Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32362e302f32342d3234203d3e20333937363330.roa
File: 33312e362e32362e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: grWidxwq0bB5fkUzB2OUpY9X8+3JaCYg813SiuXZwNM=
Subject key identifier: E1:69:D0:22:73:C4:5D:2F:02:10:55:24:5C:A3:1C:EF:7E:6C:3A:9C
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 771989449DC7880EC87F317781EC932B341BC9D6
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32362e302f32342d3234203d3e20333937363330.roa
Signing time: Tue 14 Nov 2023 15:02:30 +0000
ROA not before: Tue 14 Nov 2023 14:57:30 +0000
ROA not after: Tue 12 Nov 2024 15:02:30 +0000
asID: 397630
IP address blocks: 31.6.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:19:89:44:9d:c7:88:0e:c8:7f:31:77:81:ec:93:2b:34:1b:c9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Nov 14 14:57:30 2023 GMT
Not After : Nov 12 15:02:30 2024 GMT
Subject: CN=E169D02273C45D2F021055245CA31CEF7E6C3A9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:0d:b4:30:a9:d4:af:eb:f7:69:8a:86:ed:
98:16:b1:dd:f4:1a:2b:f4:5f:e1:4e:1d:c6:e1:71:
8a:98:ff:5c:41:e0:94:18:6a:ef:a7:31:f1:29:59:
4c:de:2f:a4:6a:82:5e:d6:9a:f2:65:99:10:6d:1a:
21:8e:c4:d8:34:8f:1e:3b:81:3b:8c:e7:d2:2e:57:
49:72:9e:34:e6:63:0c:b0:4a:3e:e4:c0:57:87:74:
4e:8f:a0:85:58:af:20:27:7a:c5:10:66:b0:08:91:
5f:dc:a7:00:33:85:24:c0:b0:a0:3b:16:f8:59:83:
91:2d:3c:df:d3:56:aa:86:bf:e9:b4:70:8d:b9:48:
6f:74:52:e5:19:47:7d:06:35:93:85:0e:66:d6:50:
83:c3:38:21:38:db:12:df:ed:e0:77:54:eb:2c:09:
5e:7a:59:bf:e4:bb:46:66:7a:e0:f3:76:19:52:db:
11:e9:d1:13:b0:bf:52:af:d2:c6:1a:b0:ee:b9:61:
db:aa:7b:97:2e:5b:8f:d5:25:2c:48:24:64:91:6d:
eb:2b:f1:8a:03:b8:21:95:60:d6:59:a3:8f:75:0f:
05:1e:44:54:20:fa:d2:9c:70:76:79:15:cd:1b:7f:
50:f9:12:bb:7a:6c:dd:09:d1:5f:85:dc:0e:bb:e6:
65:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:69:D0:22:73:C4:5D:2F:02:10:55:24:5C:A3:1C:EF:7E:6C:3A:9C
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e32362e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.26.0/24
Signature Algorithm: sha256WithRSAEncryption
30:87:aa:f7:05:3c:5b:33:44:2f:f2:61:8c:c6:10:21:a7:5c:
1e:bb:a6:f9:d8:26:aa:09:6d:ab:bc:89:03:7f:07:d1:68:5b:
c6:55:b0:0b:a1:e7:0c:af:4a:88:87:0b:4e:38:0f:9c:7b:8c:
e5:c0:5b:bb:06:12:5c:5c:6e:b7:ed:0c:be:0b:13:4e:e8:65:
8b:fb:20:c7:53:36:18:9b:90:6a:f5:2d:24:f6:2f:c8:d1:c9:
99:09:3a:a2:5c:68:ce:e8:19:bb:de:3e:11:16:fd:74:33:e3:
c5:67:df:43:a3:f6:bc:0f:6a:89:aa:68:36:6f:f3:24:c0:47:
45:a2:94:d0:39:9e:66:aa:6d:0a:60:db:d0:59:3f:5b:dc:9e:
c5:e9:22:17:32:28:75:85:6a:fa:83:e6:37:ae:91:5b:63:50:
fc:b0:28:02:67:d8:91:a7:0e:64:e7:de:e1:38:e0:4c:3a:b9:
ba:2e:8d:af:da:df:c7:c0:30:fc:67:23:87:84:44:ca:13:0b:
7a:51:2f:17:0c:79:8a:2a:2b:64:ed:91:7f:19:f1:d5:7e:e4:
5b:09:6a:21:0e:85:33:06:35:4a:3a:9c:9b:52:6d:2e:74:ba:
71:90:9f:ac:50:b0:41:fa:38:06:af:41:d0:ee:b3:9a:f2:19:
10:8e:22:42
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUdxmJRJ3HiA7IfzF3geyTKzQbydYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzExMTQxNDU3MzBaFw0yNDExMTIxNTAyMzBaMDMxMTAvBgNV
BAMTKEUxNjlEMDIyNzNDNDVEMkYwMjEwNTUyNDVDQTMxQ0VGN0U2QzNBOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ag20MKnUr+v3aYqG7ZgWsd30
Giv0X+FOHcbhcYqY/1xB4JQYau+nMfEpWUzeL6Rqgl7WmvJlmRBtGiGOxNg0jx47
gTuM59IuV0lynjTmYwywSj7kwFeHdE6PoIVYryAnesUQZrAIkV/cpwAzhSTAsKA7
FvhZg5EtPN/TVqqGv+m0cI25SG90UuUZR30GNZOFDmbWUIPDOCE42xLf7eB3VOss
CV56Wb/ku0ZmeuDzdhlS2xHp0ROwv1Kv0sYasO65Yduqe5cuW4/VJSxIJGSRbesr
8YoDuCGVYNZZo491DwUeRFQg+tKccHZ5Fc0bf1D5Ert6bN0J0V+F3A675mVBAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU4WnQInPEXS8CEFUkXKMc735sOpwwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMyMzYyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBhow
DQYJKoZIhvcNAQELBQADggEBADCHqvcFPFszRC/yYYzGECGnXB67pvnYJqoJbau8
iQN/B9FoW8ZVsAuh5wyvSoiHC044D5x7jOXAW7sGElxcbrftDL4LE07oZYv7IMdT
NhibkGr1LST2L8jRyZkJOqJcaM7oGbvePhEW/XQz48Vn30Oj9rwPaomqaDZv8yTA
R0WilNA5nmaqbQpg29BZP1vcnsXpIhcyKHWFavqD5jeukVtjUPywKAJn2JGnDmTn
3uE44Ew6ubouja/a38fAMPxnI4eERMoTC3pRLxcMeYoqK2TtkX8Z8dV+5FsJaiEO
hTMGNUo6nJtSbS50unGQn6xQsEH6OAavQdDus5ryGRCOIkI=
-----END CERTIFICATE-----
Generated at Tue May 7 11:42:50 2024 by rpki-client on console-fra.rpki-client.org