Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34332e302f32342d3234203d3e20333937363330.roa
File: 33312e362e34332e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: H/y0OP5LmQWBuy7PGXcAxf872JeFYFssWEysU4PJ4Ls=
Subject key identifier: 99:81:0E:86:46:A3:4D:F6:02:BE:6C:12:3D:D2:7F:39:DF:90:FA:AD
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 3A9380E9AF3FBA414130374A7EC6E5536B14CB78
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34332e302f32342d3234203d3e20333937363330.roa
Signing time: Wed 06 Dec 2023 15:38:20 +0000
ROA not before: Wed 06 Dec 2023 15:33:20 +0000
ROA not after: Wed 04 Dec 2024 15:38:20 +0000
asID: 397630
IP address blocks: 31.6.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:93:80:e9:af:3f:ba:41:41:30:37:4a:7e:c6:e5:53:6b:14:cb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Dec 6 15:33:20 2023 GMT
Not After : Dec 4 15:38:20 2024 GMT
Subject: CN=99810E8646A34DF602BE6C123DD27F39DF90FAAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8f:27:58:40:4a:f8:72:83:1e:98:73:4c:5a:
72:86:1a:07:3e:b5:a3:ee:bc:e6:61:08:7f:40:7d:
68:de:8b:b4:09:06:0a:92:26:69:d9:ed:96:d9:05:
69:17:7b:c1:11:60:b9:cd:59:92:41:8f:15:c1:65:
f0:71:fc:86:0e:f0:37:4c:6a:e6:40:73:01:b3:e3:
49:11:fb:17:ad:9f:f4:c1:78:ad:d5:5e:9d:41:27:
52:15:f3:76:fd:0a:ad:85:02:b6:42:3d:20:48:03:
08:56:d2:6c:f9:2b:48:c4:6d:47:5c:58:a4:7b:d9:
b2:c8:19:94:85:85:32:56:70:a7:e5:81:cc:7f:ba:
89:9c:fe:36:d6:5c:99:2c:82:5f:fb:1c:8b:06:23:
95:f6:3e:1c:ea:26:5e:94:0f:fd:3e:3c:5f:8c:71:
8a:99:e7:d1:9f:4f:61:85:ba:e0:02:e0:9b:c0:27:
e5:49:3c:7f:b5:18:b2:46:6b:4c:ae:15:de:f2:8f:
c7:8b:ff:9f:70:69:b5:da:8d:52:4c:34:d8:1f:ee:
59:c4:68:92:f4:f2:7f:34:e3:12:c9:6a:f8:18:5d:
8e:a8:d3:60:18:57:6f:ca:9b:95:ab:41:f2:52:54:
b9:5d:df:bf:e7:a4:c9:f3:aa:48:95:f6:17:a6:e2:
4e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:81:0E:86:46:A3:4D:F6:02:BE:6C:12:3D:D2:7F:39:DF:90:FA:AD
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34332e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.43.0/24
Signature Algorithm: sha256WithRSAEncryption
40:65:ac:99:d6:45:50:12:6a:14:86:23:30:6c:85:60:76:ad:
9c:dc:de:e8:fe:56:3f:a7:58:63:b8:06:76:82:3e:f4:21:73:
54:85:8b:df:43:98:fc:ed:0e:1d:31:b0:89:07:b3:28:b0:eb:
f7:a4:3b:31:de:3f:12:c6:1b:58:91:85:11:89:4b:46:d3:9e:
78:5f:02:ee:f6:f7:eb:ff:3f:b9:4c:f2:8b:93:66:02:3a:24:
e0:91:0a:80:17:75:61:7a:92:7f:cd:5d:17:84:29:20:94:49:
e2:df:2d:35:f8:10:05:2b:16:e8:aa:91:a3:10:95:bd:52:90:
46:8a:50:2c:be:a9:22:a0:9f:0c:1d:b5:57:9d:97:5d:a6:01:
a2:eb:af:7d:29:bb:95:0f:07:43:38:7f:52:53:53:84:ce:e5:
c0:00:8b:d2:35:b6:ed:80:aa:bd:3b:da:c6:a1:bc:b4:90:74:
c9:16:cb:b1:f1:f2:f3:ea:30:ba:6c:b5:3f:6e:23:e5:a2:f4:
ba:93:19:54:5e:ea:5b:d4:e9:9b:cb:28:a7:b3:13:76:c1:24:
c3:40:94:e5:7d:ed:9f:69:61:b4:a0:be:35:c3:1e:2d:3e:b6:
fb:61:98:31:d5:9e:6a:2d:f5:ea:08:8c:39:82:30:89:57:09:
87:d8:60:aa
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOpOA6a8/ukFBMDdKfsblU2sUy3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEyMDYxNTMzMjBaFw0yNDEyMDQxNTM4MjBaMDMxMTAvBgNV
BAMTKDk5ODEwRTg2NDZBMzRERjYwMkJFNkMxMjNERDI3RjM5REY5MEZBQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqjydYQEr4coMemHNMWnKGGgc+
taPuvOZhCH9AfWjei7QJBgqSJmnZ7ZbZBWkXe8ERYLnNWZJBjxXBZfBx/IYO8DdM
auZAcwGz40kR+xetn/TBeK3VXp1BJ1IV83b9Cq2FArZCPSBIAwhW0mz5K0jEbUdc
WKR72bLIGZSFhTJWcKflgcx/uomc/jbWXJksgl/7HIsGI5X2PhzqJl6UD/0+PF+M
cYqZ59GfT2GFuuAC4JvAJ+VJPH+1GLJGa0yuFd7yj8eL/59wabXajVJMNNgf7lnE
aJL08n804xLJavgYXY6o02AYV2/Km5WrQfJSVLld37/npMnzqkiV9hem4k6fAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUmYEOhkajTfYCvmwSPdJ/Od+Q+q0wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM0MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBisw
DQYJKoZIhvcNAQELBQADggEBAEBlrJnWRVASahSGIzBshWB2rZzc3uj+Vj+nWGO4
BnaCPvQhc1SFi99DmPztDh0xsIkHsyiw6/ekOzHePxLGG1iRhRGJS0bTnnhfAu72
9+v/P7lM8ouTZgI6JOCRCoAXdWF6kn/NXReEKSCUSeLfLTX4EAUrFuiqkaMQlb1S
kEaKUCy+qSKgnwwdtVedl12mAaLrr30pu5UPB0M4f1JTU4TO5cAAi9I1tu2Aqr07
2sahvLSQdMkWy7Hx8vPqMLpstT9uI+Wi9LqTGVRe6lvU6ZvLKKezE3bBJMNAlOV9
7Z9pYbSgvjXDHi0+tvthmDHVnmot9eoIjDmCMIlXCYfYYKo=
-----END CERTIFICATE-----
Generated at Tue May 7 10:45:37 2024 by rpki-client on console-ams.rpki-client.org