Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36302e302f32342d3234203d3e203232333633.roa
File: 33312e362e36302e302f32342d3234203d3e203232333633.roa (raw, json)
Hash identifier: BSlAP4Y19anKqJyn7BW4UD/vnHSGxZeSBX1A6JF7RdU=
Subject key identifier: B5:9E:D8:D2:5B:AF:F2:AE:C2:D4:87:79:9D:1A:90:44:D7:6F:AB:4B
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 76D5E53C9B213F028102BF243BC851ADE94B81D0
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36302e302f32342d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:22:28 +0000
ROA not before: Mon 02 Oct 2023 05:17:28 +0000
ROA not after: Mon 30 Sep 2024 05:22:28 +0000
asID: 22363
IP address blocks: 31.6.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:d5:e5:3c:9b:21:3f:02:81:02:bf:24:3b:c8:51:ad:e9:4b:81:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:17:28 2023 GMT
Not After : Sep 30 05:22:28 2024 GMT
Subject: CN=B59ED8D25BAFF2AEC2D487799D1A9044D76FAB4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:00:a8:02:56:ea:70:74:76:60:b4:4b:0d:d4:
31:f7:9a:b9:c4:d1:1e:4f:28:4a:0d:ac:9e:56:0a:
be:83:68:a4:60:24:ef:3a:bf:bd:67:24:11:14:59:
07:a3:51:db:dd:b0:18:8c:03:f7:a8:dc:fa:4f:4b:
27:0e:c9:44:1e:96:26:01:a5:7b:10:e2:20:09:5e:
53:ee:da:22:24:1a:92:a9:79:db:21:58:77:3c:8c:
64:a2:19:a1:b3:d7:ed:0a:b4:c7:48:d5:51:21:83:
d6:6a:ac:dd:22:02:44:51:25:7f:d9:a1:96:a6:3f:
8b:46:c4:a5:70:eb:3e:14:6f:c0:15:8d:1c:be:d1:
1a:01:e6:16:30:d0:2a:d5:6d:8f:49:c4:ae:ac:4e:
1d:13:f3:0c:82:52:c7:20:1b:d5:60:02:d2:5c:be:
0d:ea:37:a4:af:37:8d:35:9b:6c:1c:93:34:c0:54:
a8:75:03:7d:5f:9a:ec:4d:20:15:64:c1:a8:6e:56:
bd:41:28:0c:23:00:1c:ed:ee:27:5b:15:91:f1:bb:
31:88:bc:97:66:0b:7c:30:a4:2f:6d:62:5e:9e:51:
fd:1b:22:2b:97:4f:4e:fc:23:f3:23:42:d1:33:a3:
1f:44:cd:2a:64:7a:20:73:3b:43:dd:54:41:b1:ec:
1f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9E:D8:D2:5B:AF:F2:AE:C2:D4:87:79:9D:1A:90:44:D7:6F:AB:4B
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36302e302f32342d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.60.0/24
Signature Algorithm: sha256WithRSAEncryption
70:77:bc:16:38:94:f2:a5:be:b3:c7:06:a5:1a:ee:25:72:ef:
bc:83:da:4a:c4:8d:19:5a:b2:ba:fd:c5:ad:00:bd:70:1f:de:
34:b7:47:29:ac:b5:ce:17:6a:0a:23:a6:00:78:20:ad:67:a9:
bf:1b:f4:c7:b5:6b:47:18:cb:03:10:25:db:17:17:d0:31:ad:
27:96:8d:20:d4:53:ad:75:64:9d:62:53:1c:12:4f:ca:0b:3f:
70:86:c4:f4:75:12:17:7d:8c:c9:77:b7:e1:0f:29:15:10:4e:
82:d1:65:9e:2c:92:28:ea:ca:b0:56:90:fc:d5:99:78:9a:ea:
b5:5b:6e:01:b3:c6:db:02:c9:98:41:44:bf:be:58:b4:a4:15:
32:42:44:20:a2:b6:86:c8:df:64:51:d8:58:28:c4:bc:e3:a7:
a6:30:28:5a:52:c0:dc:36:2c:02:6e:9a:5e:ae:b2:e3:7e:9d:
43:2c:39:30:02:d2:34:07:23:94:ad:e5:b4:f0:fc:66:ec:5e:
fb:dd:00:be:fc:28:df:c0:82:b2:2e:65:df:be:23:45:27:8f:
96:53:b8:19:31:03:6a:1c:b3:d0:f7:e5:5b:04:18:d5:ae:ba:
53:2f:c3:de:d0:e4:20:49:57:89:91:0a:0a:dc:df:2b:bc:2f:
cf:b8:75:e0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUdtXlPJshPwKBAr8kO8hRrelLgdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE3MjhaFw0yNDA5MzAwNTIyMjhaMDMxMTAvBgNV
BAMTKEI1OUVEOEQyNUJBRkYyQUVDMkQ0ODc3OTlEMUE5MDQ0RDc2RkFCNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8AKgCVupwdHZgtEsN1DH3mrnE
0R5PKEoNrJ5WCr6DaKRgJO86v71nJBEUWQejUdvdsBiMA/eo3PpPSycOyUQeliYB
pXsQ4iAJXlPu2iIkGpKpedshWHc8jGSiGaGz1+0KtMdI1VEhg9ZqrN0iAkRRJX/Z
oZamP4tGxKVw6z4Ub8AVjRy+0RoB5hYw0CrVbY9JxK6sTh0T8wyCUscgG9VgAtJc
vg3qN6SvN401m2wckzTAVKh1A31fmuxNIBVkwahuVr1BKAwjABzt7idbFZHxuzGI
vJdmC3wwpC9tYl6eUf0bIiuXT078I/MjQtEzox9EzSpkeiBzO0PdVEGx7B/rAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUtZ7Y0luv8q7C1Id5nRqQRNdvq0swHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM2MzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzMzNjMzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwY8MA0G
CSqGSIb3DQEBCwUAA4IBAQBwd7wWOJTypb6zxwalGu4lcu+8g9pKxI0ZWrK6/cWt
AL1wH940t0cprLXOF2oKI6YAeCCtZ6m/G/THtWtHGMsDECXbFxfQMa0nlo0g1FOt
dWSdYlMcEk/KCz9whsT0dRIXfYzJd7fhDykVEE6C0WWeLJIo6sqwVpD81Zl4muq1
W24Bs8bbAsmYQUS/vli0pBUyQkQgoraGyN9kUdhYKMS846emMChaUsDcNiwCbppe
rrLjfp1DLDkwAtI0ByOUreW08Pxm7F773QC+/CjfwIKyLmXfviNFJ4+WU7gZMQNq
HLPQ9+VbBBjVrrpTL8Pe0OQgSVeJkQoK3N8rvC/PuHXg
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:49:43 2024 by rpki-client on console-ams.rpki-client.org