Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e352e302f32342d3234203d3e203232333633.roa
File: 33312e362e352e302f32342d3234203d3e203232333633.roa (raw, json)
Hash identifier: bDq2F1NyeEvyCFmh/TKhE4qeU9ntnXUUFTMXPEHB1CA=
Subject key identifier: 5B:B0:E5:C1:F4:AD:28:F5:E7:9E:87:72:E9:36:D8:71:74:17:D9:85
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 7D9D82F3196A5E697DB3B36FA093F0C986FA22DF
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e352e302f32342d3234203d3e203232333633.roa
Signing time: Mon 02 Sep 2024 06:05:20 +0000
ROA not before: Mon 02 Sep 2024 06:00:20 +0000
ROA not after: Mon 01 Sep 2025 06:05:20 +0000
asID: 22363
IP address blocks: 31.6.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:9d:82:f3:19:6a:5e:69:7d:b3:b3:6f:a0:93:f0:c9:86:fa:22:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Sep 2 06:00:20 2024 GMT
Not After : Sep 1 06:05:20 2025 GMT
Subject: CN=5BB0E5C1F4AD28F5E79E8772E936D8717417D985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:23:16:a1:bd:39:af:ce:65:77:2c:09:1a:dc:
7e:f2:06:61:10:d0:a2:bb:f8:ad:29:ed:50:fd:7e:
3e:22:5e:64:bf:3a:05:2d:3c:9d:83:aa:fd:a9:2a:
5e:20:86:a9:e1:8a:28:91:e1:6e:cb:71:88:39:80:
73:8c:92:79:86:2f:94:f3:67:f5:64:c1:e7:b0:f9:
16:b1:d3:df:1e:ab:69:fd:01:6a:0f:c9:57:b5:7f:
40:40:65:d1:18:51:16:c8:4b:70:f1:45:4c:85:f7:
1c:94:d0:3d:41:91:45:87:ec:6d:ee:1c:f7:b5:c0:
e1:de:64:e8:89:71:63:eb:fd:91:63:f5:f6:57:06:
54:67:db:43:79:f9:de:aa:bf:db:fe:21:17:15:3e:
54:7c:5e:a4:b7:b5:06:41:22:e1:46:7f:ea:99:d8:
74:f7:9c:d1:c5:d8:16:09:49:3e:5b:85:24:65:c2:
97:ec:e3:09:15:1c:46:e7:1c:4a:f7:57:2e:42:9d:
33:c3:a2:b5:0e:24:c0:cd:5d:7a:29:70:3e:4d:47:
c6:ca:8b:fc:c4:53:d5:38:45:14:ff:ab:dd:61:1a:
6f:9b:c5:7b:7f:f7:f2:38:89:12:fd:e9:4c:8e:33:
ef:0a:14:a0:39:e0:33:75:b5:87:e1:9a:dd:cc:38:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B0:E5:C1:F4:AD:28:F5:E7:9E:87:72:E9:36:D8:71:74:17:D9:85
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e352e302f32342d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.5.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cc:d7:cf:fc:d5:4c:1f:2a:c3:59:44:fd:50:3e:e9:53:a4:
a3:4a:78:2a:6b:8b:1d:1e:7c:1a:93:56:2b:6b:28:87:d6:3e:
4f:47:30:0b:00:a5:f1:c7:67:72:61:bf:3c:a3:4e:e7:df:f1:
ac:25:19:3a:97:49:ca:6e:e0:c1:cc:35:56:5e:06:e0:01:0b:
d3:3e:16:92:81:b8:f7:e0:ba:be:1b:9e:84:30:0b:b6:6f:53:
c7:85:1e:65:b3:0c:a7:2c:ae:52:93:0c:0b:cd:08:56:22:e3:
15:b7:df:48:99:2c:7c:d2:90:60:20:85:bd:0b:c9:ec:a2:a2:
d5:8c:61:88:90:72:05:ca:51:74:51:ae:f7:a5:ad:8f:ea:9d:
a3:1a:55:25:be:af:f3:9c:01:a7:c0:ac:61:91:5d:8a:24:46:
0a:e8:b5:2a:d8:23:0e:6c:18:77:b4:81:b5:c5:13:e9:7a:ac:
f2:58:a8:2b:b8:09:34:3b:32:09:32:82:26:9f:0c:66:34:97:
46:c8:a3:5e:e2:c2:fb:4b:c1:52:86:5d:31:fc:0d:92:e7:96:
00:21:65:83:68:45:f5:2f:a3:96:e0:e6:76:52:69:52:07:b3:
c8:c7:e4:e5:ff:f0:3d:ad:53:83:aa:7a:99:33:b5:30:89:b8:
1b:8d:f2:f4
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUfZ2C8xlqXml9s7NvoJPwyYb6It8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDA5MDIwNjAwMjBaFw0yNTA5MDEwNjA1MjBaMDMxMTAvBgNV
BAMTKDVCQjBFNUMxRjRBRDI4RjVFNzlFODc3MkU5MzZEODcxNzQxN0Q5ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQIxahvTmvzmV3LAka3H7yBmEQ
0KK7+K0p7VD9fj4iXmS/OgUtPJ2Dqv2pKl4ghqnhiiiR4W7LcYg5gHOMknmGL5Tz
Z/Vkweew+Rax098eq2n9AWoPyVe1f0BAZdEYURbIS3DxRUyF9xyU0D1BkUWH7G3u
HPe1wOHeZOiJcWPr/ZFj9fZXBlRn20N5+d6qv9v+IRcVPlR8XqS3tQZBIuFGf+qZ
2HT3nNHF2BYJST5bhSRlwpfs4wkVHEbnHEr3Vy5CnTPDorUOJMDNXXopcD5NR8bK
i/zEU9U4RRT/q91hGm+bxXt/9/I4iRL96UyOM+8KFKA54DN1tYfhmt3MOCvjAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUW7DlwfStKPXnnody6TbYcXQX2YUwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM1MmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzIzMjMzMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8GBTANBgkq
hkiG9w0BAQsFAAOCAQEAO8zXz/zVTB8qw1lE/VA+6VOko0p4KmuLHR58GpNWK2so
h9Y+T0cwCwCl8cdncmG/PKNO59/xrCUZOpdJym7gwcw1Vl4G4AEL0z4WkoG49+C6
vhuehDALtm9Tx4UeZbMMpyyuUpMMC80IViLjFbffSJksfNKQYCCFvQvJ7KKi1Yxh
iJByBcpRdFGu96Wtj+qdoxpVJb6v85wBp8CsYZFdiiRGCui1KtgjDmwYd7SBtcUT
6Xqs8lioK7gJNDsyCTKCJp8MZjSXRsijXuLC+0vBUoZdMfwNkueWACFlg2hF9S+j
luDmdlJpUgezyMfk5f/wPa1Tg6p6mTO1MIm4G43y9A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 06:09:06 2024 by rpki-client on console-fra.rpki-client.org