Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20343030383636.roa
File: 33312e362e33392e302f32342d3234203d3e20343030383636.roa (raw, json)
Hash identifier: zgJGlANH7Y6lfp6eD53RaEFrPS54styQRjEz5jQVriI=
Subject key identifier: 43:4C:D4:D3:95:89:0A:21:B5:C7:64:55:89:4A:B1:20:15:C6:FA:0B
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 6C1BCAD6850CB8814CA000A9E341F8AA640D7E78
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20343030383636.roa
Signing time: Sun 05 May 2024 21:34:54 +0000
ROA not before: Sun 05 May 2024 21:29:54 +0000
ROA not after: Sun 04 May 2025 21:34:54 +0000
asID: 400866
IP address blocks: 31.6.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1b:ca:d6:85:0c:b8:81:4c:a0:00:a9:e3:41:f8:aa:64:0d:7e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: May 5 21:29:54 2024 GMT
Not After : May 4 21:34:54 2025 GMT
Subject: CN=434CD4D395890A21B5C76455894AB12015C6FA0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:17:79:c6:7e:98:16:a9:98:cc:3d:e2:06:
50:6e:3a:f5:06:5f:c4:32:2d:19:06:d5:50:66:ee:
a4:94:b9:e6:b6:c8:65:c1:8a:9f:eb:73:9f:de:98:
49:f7:45:b3:75:51:b2:c9:f3:49:ef:53:b6:d7:c4:
82:1f:b9:c6:ef:f5:fa:d4:4a:50:a8:bf:dc:be:53:
0e:fd:d8:ba:d2:4b:9f:9c:14:1c:07:5c:41:1b:56:
12:89:58:e8:11:1b:27:63:db:1e:8a:7f:d9:bc:06:
cc:be:92:4c:22:c3:44:2b:d5:a3:3f:ba:7d:9e:1e:
4e:0b:ed:0b:a9:f3:ae:0c:cc:55:13:11:53:a6:fe:
2e:df:8a:34:cd:ad:2d:b5:45:43:8d:a0:b7:f0:5b:
3a:b5:fa:20:f9:9d:94:82:7f:88:be:04:82:4b:e0:
48:db:8c:8b:6c:8b:dc:94:0c:84:87:d9:3d:37:29:
0c:b9:12:fa:cb:b4:72:6b:64:3c:0d:db:72:b9:cd:
fc:fa:87:5c:e4:7e:92:8b:13:28:53:2d:ba:1c:31:
0e:88:67:00:d2:ef:84:fd:b4:33:90:12:22:93:b1:
e4:54:34:33:40:a2:26:10:fe:22:1f:49:ef:f1:14:
eb:ae:b1:ea:b7:6b:13:5b:c0:eb:ca:1e:a1:63:58:
fa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4C:D4:D3:95:89:0A:21:B5:C7:64:55:89:4A:B1:20:15:C6:FA:0B
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e33392e302f32342d3234203d3e20343030383636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:04:79:87:23:28:92:0e:42:f6:74:48:e5:e3:d2:5b:95:38:
06:34:a1:0c:69:0a:5e:74:3a:0f:2a:bc:c5:b8:e9:35:b6:33:
5b:b7:cb:1e:e8:a8:27:b7:90:51:d1:d0:92:7e:87:aa:75:77:
a5:0d:1f:c8:8b:b1:6c:3e:71:55:8f:fa:26:6a:94:6e:ed:4e:
3a:fd:bc:b0:42:3d:6b:4b:e9:35:91:d5:0e:a6:dc:58:35:ea:
84:7d:9e:c0:50:71:63:75:98:22:e5:ed:6b:56:aa:61:c9:93:
b8:81:64:6c:75:2d:00:6a:4f:29:35:18:ea:90:37:f3:aa:e4:
68:71:42:02:5c:54:3b:93:97:29:52:df:81:54:21:73:cb:95:
72:53:ed:60:11:57:e8:88:e8:e9:33:e4:35:f4:8a:23:9f:a2:
06:b3:ae:be:31:08:97:c2:96:73:70:0c:0d:61:f4:cc:ab:e4:
fe:fe:71:e6:a6:df:b0:9a:f8:34:a7:65:d5:52:ea:08:98:91:
dc:c9:0c:dd:eb:f7:d6:e1:20:23:93:39:f2:21:66:17:77:59:
0a:67:36:aa:7f:81:1f:48:d3:35:21:31:e3:5f:7a:3d:cb:1f:
a2:a9:75:40:ee:9a:0c:c0:24:7e:9b:ff:c0:f2:7b:f5:03:9a:
4e:27:ae:65
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUbBvK1oUMuIFMoACp40H4qmQNfngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDA1MDUyMTI5NTRaFw0yNTA1MDQyMTM0NTRaMDMxMTAvBgNV
BAMTKDQzNENENEQzOTU4OTBBMjFCNUM3NjQ1NTg5NEFCMTIwMTVDNkZBMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3XBd5xn6YFqmYzD3iBlBuOvUG
X8QyLRkG1VBm7qSUuea2yGXBip/rc5/emEn3RbN1UbLJ80nvU7bXxIIfucbv9frU
SlCov9y+Uw792LrSS5+cFBwHXEEbVhKJWOgRGydj2x6Kf9m8Bsy+kkwiw0Qr1aM/
un2eHk4L7Qup864MzFUTEVOm/i7fijTNrS21RUONoLfwWzq1+iD5nZSCf4i+BIJL
4EjbjItsi9yUDISH2T03KQy5EvrLtHJrZDwN23K5zfz6h1zkfpKLEyhTLbocMQ6I
ZwDS74T9tDOQEiKTseRUNDNAoiYQ/iIfSe/xFOuuseq3axNbwOvKHqFjWPrzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUQ0zU05WJCiG1x2RViUqxIBXG+gswHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMzMzkyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzODM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBicw
DQYJKoZIhvcNAQELBQADggEBAKcEeYcjKJIOQvZ0SOXj0luVOAY0oQxpCl50Og8q
vMW46TW2M1u3yx7oqCe3kFHR0JJ+h6p1d6UNH8iLsWw+cVWP+iZqlG7tTjr9vLBC
PWtL6TWR1Q6m3Fg16oR9nsBQcWN1mCLl7WtWqmHJk7iBZGx1LQBqTyk1GOqQN/Oq
5GhxQgJcVDuTlylS34FUIXPLlXJT7WARV+iI6Okz5DX0iiOfogazrr4xCJfClnNw
DA1h9Myr5P7+ceam37Ca+DSnZdVS6giYkdzJDN3r99bhICOTOfIhZhd3WQpnNqp/
gR9I0zUhMeNfej3LH6KpdUDumgzAJH6b/8Dye/UDmk4nrmU=
-----END CERTIFICATE-----
Generated at Fri May 31 23:54:56 2024 by rpki-client on console-fra.rpki-client.org