Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34322e302f32342d3234203d3e203430383631.roa
File: 33312e362e34322e302f32342d3234203d3e203430383631.roa (raw, json)
Hash identifier: tHxpaRi1psqZEBaIeSJP+H4/QFHqW5wVzouLVcmJQpM=
Subject key identifier: 17:65:E5:A2:1F:34:60:A0:E7:2F:75:54:99:2D:DF:8D:6D:F1:E2:F1
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 135D42FC12362BCA4FDF079060B4E1C958ECB539
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34322e302f32342d3234203d3e203430383631.roa
Signing time: Fri 27 Oct 2023 15:37:30 +0000
ROA not before: Fri 27 Oct 2023 15:32:30 +0000
ROA not after: Fri 25 Oct 2024 15:37:30 +0000
asID: 40861
IP address blocks: 31.6.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 14:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:5d:42:fc:12:36:2b:ca:4f:df:07:90:60:b4:e1:c9:58:ec:b5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 27 15:32:30 2023 GMT
Not After : Oct 25 15:37:30 2024 GMT
Subject: CN=1765E5A21F3460A0E72F7554992DDF8D6DF1E2F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ae:d0:65:22:5e:38:63:e8:fa:9d:7b:7f:91:
bc:a2:da:de:ba:a8:da:e1:04:2f:60:9d:fd:d5:9b:
48:95:e1:c4:14:ff:7d:dc:2a:b3:fb:62:9f:94:4c:
38:02:50:d3:16:53:a1:3e:f0:19:45:17:6d:96:3c:
db:d1:34:85:dc:76:47:ad:1f:50:ea:bc:c8:91:b1:
82:59:ee:b9:0f:21:ea:2f:0b:e0:74:38:c7:a6:87:
69:e1:22:08:e5:8a:4a:69:8e:f2:a3:80:d0:93:dd:
14:3f:9b:9f:da:31:3c:fe:e3:94:2d:c2:6c:08:71:
3a:97:5f:d0:8e:63:7e:b8:3e:58:97:bd:ab:46:d7:
3c:b8:ca:b2:f3:40:6a:1d:94:e8:95:8b:69:ea:3a:
7f:2f:63:ad:5b:5d:7e:6d:92:6e:96:df:ae:20:64:
50:ff:0e:fa:81:e9:80:b9:7e:1a:23:8a:12:05:0f:
76:59:3e:81:09:28:70:18:d7:47:57:bb:d8:27:9e:
11:e6:72:ab:7c:db:fe:78:16:1e:df:59:ca:17:f9:
01:6a:82:9f:91:f9:7e:9c:84:b9:ce:de:05:1b:dc:
fd:8b:73:ce:ea:41:44:0c:f5:0d:58:4d:f3:af:af:
92:fb:5d:83:c6:d7:cd:6a:e2:60:51:51:65:ec:2d:
0e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:65:E5:A2:1F:34:60:A0:E7:2F:75:54:99:2D:DF:8D:6D:F1:E2:F1
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34322e302f32342d3234203d3e203430383631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:58:e9:81:61:93:69:93:b9:8e:f0:5d:f3:84:92:92:fc:7b:
a5:ab:d9:26:e2:1b:00:d0:f9:ac:8f:8a:8f:55:43:10:cc:56:
1d:6e:1b:46:5d:71:7f:70:20:19:c9:eb:34:4e:f1:84:69:5e:
47:4a:81:77:7c:74:64:68:26:ee:7e:f2:e2:4a:10:e7:23:39:
58:18:6c:34:e6:95:4f:74:32:a2:87:24:d4:3f:cc:c1:b4:ec:
95:70:f8:6a:be:0b:43:8a:cf:ee:af:48:7e:7b:e6:06:ae:40:
32:69:b6:37:5b:76:e4:f6:a2:0a:99:76:c0:85:54:f1:11:c3:
90:07:bb:56:86:13:14:eb:5b:1c:06:69:38:a2:ce:ec:c5:e3:
68:b4:49:3f:49:1e:f6:da:44:03:2e:8b:0c:2d:76:8f:f6:f1:
9c:b9:96:26:1c:4e:6b:f8:7b:18:0e:da:d2:c3:c1:b6:04:5e:
50:e3:00:db:ba:b0:16:c3:d6:90:91:35:d6:71:42:fd:1e:20:
d8:2b:30:d4:6e:47:69:da:10:8f:28:63:cc:32:f7:b6:a3:0a:
e9:e9:27:ad:4e:6d:76:d1:1f:9f:f2:10:78:14:4f:20:ed:cd:
4b:81:95:aa:84:eb:53:5c:81:fb:4a:36:17:37:16:26:95:ef:
0a:c9:4f:13
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUE11C/BI2K8pP3weQYLThyVjstTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMjcxNTMyMzBaFw0yNDEwMjUxNTM3MzBaMDMxMTAvBgNV
BAMTKDE3NjVFNUEyMUYzNDYwQTBFNzJGNzU1NDk5MkRERjhENkRGMUUyRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCprtBlIl44Y+j6nXt/kbyi2t66
qNrhBC9gnf3Vm0iV4cQU/33cKrP7Yp+UTDgCUNMWU6E+8BlFF22WPNvRNIXcdket
H1DqvMiRsYJZ7rkPIeovC+B0OMemh2nhIgjlikppjvKjgNCT3RQ/m5/aMTz+45Qt
wmwIcTqXX9COY364PliXvatG1zy4yrLzQGodlOiVi2nqOn8vY61bXX5tkm6W364g
ZFD/DvqB6YC5fhojihIFD3ZZPoEJKHAY10dXu9gnnhHmcqt82/54Fh7fWcoX+QFq
gp+R+X6chLnO3gUb3P2Lc87qQUQM9Q1YTfOvr5L7XYPG181q4mBRUWXsLQ7lAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUF2Xloh80YKDnL3VUmS3fjW3x4vEwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM0MzIyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzgzNjMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYqMA0G
CSqGSIb3DQEBCwUAA4IBAQB6WOmBYZNpk7mO8F3zhJKS/Hulq9km4hsA0Pmsj4qP
VUMQzFYdbhtGXXF/cCAZyes0TvGEaV5HSoF3fHRkaCbufvLiShDnIzlYGGw05pVP
dDKihyTUP8zBtOyVcPhqvgtDis/ur0h+e+YGrkAyabY3W3bk9qIKmXbAhVTxEcOQ
B7tWhhMU61scBmk4os7sxeNotEk/SR722kQDLosMLXaP9vGcuZYmHE5r+HsYDtrS
w8G2BF5Q4wDburAWw9aQkTXWcUL9HiDYKzDUbkdp2hCPKGPMMve2owrp6SetTm12
0R+f8hB4FE8g7c1LgZWqhOtTXIH7SjYXNxYmle8KyU8T
-----END CERTIFICATE-----
Generated at Thu Jun 13 00:36:56 2024 by rpki-client on console-ams.rpki-client.org