Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e36362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: SNW8omoc9P2vj0w72D1hi4oAnHQDAuaks2hIVn3M924=
Subject key identifier: 8A:C9:DA:1E:02:99:32:96:1A:11:EF:42:35:7B:A5:40:45:D0:99:1C
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 412B44F95346B23B0D544A42FB9B45519947CAFB
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e20383334.roa
Signing time: Sun 27 Oct 2024 18:31:23 +0000
ROA not before: Sun 27 Oct 2024 18:26:23 +0000
ROA not after: Sun 26 Oct 2025 18:31:23 +0000
asID: 834
IP address blocks: 213.139.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2b:44:f9:53:46:b2:3b:0d:54:4a:42:fb:9b:45:51:99:47:ca:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Oct 27 18:26:23 2024 GMT
Not After : Oct 26 18:31:23 2025 GMT
Subject: CN=8AC9DA1E029932961A11EF42357BA54045D0991C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:44:77:2c:af:87:de:41:ba:06:61:83:de:
51:74:66:76:1f:67:de:3b:03:25:9c:e0:9f:a2:1f:
c5:6a:4a:76:2d:16:86:11:6d:2d:76:d5:af:c7:2e:
16:39:a9:a7:be:99:db:f1:85:0c:40:c1:ce:48:07:
4a:a0:6a:8d:b9:07:bf:d4:e4:48:f3:b4:69:6c:7e:
4c:d7:6e:eb:19:87:ee:b3:b2:06:58:77:0d:6a:dd:
bf:2c:ab:64:4e:ae:a5:18:ee:25:35:87:1f:2f:08:
aa:4c:9c:44:30:41:34:79:21:a8:e9:e1:40:b2:c6:
12:34:d9:5a:93:fb:f2:39:fb:3c:32:c5:85:e0:27:
17:b0:c8:6e:be:c1:a0:27:b4:37:10:c5:87:9b:ed:
99:77:d1:20:4b:ee:69:54:df:9a:27:22:83:3d:b5:
20:b5:02:69:f8:8c:42:00:68:4a:b8:79:5a:47:de:
9b:ae:aa:cc:45:d6:1d:3a:9c:55:7e:cd:0d:86:47:
fa:1c:a6:3e:08:98:2b:85:d0:6c:09:56:3b:8b:d7:
f7:c0:fd:cb:de:2f:fe:99:0c:9a:2e:cd:ef:e5:6b:
af:88:ae:87:86:e1:18:fc:7e:3e:6d:dd:23:aa:1c:
b0:15:33:55:32:b6:c1:75:7d:9b:70:be:6c:93:0b:
21:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C9:DA:1E:02:99:32:96:1A:11:EF:42:35:7B:A5:40:45:D0:99:1C
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.66.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:3b:72:37:b6:87:78:b0:49:6a:86:58:fd:f1:fa:83:d5:be:
53:c4:c4:41:a1:77:a8:db:36:3a:08:a3:83:ef:67:9d:75:65:
38:20:3c:c2:2d:ae:19:e2:79:b4:0c:5a:af:b1:14:cf:9c:9c:
61:fa:eb:03:aa:b8:5c:62:4b:f0:bf:f9:d4:57:42:30:24:b4:
f7:58:8f:30:26:a9:9a:06:12:47:5c:97:de:1d:a1:14:46:fc:
23:4e:8e:65:86:f9:14:e6:a5:85:68:ae:0f:c1:5c:3d:da:08:
a4:00:d6:15:59:a3:58:27:12:9d:cd:01:b6:d3:9c:48:be:6b:
54:44:32:5e:f9:61:11:b2:64:87:9f:60:bd:db:d7:5d:02:6a:
93:ed:16:a6:83:5c:46:40:88:cb:2f:7e:2f:58:87:61:39:69:
97:90:3c:f9:5f:b8:31:cf:cd:82:20:01:c1:07:11:5a:50:26:
98:e9:20:2d:10:fa:72:71:01:bb:66:f0:83:72:61:48:d2:65:
0c:da:e4:bf:44:20:0f:dd:6f:7d:5d:d0:9c:dd:a0:e5:8c:d6:
6d:06:cd:68:1a:8d:58:64:bd:60:2e:41:5b:6e:d8:1c:a2:88:
b0:35:d5:a6:fb:ab:b5:f4:69:ef:2a:be:9d:b5:6d:85:e9:48:
6c:48:fb:be
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQStE+VNGsjsNVEpC+5tFUZlHyvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDEwMjcxODI2MjNaFw0yNTEwMjYxODMxMjNaMDMxMTAvBgNV
BAMTKDhBQzlEQTFFMDI5OTMyOTYxQTExRUY0MjM1N0JBNTQwNDVEMDk5MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHEER3LK+H3kG6BmGD3lF0ZnYf
Z947AyWc4J+iH8VqSnYtFoYRbS121a/HLhY5qae+mdvxhQxAwc5IB0qgao25B7/U
5EjztGlsfkzXbusZh+6zsgZYdw1q3b8sq2ROrqUY7iU1hx8vCKpMnEQwQTR5Iajp
4UCyxhI02VqT+/I5+zwyxYXgJxewyG6+waAntDcQxYeb7Zl30SBL7mlU35onIoM9
tSC1Amn4jEIAaEq4eVpH3puuqsxF1h06nFV+zQ2GR/ocpj4ImCuF0GwJVjuL1/fA
/cveL/6ZDJouze/la6+IroeG4Rj8fj5t3SOqHLAVM1UytsF1fZtwvmyTCyHJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUisnaHgKZMpYaEe9CNXulQEXQmRwwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi0Iw
DQYJKoZIhvcNAQELBQADggEBAI07cje2h3iwSWqGWP3x+oPVvlPExEGhd6jbNjoI
o4PvZ511ZTggPMItrhniebQMWq+xFM+cnGH66wOquFxiS/C/+dRXQjAktPdYjzAm
qZoGEkdcl94doRRG/CNOjmWG+RTmpYVorg/BXD3aCKQA1hVZo1gnEp3NAbbTnEi+
a1REMl75YRGyZIefYL3b110CapPtFqaDXEZAiMsvfi9Yh2E5aZeQPPlfuDHPzYIg
AcEHEVpQJpjpIC0Q+nJxAbtm8INyYUjSZQza5L9EIA/db31d0JzdoOWM1m0GzWga
jVhkvWAuQVtu2ByiiLA11ab7q7X0ae8qvp21bYXpSGxI+74=
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:50:29 2024 by rpki-client on console-ams.rpki-client.org