Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35322e302f32342d3234203d3e20333937363330.roa
File: 33312e362e35322e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: Na9XN443wQLfYm/73h8f/AdNSOrc8D+pKvpMndYJ+G0=
Subject key identifier: 58:5D:4C:89:10:B3:60:53:5E:99:61:95:4A:11:0A:49:9B:00:BC:A3
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 5EEBD7DABE013A72D9BEE870673B15E170A43056
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35322e302f32342d3234203d3e20333937363330.roa
Signing time: Tue 14 Nov 2023 15:02:30 +0000
ROA not before: Tue 14 Nov 2023 14:57:30 +0000
ROA not after: Tue 12 Nov 2024 15:02:30 +0000
asID: 397630
IP address blocks: 31.6.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:eb:d7:da:be:01:3a:72:d9:be:e8:70:67:3b:15:e1:70:a4:30:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Nov 14 14:57:30 2023 GMT
Not After : Nov 12 15:02:30 2024 GMT
Subject: CN=585D4C8910B360535E9961954A110A499B00BCA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f0:8c:d6:cd:d4:bb:28:08:7c:bd:3d:7f:8f:
1a:28:9b:43:1b:97:4d:48:e0:8f:99:b0:42:df:aa:
87:78:0d:fd:66:e8:10:77:c1:15:d5:9f:7e:4b:5f:
63:63:2c:db:47:a3:8f:17:75:58:86:b6:3d:c0:6c:
6e:a4:ed:1c:ce:bf:44:e6:02:0d:14:cf:85:4e:c1:
40:b2:a0:ec:da:ce:b0:29:e9:c6:2f:23:5e:4b:d4:
13:ec:63:ae:14:c3:85:df:ef:94:ab:1f:dc:93:75:
76:ae:00:e3:c0:bd:c7:d2:de:1e:8c:f6:70:27:5b:
51:be:81:e5:c7:ad:6c:84:2d:b3:a5:fe:c2:e7:24:
44:d8:df:9c:5d:73:e1:47:a0:55:81:57:53:a9:50:
62:d0:53:b5:9d:6e:90:e7:de:8a:9b:0d:e3:19:18:
0e:78:44:c1:0e:aa:39:ad:34:9a:83:b9:28:d7:3f:
c5:46:dc:a6:c7:42:4e:20:57:d2:05:6f:6f:ea:e2:
80:11:81:62:0f:53:b3:82:5f:7e:c7:00:b0:dd:8c:
56:28:f0:02:71:e7:d4:e8:9d:39:49:3c:0a:c0:61:
fb:fb:a0:71:44:2e:26:3a:17:a0:9b:e2:3b:48:90:
d9:3d:a0:27:0a:08:73:cc:21:80:02:c5:90:62:b9:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5D:4C:89:10:B3:60:53:5E:99:61:95:4A:11:0A:49:9B:00:BC:A3
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e35322e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.52.0/24
Signature Algorithm: sha256WithRSAEncryption
07:61:cd:5d:35:f5:2f:8d:d4:79:43:61:5f:01:c4:a5:8d:43:
dd:a7:42:76:29:b2:02:b0:19:44:ec:af:d5:39:03:5b:6d:46:
e8:e1:42:8f:d4:34:12:b1:1e:79:83:5d:32:1e:c6:af:61:a0:
fe:b1:e4:73:9e:d5:19:47:1f:d8:10:2f:e3:9b:44:0d:2d:0b:
eb:6d:a2:37:9b:b1:92:4a:bd:d4:32:fb:9e:02:8c:cc:b0:b8:
48:8a:c4:0b:20:9b:54:46:d9:ea:7e:4c:6d:ed:04:09:16:db:
6d:ce:59:07:cc:7a:d4:58:e8:3f:b8:09:77:ca:74:37:e4:6d:
60:a9:10:c7:b9:2c:a9:9b:b5:78:18:38:f0:5b:a7:f4:5e:2f:
0a:db:7e:89:19:9f:53:66:fe:08:71:3b:b9:ec:50:f7:77:10:
5c:17:70:fd:5f:3e:4c:7f:23:66:81:2f:db:16:9c:4e:8a:72:
ea:34:23:b0:11:64:11:0d:0b:77:94:b8:d2:95:c7:db:e3:59:
92:a9:c9:09:b9:bb:78:6b:ff:fb:15:f1:2f:65:83:32:99:63:
45:83:35:6d:17:51:90:2c:d4:eb:57:10:7e:f8:6c:73:81:04:
fd:74:a3:fa:bc:68:c2:d7:a8:be:97:ab:e3:51:97:70:ad:7e:
28:6e:7b:79
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUXuvX2r4BOnLZvuhwZzsV4XCkMFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzExMTQxNDU3MzBaFw0yNDExMTIxNTAyMzBaMDMxMTAvBgNV
BAMTKDU4NUQ0Qzg5MTBCMzYwNTM1RTk5NjE5NTRBMTEwQTQ5OUIwMEJDQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC18IzWzdS7KAh8vT1/jxoom0Mb
l01I4I+ZsELfqod4Df1m6BB3wRXVn35LX2NjLNtHo48XdViGtj3AbG6k7RzOv0Tm
Ag0Uz4VOwUCyoOzazrAp6cYvI15L1BPsY64Uw4Xf75SrH9yTdXauAOPAvcfS3h6M
9nAnW1G+geXHrWyELbOl/sLnJETY35xdc+FHoFWBV1OpUGLQU7WdbpDn3oqbDeMZ
GA54RMEOqjmtNJqDuSjXP8VG3KbHQk4gV9IFb2/q4oARgWIPU7OCX37HALDdjFYo
8AJx59TonTlJPArAYfv7oHFELiY6F6Cb4jtIkNk9oCcKCHPMIYACxZBiuV69AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWF1MiRCzYFNemWGVShEKSZsAvKMwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM1MzIyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNjMzMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBjQw
DQYJKoZIhvcNAQELBQADggEBAAdhzV019S+N1HlDYV8BxKWNQ92nQnYpsgKwGUTs
r9U5A1ttRujhQo/UNBKxHnmDXTIexq9hoP6x5HOe1RlHH9gQL+ObRA0tC+ttojeb
sZJKvdQy+54CjMywuEiKxAsgm1RG2ep+TG3tBAkW223OWQfMetRY6D+4CXfKdDfk
bWCpEMe5LKmbtXgYOPBbp/ReLwrbfokZn1Nm/ghxO7nsUPd3EFwXcP1fPkx/I2aB
L9sWnE6Kcuo0I7ARZBENC3eUuNKVx9vjWZKpyQm5u3hr//sV8S9lgzKZY0WDNW0X
UZAs1OtXEH74bHOBBP10o/q8aMLXqL6Xq+NRl3Ctfihue3k=
-----END CERTIFICATE-----
Generated at Tue May 7 11:42:50 2024 by rpki-client on console-fra.rpki-client.org