Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
File: 3231332e3133392e37322e302f32342d3234203d3e203230383630.roa (raw, json)
Hash identifier: Ghq8jwTJA7GRX7mh9mqCc+aBnqXGq/O3Bay6ZVLERbE=
Subject key identifier: 67:42:6C:E7:2D:7A:DF:5C:AF:82:43:ED:62:E6:27:29:E8:DF:90:67
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 41E42EE8FE11646B37D41F3135C656193FCB73B5
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
Signing time: Tue 20 Feb 2024 16:21:29 +0000
ROA not before: Tue 20 Feb 2024 16:16:29 +0000
ROA not after: Tue 18 Feb 2025 16:21:29 +0000
asID: 20860
IP address blocks: 213.139.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e4:2e:e8:fe:11:64:6b:37:d4:1f:31:35:c6:56:19:3f:cb:73:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 20 16:16:29 2024 GMT
Not After : Feb 18 16:21:29 2025 GMT
Subject: CN=67426CE72D7ADF5CAF8243ED62E62729E8DF9067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:bf:f8:64:60:20:a5:97:7b:93:e7:3a:4c:
a7:64:86:ac:7b:8a:5e:80:85:d3:06:4c:00:03:49:
92:12:e4:6a:75:71:82:6d:61:fb:d5:bb:de:dc:2b:
6d:05:7a:09:62:75:e9:0a:9e:1a:cb:52:fe:c8:8a:
49:6c:a9:75:9c:20:45:9d:74:10:d5:41:3d:b3:64:
35:c4:18:53:2f:86:1c:17:e2:1a:67:a2:f0:f8:97:
b4:39:8a:01:1c:22:6e:a3:ac:0f:d7:06:ae:48:1b:
29:0a:65:7a:e5:fd:ea:bd:c6:0c:25:eb:7b:ff:fd:
5a:af:33:33:04:d6:d2:b7:f3:d6:da:64:52:86:39:
94:c9:1f:6a:c3:ed:1a:c5:a2:53:aa:73:e2:49:86:
e2:fa:2a:57:c6:dc:b2:42:e9:0b:06:7a:a4:c5:61:
41:c6:42:75:a8:52:19:09:d6:de:15:c9:df:86:c4:
33:f5:8c:11:53:5c:ef:60:1f:80:cb:0e:15:c5:76:
48:b4:ea:39:76:df:8e:b0:aa:de:bd:f5:b3:2d:80:
d5:22:9a:bf:cd:1a:72:67:e0:d9:f0:84:ac:75:f4:
51:40:da:c5:0b:1d:8b:73:59:a8:90:9a:d4:53:35:
51:a1:ca:fa:62:ab:5f:e0:40:e9:79:f5:35:9c:cd:
39:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:42:6C:E7:2D:7A:DF:5C:AF:82:43:ED:62:E6:27:29:E8:DF:90:67
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.72.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ec:d5:48:b5:90:5d:d1:2f:ba:e9:91:95:24:d2:3f:40:89:
25:26:93:b1:99:67:3b:1e:b8:8f:db:0a:01:71:ea:24:22:39:
ee:72:f9:71:29:9f:10:fc:bb:a9:d0:fd:e7:e5:1f:e5:48:d7:
fc:2d:e7:bd:09:4a:51:00:e7:85:3b:96:d4:1c:cd:08:49:6f:
c4:f9:88:41:d4:b2:d9:dd:12:fb:b2:2a:d4:70:ba:da:43:5c:
cd:ae:e1:45:bc:63:a7:b5:7e:31:75:e9:c0:8c:4d:e6:8d:99:
f7:4e:5a:be:6b:34:6e:9f:7a:79:54:c8:45:af:bd:d8:d0:b5:
88:92:1e:7b:8e:ce:48:46:a2:7f:d7:a8:56:ef:14:b8:47:9a:
a8:ac:66:57:2a:13:cd:79:e8:1d:a8:d9:ff:e0:1e:b3:ea:e7:
66:6b:4f:e4:4b:db:82:6e:66:98:20:76:66:25:8d:33:5b:b6:
96:a0:d8:46:ed:39:18:1e:ea:79:07:7e:94:8a:94:bf:a0:97:
ed:83:d7:3a:15:87:d1:19:13:99:32:ac:cc:10:f5:ce:f8:f7:
56:d5:03:91:00:60:f6:51:f1:3f:e5:69:4a:23:08:c4:72:75:
a7:66:7c:c9:d4:7e:d6:d3:38:69:85:29:83:2c:3e:a8:bb:87:
4f:2c:a8:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQeQu6P4RZGs31B8xNcZWGT/Lc7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAyMjAxNjE2MjlaFw0yNTAyMTgxNjIxMjlaMDMxMTAvBgNV
BAMTKDY3NDI2Q0U3MkQ3QURGNUNBRjgyNDNFRDYyRTYyNzI5RThERjkwNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7i7/4ZGAgpZd7k+c6TKdkhqx7
il6AhdMGTAADSZIS5Gp1cYJtYfvVu97cK20FeglidekKnhrLUv7IiklsqXWcIEWd
dBDVQT2zZDXEGFMvhhwX4hpnovD4l7Q5igEcIm6jrA/XBq5IGykKZXrl/eq9xgwl
63v//VqvMzME1tK389baZFKGOZTJH2rD7RrFolOqc+JJhuL6KlfG3LJC6QsGeqTF
YUHGQnWoUhkJ1t4Vyd+GxDP1jBFTXO9gH4DLDhXFdki06jl2346wqt699bMtgNUi
mr/NGnJn4NnwhKx19FFA2sULHYtzWaiQmtRTNVGhyvpiq1/gQOl59TWczTmXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZ0Js5y1631yvgkPtYuYnKejfkGcwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtIMA0GCSqGSIb3DQEBCwUAA4IBAQB67NVItZBd0S+66ZGVJNI/QIklJpOxmWc7
HriP2woBceokIjnucvlxKZ8Q/Lup0P3n5R/lSNf8Lee9CUpRAOeFO5bUHM0ISW/E
+YhB1LLZ3RL7sirUcLraQ1zNruFFvGOntX4xdenAjE3mjZn3Tlq+azRun3p5VMhF
r73Y0LWIkh57js5IRqJ/16hW7xS4R5qorGZXKhPNeegdqNn/4B6z6udma0/kS9uC
bmaYIHZmJY0zW7aWoNhG7TkYHup5B36UipS/oJftg9c6FYfRGROZMqzMEPXO+PdW
1QORAGD2UfE/5WlKIwjEcnWnZnzJ1H7W0zhphSmDLD6ou4dPLKgI
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:50 2024 by rpki-client on console-fra.rpki-client.org