Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa
File: 3231332e3133392e36362e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 1hlK3K+inj21DftfAPCqNx9Ur756v/RvYDQKchDD0RY=
Subject key identifier: 3D:65:47:DB:5D:5E:7B:30:7A:3F:A4:55:E2:25:D8:EB:A1:41:DF:01
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4043E603A27DF4DC6D6B2DB68E130D8421764CDA
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa
Signing time: Wed 27 Nov 2024 06:40:13 +0000
ROA not before: Wed 27 Nov 2024 06:35:13 +0000
ROA not after: Wed 26 Nov 2025 06:40:13 +0000
asID: 16509
IP address blocks: 213.139.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:43:e6:03:a2:7d:f4:dc:6d:6b:2d:b6:8e:13:0d:84:21:76:4c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Nov 27 06:35:13 2024 GMT
Not After : Nov 26 06:40:13 2025 GMT
Subject: CN=3D6547DB5D5E7B307A3FA455E225D8EBA141DF01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:77:a8:ab:8b:d5:80:02:a4:98:5e:f3:ec:
11:bf:e7:5b:c9:7c:77:54:2f:41:a3:b1:41:be:1f:
1f:79:0a:f6:e1:73:9d:8a:76:23:ef:6e:7d:43:0e:
f2:e5:e3:5c:d6:5a:c3:ca:ef:57:c8:01:40:f6:9a:
86:33:5e:6a:af:f6:b9:94:49:31:6e:29:37:cb:28:
a2:8f:75:6a:3d:ec:18:b9:b7:bb:c3:db:a3:fa:c3:
a9:0b:d3:e4:a7:f4:07:16:2c:af:39:e3:b0:25:0f:
e3:bc:4a:14:bc:8e:58:44:7e:be:0c:86:43:2c:08:
7a:db:10:34:55:ef:9a:98:85:d4:a8:b1:53:c0:1f:
67:ad:e8:d1:2c:3f:5d:c2:15:54:c3:5a:f6:9a:07:
66:6c:23:9b:8b:f1:c8:2b:d2:e8:ac:ff:92:b2:fc:
ed:95:41:1f:87:54:32:6f:dc:f6:79:9f:eb:a5:49:
c8:a8:03:62:1e:a3:fc:4b:fb:6c:55:60:0c:eb:f5:
49:0f:5d:45:6b:cd:cd:a2:8e:aa:08:2f:b3:31:8d:
27:8b:58:61:a5:bd:cc:0e:a4:38:a3:6f:45:b6:ed:
b6:62:35:ad:1b:27:8e:5b:00:f3:ff:ce:80:13:c8:
16:5a:f9:fa:0f:ed:61:f6:39:0c:c9:16:4b:1d:97:
7a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:65:47:DB:5D:5E:7B:30:7A:3F:A4:55:E2:25:D8:EB:A1:41:DF:01
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.66.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3e:70:5f:da:23:d8:82:28:4d:c1:64:e6:28:e1:fb:b3:96:
9d:d3:ba:cf:70:c5:e9:39:cf:de:30:ed:47:ec:43:cd:85:d8:
c0:69:bf:91:d1:61:78:71:db:f3:3e:56:f6:f5:fd:f4:e2:eb:
cb:b1:26:f0:c1:9e:68:e3:ed:42:d3:80:0e:5d:d7:35:83:24:
fc:5b:04:01:85:b2:79:6d:51:16:ff:81:ab:d0:9b:06:80:31:
e5:74:2b:d0:3d:2f:5d:db:64:07:e9:0e:95:2a:2e:4b:84:9d:
24:90:5c:7e:97:e9:4f:a1:ac:9a:e8:cf:2b:89:0e:c7:1c:36:
ce:89:ec:cd:1a:6c:64:d4:a3:36:cd:97:03:a9:1a:0c:fe:a9:
09:90:cb:f4:bd:17:65:a3:47:c6:63:9d:3e:c4:f2:84:11:0b:
9e:7b:4f:48:d8:69:ac:c2:46:d9:5c:c2:d6:84:d6:aa:e0:42:
f4:80:e3:69:67:f9:67:80:50:7a:f0:2e:6b:93:88:25:02:0b:
fe:60:f2:ed:94:9e:f2:f7:7f:d9:ae:82:53:57:b6:92:d1:11:
25:fb:68:af:5b:f6:5b:1a:fc:d2:d5:14:9a:15:ae:1c:aa:45:
2f:8b:31:6e:54:e1:a1:79:14:c2:6c:f1:3a:7a:89:e2:16:96:
7f:4d:83:5a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQEPmA6J99Nxtay22jhMNhCF2TNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDExMjcwNjM1MTNaFw0yNTExMjYwNjQwMTNaMDMxMTAvBgNV
BAMTKDNENjU0N0RCNUQ1RTdCMzA3QTNGQTQ1NUUyMjVEOEVCQTE0MURGMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC153eoq4vVgAKkmF7z7BG/51vJ
fHdUL0GjsUG+Hx95Cvbhc52KdiPvbn1DDvLl41zWWsPK71fIAUD2moYzXmqv9rmU
STFuKTfLKKKPdWo97Bi5t7vD26P6w6kL0+Sn9AcWLK8547AlD+O8ShS8jlhEfr4M
hkMsCHrbEDRV75qYhdSosVPAH2et6NEsP13CFVTDWvaaB2ZsI5uL8cgr0uis/5Ky
/O2VQR+HVDJv3PZ5n+ulScioA2Ieo/xL+2xVYAzr9UkPXUVrzc2ijqoIL7MxjSeL
WGGlvcwOpDijb0W27bZiNa0bJ45bAPP/zoATyBZa+foP7WH2OQzJFksdl3o/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPWVH211eezB6P6RV4iXY66FB3wEwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtCMA0GCSqGSIb3DQEBCwUAA4IBAQAhPnBf2iPYgihNwWTmKOH7s5ad07rPcMXp
Oc/eMO1H7EPNhdjAab+R0WF4cdvzPlb29f304uvLsSbwwZ5o4+1C04AOXdc1gyT8
WwQBhbJ5bVEW/4Gr0JsGgDHldCvQPS9d22QH6Q6VKi5LhJ0kkFx+l+lPoaya6M8r
iQ7HHDbOiezNGmxk1KM2zZcDqRoM/qkJkMv0vRdlo0fGY50+xPKEEQuee09I2Gms
wkbZXMLWhNaq4EL0gONpZ/lngFB68C5rk4glAgv+YPLtlJ7y93/ZroJTV7aS0REl
+2ivW/ZbGvzS1RSaFa4cqkUvizFuVOGheRTCbPE6eoniFpZ/TYNa
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:12 2025 by rpki-client