Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
File: 3231332e3133392e36352e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: 4CxK/2nsy4IlLMM6spVwFLEFITyK9i3ABeG638HSk98=
Subject key identifier: BF:4F:FF:70:8A:02:6A:D9:C2:13:C5:7F:6C:57:96:C1:6B:2C:C0:B6
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 382D85CFC388DA8B2BF08EE50BC045F6DFD726DA
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
Signing time: Mon 11 Nov 2024 12:43:27 +0000
ROA not before: Mon 11 Nov 2024 12:38:27 +0000
ROA not after: Mon 10 Nov 2025 12:43:27 +0000
asID: 58061
IP address blocks: 213.139.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:2d:85:cf:c3:88:da:8b:2b:f0:8e:e5:0b:c0:45:f6:df:d7:26:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Nov 11 12:38:27 2024 GMT
Not After : Nov 10 12:43:27 2025 GMT
Subject: CN=BF4FFF708A026AD9C213C57F6C5796C16B2CC0B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d6:3b:9f:2a:84:16:b6:a1:ce:e8:f1:90:3a:
c9:2b:ad:bc:0f:22:ff:f4:9e:dc:ef:ca:0a:a4:90:
e2:f4:8a:e9:31:b2:38:54:de:4a:d5:92:08:a5:e6:
f1:1d:56:b3:76:e6:5c:ac:d9:26:f7:6c:f9:50:db:
61:0d:9b:8d:54:86:b1:84:d5:c7:d8:ce:2f:37:63:
3a:bf:07:b2:1d:58:90:97:93:dc:2e:89:68:6e:70:
60:b5:0d:92:3f:57:48:28:f1:ef:6a:2b:31:f3:80:
af:99:ac:ec:3e:f8:25:c1:9a:8a:36:fd:9c:ed:c8:
cb:15:ff:e5:c2:79:dc:98:00:b3:e1:ff:4a:ac:9e:
e0:f7:b4:13:73:f0:88:c3:c9:c3:6e:d9:7f:f9:ed:
7c:41:d6:23:63:a7:ec:e6:20:a6:76:e9:18:0e:34:
b5:54:8d:07:b8:de:a2:4c:f9:6d:4d:05:87:85:1b:
dd:9a:44:3a:80:4b:f0:6b:86:d5:f7:d8:d3:5c:94:
c7:a2:d9:9c:33:3d:df:4f:0c:11:5b:ea:c5:86:27:
54:ce:4d:2e:b7:e3:cd:ce:9b:14:14:ae:bb:80:2a:
8a:9f:d6:4a:50:24:a4:e0:a6:17:bc:72:ab:06:d8:
88:c9:da:a3:a9:8a:48:8a:6b:b1:ed:fb:eb:35:66:
86:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4F:FF:70:8A:02:6A:D9:C2:13:C5:7F:6C:57:96:C1:6B:2C:C0:B6
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.65.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:01:69:44:a8:8e:3e:16:1e:7e:08:de:29:71:63:9f:86:5f:
b8:3c:e4:5d:aa:cb:d4:98:da:86:e8:64:03:6a:0b:34:83:bb:
d5:7e:9a:79:77:13:c4:5f:d1:dc:db:74:d8:d2:16:df:28:08:
50:7e:5a:0a:13:10:ce:29:18:42:2d:c4:85:7a:0e:22:95:68:
a2:9e:87:b8:af:45:9f:bf:22:41:f1:ca:ef:a4:99:3e:7f:42:
dc:5e:e9:61:7f:5c:76:2e:09:c4:ea:5a:3c:3b:bf:2e:16:a5:
e5:3e:4a:5c:a5:68:22:4a:e7:f5:f7:a6:dd:c9:44:22:96:ae:
c4:5a:1c:e5:21:3a:0f:1b:0c:3b:92:dc:71:2a:ef:9a:50:41:
5f:aa:9f:77:13:33:d0:d5:e4:79:7a:24:c9:99:93:f5:0d:7a:
b2:db:e0:b3:3a:ce:82:fd:6b:34:79:1b:c1:7f:6c:57:57:b5:
4e:a3:fa:f1:89:10:a1:fb:0a:0e:9f:71:d6:2c:b2:11:e8:ad:
cb:d3:75:73:61:14:b7:96:98:ef:16:01:91:5b:79:93:38:a3:
a2:24:af:07:a0:01:ea:bd:64:c1:0a:fd:04:a9:b9:dc:f2:3a:
6e:03:a8:3c:f6:1c:e1:83:1a:a1:3a:c5:e0:da:e8:dd:e6:76:
f6:9e:28:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOC2Fz8OI2osr8I7lC8BF9t/XJtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDExMTExMjM4MjdaFw0yNTExMTAxMjQzMjdaMDMxMTAvBgNV
BAMTKEJGNEZGRjcwOEEwMjZBRDlDMjEzQzU3RjZDNTc5NkMxNkIyQ0MwQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY1jufKoQWtqHO6PGQOskrrbwP
Iv/0ntzvygqkkOL0iukxsjhU3krVkgil5vEdVrN25lys2Sb3bPlQ22ENm41UhrGE
1cfYzi83Yzq/B7IdWJCXk9wuiWhucGC1DZI/V0go8e9qKzHzgK+ZrOw++CXBmoo2
/ZztyMsV/+XCedyYALPh/0qsnuD3tBNz8IjDycNu2X/57XxB1iNjp+zmIKZ26RgO
NLVUjQe43qJM+W1NBYeFG92aRDqAS/BrhtX32NNclMei2ZwzPd9PDBFb6sWGJ1TO
TS63483OmxQUrruAKoqf1kpQJKTgphe8cqsG2IjJ2qOpikiKa7Ht++s1Zob/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUv0//cIoCatnCE8V/bFeWwWsswLYwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtBMA0GCSqGSIb3DQEBCwUAA4IBAQCMAWlEqI4+Fh5+CN4pcWOfhl+4PORdqsvU
mNqG6GQDags0g7vVfpp5dxPEX9Hc23TY0hbfKAhQfloKExDOKRhCLcSFeg4ilWii
noe4r0WfvyJB8crvpJk+f0LcXulhf1x2LgnE6lo8O78uFqXlPkpcpWgiSuf196bd
yUQilq7EWhzlIToPGww7ktxxKu+aUEFfqp93EzPQ1eR5eiTJmZP1DXqy2+CzOs6C
/Ws0eRvBf2xXV7VOo/rxiRCh+woOn3HWLLIR6K3L03VzYRS3lpjvFgGRW3mTOKOi
JK8HoAHqvWTBCv0Eqbnc8jpuA6g89hzhgxqhOsXg2ujd5nb2nihA
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org