Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
File: 3231332e3133392e37302e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: vs2b7sm3b3a6ih0FOLh30+kJAWgxfwtdRLZicKgW2iY=
Subject key identifier: 5E:19:62:BB:1B:FC:1C:42:E6:85:BE:53:2C:2C:1B:CB:57:AB:4D:3B
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 04303CC9FA1F53FEA34397BB9E1573BD2E9750B0
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
Signing time: Wed 27 Nov 2024 13:43:28 +0000
ROA not before: Wed 27 Nov 2024 13:38:28 +0000
ROA not after: Wed 26 Nov 2025 13:43:28 +0000
asID: 61317
IP address blocks: 213.139.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 00:21:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:30:3c:c9:fa:1f:53:fe:a3:43:97:bb:9e:15:73:bd:2e:97:50:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Nov 27 13:38:28 2024 GMT
Not After : Nov 26 13:43:28 2025 GMT
Subject: CN=5E1962BB1BFC1C42E685BE532C2C1BCB57AB4D3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:26:e2:6e:22:9c:7d:d6:e3:00:3b:31:a0:33:
f7:51:82:ed:5f:91:b0:23:f6:6a:eb:90:9d:b7:61:
69:53:92:34:67:06:25:a6:89:16:b2:d3:6a:66:89:
4f:62:ef:2a:44:6e:5c:89:3a:99:9d:3c:73:02:f8:
5d:69:08:cb:d4:ba:e0:3c:47:a9:dc:ab:1d:31:6b:
69:3e:f1:e4:4a:5c:9c:9c:fe:20:15:53:ed:81:e5:
90:c5:1b:c2:4f:c8:91:95:e7:8a:ad:d6:97:cc:4d:
5a:34:3f:f5:5b:10:48:c3:7b:00:12:a7:9e:54:95:
ff:5b:67:4d:7c:1a:cf:17:e9:f8:df:7f:44:1e:35:
a1:77:da:db:74:2a:4e:f9:73:e6:9d:46:16:bb:2f:
95:b2:d3:fe:09:be:2a:9d:91:96:c3:82:9a:e2:70:
0e:e5:58:fe:31:49:1b:bf:40:aa:19:ae:c6:09:90:
49:d7:ea:70:05:3f:dc:73:d3:1a:bc:71:c6:e2:ea:
e6:31:c2:fe:36:77:c3:b0:f2:60:03:07:ea:ad:41:
94:91:2d:f4:38:52:de:a1:4b:fe:28:da:9f:ee:27:
dc:fc:70:f3:a3:92:d4:57:06:c3:cf:ac:0a:bc:64:
39:5d:87:2a:2d:93:21:2c:83:1c:d7:dd:d4:ef:7f:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:19:62:BB:1B:FC:1C:42:E6:85:BE:53:2C:2C:1B:CB:57:AB:4D:3B
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.70.0/24
Signature Algorithm: sha256WithRSAEncryption
07:0c:77:ca:f0:64:a6:b7:27:ec:86:30:83:34:af:28:59:e7:
d4:67:a4:77:fd:dd:29:2b:b0:e3:fe:0e:99:e3:3d:cb:96:22:
ad:fe:6b:bc:1e:a8:ce:43:8c:4e:f1:3b:4c:29:1d:3e:2a:7b:
e7:f5:b3:2b:e7:d3:5f:7a:fd:f2:75:97:d4:17:ff:92:2f:a2:
63:5a:cc:87:94:d0:9b:32:8b:e1:59:65:76:98:a6:53:f2:20:
21:9f:42:74:ad:36:6a:b2:b9:17:b5:c9:07:a7:45:8e:f3:91:
90:78:b0:27:f2:1e:e4:2c:a5:e3:de:d6:5e:36:3d:8f:e9:92:
27:1f:7a:fc:ba:c0:eb:0a:7f:73:b7:71:e0:d1:94:40:7f:91:
6c:59:b9:8e:d4:f0:33:39:1b:47:91:ce:0f:e3:b4:b3:2c:bd:
76:20:40:5a:36:b1:db:0e:a3:72:32:a0:5c:d1:c7:5c:1a:9f:
be:ce:41:a8:ed:4a:88:b5:3a:14:64:22:eb:1d:d5:cd:7f:56:
78:b9:74:9a:07:84:b0:c2:d0:a1:83:89:de:2d:b3:eb:5b:72:
83:a7:48:23:87:c9:b2:21:d6:c7:ab:50:b7:b3:dd:d9:55:7c:
ba:cd:6d:75:a0:16:a8:58:84:da:71:d4:12:7a:4f:38:dc:05:
26:f2:37:4c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBDA8yfofU/6jQ5e7nhVzvS6XULAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDExMjcxMzM4MjhaFw0yNTExMjYxMzQzMjhaMDMxMTAvBgNV
BAMTKDVFMTk2MkJCMUJGQzFDNDJFNjg1QkU1MzJDMkMxQkNCNTdBQjREM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnJuJuIpx91uMAOzGgM/dRgu1f
kbAj9mrrkJ23YWlTkjRnBiWmiRay02pmiU9i7ypEblyJOpmdPHMC+F1pCMvUuuA8
R6ncqx0xa2k+8eRKXJyc/iAVU+2B5ZDFG8JPyJGV54qt1pfMTVo0P/VbEEjDewAS
p55Ulf9bZ018Gs8X6fjff0QeNaF32tt0Kk75c+adRha7L5Wy0/4JviqdkZbDgpri
cA7lWP4xSRu/QKoZrsYJkEnX6nAFP9xz0xq8ccbi6uYxwv42d8Ow8mADB+qtQZSR
LfQ4Ut6hS/4o2p/uJ9z8cPOjktRXBsPPrAq8ZDldhyotkyEsgxzX3dTvf+E9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXhliuxv8HELmhb5TLCwby1erTTswHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtGMA0GCSqGSIb3DQEBCwUAA4IBAQAHDHfK8GSmtyfshjCDNK8oWefUZ6R3/d0p
K7Dj/g6Z4z3LliKt/mu8HqjOQ4xO8TtMKR0+Knvn9bMr59Nfev3ydZfUF/+SL6Jj
WsyHlNCbMovhWWV2mKZT8iAhn0J0rTZqsrkXtckHp0WO85GQeLAn8h7kLKXj3tZe
Nj2P6ZInH3r8usDrCn9zt3Hg0ZRAf5FsWbmO1PAzORtHkc4P47SzLL12IEBaNrHb
DqNyMqBc0cdcGp++zkGo7UqItToUZCLrHdXNf1Z4uXSaB4SwwtChg4neLbPrW3KD
p0gjh8myIdbHq1C3s93ZVXy6zW11oBaoWITacdQSek843AUm8jdM
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:55 2025 by rpki-client