Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3223.roa
File: AS3223.roa (raw, json)
Hash identifier: 8TJJVHKZWQERRd8ukTJ8MtyuYg67etFwqQcXgZCtwd4=
Subject key identifier: 61:32:AC:15:A4:73:00:00:13:BC:E5:EE:9A:C6:DA:E5:EF:04:61:DE
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 1023D8CD2C201D3B048BDBB4663322AAC0F41A21
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3223.roa
Signing time: Sun 17 Nov 2024 10:43:28 +0000
ROA not before: Sun 17 Nov 2024 10:38:28 +0000
ROA not after: Sun 16 Nov 2025 10:43:28 +0000
asID: 3223
IP address blocks: 147.78.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:23:d8:cd:2c:20:1d:3b:04:8b:db:b4:66:33:22:aa:c0:f4:1a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Nov 17 10:38:28 2024 GMT
Not After : Nov 16 10:43:28 2025 GMT
Subject: CN=6132AC15A473000013BCE5EE9AC6DAE5EF0461DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2b:9d:10:9f:01:2f:30:f6:78:be:79:b0:26:
26:17:f6:5e:ca:dc:c6:db:58:3d:a8:d7:78:12:9d:
7e:f7:27:aa:9a:31:79:26:08:5f:df:6c:fb:1a:44:
82:07:f0:42:8c:5c:25:f9:70:72:fe:2c:58:42:90:
83:9f:f5:32:ac:24:52:cf:23:6b:d2:b9:a2:d7:35:
d6:78:31:3c:0f:89:d0:4b:ee:f7:6d:49:8c:2a:83:
fa:bc:3b:55:74:e0:8b:36:4f:92:8d:b3:1e:9c:a1:
6b:4a:40:56:b1:f0:c6:51:2f:53:f4:8b:48:c6:dd:
9a:18:4b:3c:e1:4f:ec:b9:b3:81:09:d9:8e:4f:b0:
06:68:c3:d5:e7:6f:73:56:24:c4:0f:4e:09:b2:7e:
d0:3d:3a:4d:40:59:8a:68:fb:22:a9:6b:d2:78:76:
c9:34:99:2b:3e:7d:83:76:85:b6:ab:24:83:77:a1:
8a:77:18:f7:30:6e:1a:fc:ae:2d:e3:20:55:19:a8:
15:13:f9:4b:c1:5a:5a:20:36:04:34:43:6b:91:8e:
bf:6c:c5:2c:69:72:d3:0b:fb:1a:55:ca:44:1b:bc:
fb:9e:0f:55:a4:68:7f:87:73:e4:3d:58:86:ef:b2:
58:fa:00:5e:d5:4c:88:b3:6e:01:22:19:39:2a:65:
29:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:32:AC:15:A4:73:00:00:13:BC:E5:EE:9A:C6:DA:E5:EF:04:61:DE
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS3223.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b3:a8:b2:36:c5:ce:52:58:7a:04:b0:2f:bb:27:04:87:36:
cd:c0:25:86:dc:4e:83:31:f4:72:0a:48:b1:bb:4e:67:09:c0:
ad:4c:e3:9a:30:b0:5d:a0:06:d1:43:c6:e3:46:fe:73:b6:f5:
d0:e7:aa:75:9a:55:a5:79:46:13:16:bc:57:b7:aa:8a:b9:41:
79:54:a3:a8:da:1d:c3:42:28:27:79:94:61:30:3f:73:c4:41:
ed:f4:12:53:fa:46:90:3b:3e:1d:81:3a:1d:ff:f1:f9:a0:db:
91:54:21:1d:4e:9d:8d:ce:5a:1f:9c:01:f9:56:5b:05:8e:1f:
23:fc:3e:8d:d9:f8:f0:b3:4e:94:10:2a:d7:d1:c1:45:b5:8f:
a2:50:2b:42:97:5f:5b:0f:e8:96:55:ee:20:97:84:6d:5d:21:
5d:94:f3:91:25:74:23:ee:ab:5f:78:b6:fd:69:89:e2:29:9e:
80:47:6a:bb:17:f6:c2:c6:b5:9f:de:7f:cf:83:d9:9b:72:dd:
d8:da:9c:9a:c2:82:15:2d:84:e3:0d:65:0c:6c:90:1f:f3:02:
8c:80:a0:89:2b:51:e5:8b:b3:3a:c9:f8:db:f3:30:ae:e8:95:
84:e3:3d:3b:64:b2:a6:42:16:ae:ec:9f:2d:f0:3f:0d:71:43:
f5:c0:51:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUECPYzSwgHTsEi9u0ZjMiqsD0GiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDExMTcxMDM4MjhaFw0yNTExMTYxMDQzMjhaMDMxMTAvBgNV
BAMTKDYxMzJBQzE1QTQ3MzAwMDAxM0JDRTVFRTlBQzZEQUU1RUYwNDYxREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkK50QnwEvMPZ4vnmwJiYX9l7K
3MbbWD2o13gSnX73J6qaMXkmCF/fbPsaRIIH8EKMXCX5cHL+LFhCkIOf9TKsJFLP
I2vSuaLXNdZ4MTwPidBL7vdtSYwqg/q8O1V04Is2T5KNsx6coWtKQFax8MZRL1P0
i0jG3ZoYSzzhT+y5s4EJ2Y5PsAZow9Xnb3NWJMQPTgmyftA9Ok1AWYpo+yKpa9J4
dsk0mSs+fYN2hbarJIN3oYp3GPcwbhr8ri3jIFUZqBUT+UvBWlogNgQ0Q2uRjr9s
xSxpctML+xpVykQbvPueD1WkaH+Hc+Q9WIbvslj6AF7VTIizbgEiGTkqZSlzAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUYTKsFaRzAAATvOXumsba5e8EYd4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzIyMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJNOeTAN
BgkqhkiG9w0BAQsFAAOCAQEAKrOosjbFzlJYegSwL7snBIc2zcAlhtxOgzH0cgpI
sbtOZwnArUzjmjCwXaAG0UPG40b+c7b10OeqdZpVpXlGExa8V7eqirlBeVSjqNod
w0IoJ3mUYTA/c8RB7fQSU/pGkDs+HYE6Hf/x+aDbkVQhHU6djc5aH5wB+VZbBY4f
I/w+jdn48LNOlBAq19HBRbWPolArQpdfWw/ollXuIJeEbV0hXZTzkSV0I+6rX3i2
/WmJ4imegEdquxf2wsa1n95/z4PZm3Ld2NqcmsKCFS2E4w1lDGyQH/MCjICgiStR
5YuzOsn42/MwruiVhOM9O2SypkIWruyfLfA/DXFD9cBR6w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org