNZ06mAGjbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDEwMTZaFw0yNTA4MDcxMDE1MTZaMDMxMTAvBgNV
BAMTKEQ1M0UyNERENDBDNjhDQjM3NDJCQzdDNzBFMzM0OTFCQjAyMzVDNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUArB3bwdYRVzlPXxUa55OcZdn
bBah0FPUeWbPQwZNAZEfH+nApW9gMJQxnZhMwVSGqce2oO9LQhXhZe5BMzGRx/tb
+MWlmYoC1+TU8LDy0Iyn0JwK7pL+em/h8PMIQj01pJeILvywPCNXy3Boiz3GY3gB
RHRLL8w1iuutC82BAiFcGtYZKJLAa7X2JQC62JZcy4j/nvY/nQAaNqtHp45UmN+K
zfPKUP7yP8SonKBpWbHLQ33Y9praawpywUGYOZ/Oy032DMfqszuiqMGXo2A7AcFW
bkYyRaQYd6y3Ncjd8fmJQRGSWOvPA+/b1F7oVAkBCjP2P+nb7pTqDF6qt0kHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1T4k3UDGjLN0K8fHDjNJG7AjXGowHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjM1
MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H9z+MA0GCSqGSIb3DQEBCwUAA4IBAQBvZjBdJEdDkltteBLw957qkIGo14uyyNro
SyFYPVuOvxdase0kt114NO3ZJBWvsXtSfgxQqU6qYzP9QjjOX9s1NNpCFXbZFO6q
XVyRfLQHOpZ6vdjRA/62JtspNSo3P/JGvheuDjD/G2FlxfBUXLdupUWSFzhbJ1bG
jJJa/HqIUoQKqbuJKhh7pmc6Z+cTAbIZlOUgAzWhXXFNXBnNEp+x8MK3c+TZhR8g
xjjYh5Z8PCnDGhXvK32jUGk6Cjso15ZA3C+4r3B3r9uPMpsYlIPEPgO9YjFEah7H
32TuXgsa74ak3g/w3bnkJfBMQPlJHW7oPDLzZVgXOphOM0apyrLJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org