Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
File: AS3223.roa (raw, json)
Hash identifier: Knfjt+o9wJHSDP502fdYk9SoyrSfj6ymueqOs1O12Cw=
Subject key identifier: 05:E9:E2:96:BF:42:C2:E0:88:92:F4:5D:FC:0E:A8:B5:52:76:ED:0B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4F668F87545888C358B12B9A8E7CDA3B354E604F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
Signing time: Sun 07 Jan 2024 00:30:39 +0000
ROA not before: Sun 07 Jan 2024 00:25:39 +0000
ROA not after: Sun 05 Jan 2025 00:30:39 +0000
asID: 3223
IP address blocks: 193.31.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:66:8f:87:54:58:88:c3:58:b1:2b:9a:8e:7c:da:3b:35:4e:60:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 7 00:25:39 2024 GMT
Not After : Jan 5 00:30:39 2025 GMT
Subject: CN=05E9E296BF42C2E08892F45DFC0EA8B55276ED0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:dd:fa:15:4d:8e:d3:77:95:53:01:12:d9:
b2:b1:40:96:aa:16:76:6d:3e:3b:76:e2:7d:e3:ca:
0d:af:3f:cc:01:29:b8:f2:83:69:cc:77:df:20:a8:
a8:d8:37:29:b6:ee:7c:15:05:62:7d:94:2a:a6:16:
05:2b:84:21:61:98:18:71:57:f1:df:2c:ba:32:13:
49:a4:78:44:18:d6:20:61:cf:b8:d8:ea:c7:54:5c:
ac:b6:65:68:0b:0e:ea:6a:0f:07:8d:95:1d:15:f7:
78:29:99:ad:1a:7c:8a:15:e6:b8:b9:f2:8c:01:67:
2a:79:be:ac:d9:d7:eb:6e:f9:6b:b3:24:07:7b:8e:
3a:b8:ff:9f:41:36:2d:ab:63:0e:ef:3e:12:7e:5f:
d7:a0:aa:7a:9d:b9:22:1e:14:0e:73:a1:db:b1:6e:
e8:d0:56:89:42:95:33:79:f3:ee:5f:32:15:ba:16:
bf:7f:4e:d6:22:8d:98:86:95:35:de:6d:82:36:68:
4f:49:a5:35:af:d7:53:c6:19:70:19:a5:61:7a:a7:
8e:db:a3:7c:65:10:e5:68:5c:89:20:a4:d3:46:36:
46:e6:d6:8a:63:b9:a8:a2:5b:39:b5:16:c4:5e:d9:
b0:9f:83:c5:8e:58:97:9b:00:08:37:6c:74:c0:8b:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E9:E2:96:BF:42:C2:E0:88:92:F4:5D:FC:0E:A8:B5:52:76:ED:0B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.43.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:23:1c:2c:d0:8a:80:0b:1a:10:db:75:db:ab:4d:d9:92:eb:
5b:33:f7:ab:d0:bc:b1:32:d1:4d:73:5a:88:9d:96:46:e3:c9:
7e:29:e7:43:27:6f:93:0d:d1:57:70:67:41:b0:73:ee:ce:52:
03:31:ce:80:6c:bd:fc:d3:45:86:ef:52:0c:dd:df:3c:68:9d:
86:18:bf:85:7a:f3:6a:3f:a8:38:12:f4:b3:ab:47:3b:e2:5b:
af:46:45:c1:52:e0:12:1e:5e:5f:ec:97:51:7f:37:5d:b6:26:
87:4c:1c:f9:85:1f:83:fc:13:58:e3:54:cd:77:b3:0c:69:1a:
9a:ff:f6:6c:d5:54:67:8e:62:fd:58:3a:f1:c1:61:fa:2e:ce:
ad:62:9d:3b:44:5e:18:10:80:b5:54:88:df:22:90:1f:9c:80:
11:87:4b:bc:63:0c:50:7b:0b:84:d8:f5:0a:50:cf:22:f5:da:
f2:b1:94:3f:b4:ae:23:5c:b1:6e:bd:e9:1c:0b:f6:43:b0:6e:
0e:1c:f6:9e:c4:c8:b8:af:94:38:b7:bb:92:20:4b:8f:48:60:
76:0a:39:09:59:27:5a:30:e2:e4:47:dd:aa:b0:3f:dc:8f:57:
bb:1e:b5:32:ed:50:77:83:fe:78:6b:09:f6:81:7f:29:50:f9:
89:5f:81:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUT2aPh1RYiMNYsSuajnzaOzVOYE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMDcwMDI1MzlaFw0yNTAxMDUwMDMwMzlaMDMxMTAvBgNV
BAMTKDA1RTlFMjk2QkY0MkMyRTA4ODkyRjQ1REZDMEVBOEI1NTI3NkVEMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0B936FU2O03eVUwES2bKxQJaq
FnZtPjt24n3jyg2vP8wBKbjyg2nMd98gqKjYNym27nwVBWJ9lCqmFgUrhCFhmBhx
V/HfLLoyE0mkeEQY1iBhz7jY6sdUXKy2ZWgLDupqDweNlR0V93gpma0afIoV5ri5
8owBZyp5vqzZ1+tu+WuzJAd7jjq4/59BNi2rYw7vPhJ+X9egqnqduSIeFA5zodux
bujQVolClTN58+5fMhW6Fr9/TtYijZiGlTXebYI2aE9JpTWv11PGGXAZpWF6p47b
o3xlEOVoXIkgpNNGNkbm1opjuaiiWzm1FsRe2bCfg8WOWJebAAg3bHTAi69RAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUBenilr9CwuCIkvRd/A6otVJ27QswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzIyMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEfKzAN
BgkqhkiG9w0BAQsFAAOCAQEAOiMcLNCKgAsaENt126tN2ZLrWzP3q9C8sTLRTXNa
iJ2WRuPJfinnQydvkw3RV3BnQbBz7s5SAzHOgGy9/NNFhu9SDN3fPGidhhi/hXrz
aj+oOBL0s6tHO+Jbr0ZFwVLgEh5eX+yXUX83XbYmh0wc+YUfg/wTWONUzXezDGka
mv/2bNVUZ45i/Vg68cFh+i7OrWKdO0ReGBCAtVSI3yKQH5yAEYdLvGMMUHsLhNj1
ClDPIvXa8rGUP7SuI1yxbr3pHAv2Q7BuDhz2nsTIuK+UOLe7kiBLj0hgdgo5CVkn
WjDi5EfdqrA/3I9Xux61Mu1Qd4P+eGsJ9oF/KVD5iV+BYQ==
-----END CERTIFICATE-----
Generated at Fri May 10 16:27:11 2024 by rpki-client on console-fra.rpki-client.org