Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20333936333536.roa
File: 3231332e3133392e37332e302f32342d3234203d3e20333936333536.roa (raw, json)
Hash identifier: p9bl2cITeGqyDsp+qYa6XKu0+IBsfcA9I2MK2L2iu7Q=
Subject key identifier: E6:36:D2:12:63:3A:B0:C1:01:0E:27:53:BE:B1:41:FF:F4:C7:E7:89
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1ABCB4647D2EAE2371879F581CB824EB4437A024
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20333936333536.roa
Signing time: Wed 20 Nov 2024 12:43:28 +0000
ROA not before: Wed 20 Nov 2024 12:38:28 +0000
ROA not after: Wed 19 Nov 2025 12:43:28 +0000
asID: 396356
IP address blocks: 213.139.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 00:21:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:bc:b4:64:7d:2e:ae:23:71:87:9f:58:1c:b8:24:eb:44:37:a0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Nov 20 12:38:28 2024 GMT
Not After : Nov 19 12:43:28 2025 GMT
Subject: CN=E636D212633AB0C1010E2753BEB141FFF4C7E789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:af:f3:e4:b9:ef:5a:a1:1d:0f:ca:73:1c:
78:2a:24:88:c9:a5:74:9e:fe:85:58:83:ac:b8:65:
9a:05:2b:15:2e:86:44:15:7d:e3:c6:c5:bc:07:2d:
34:60:05:f8:91:16:a4:e0:6f:61:d5:b9:e1:7c:2a:
2c:1a:78:d1:84:3b:2c:ca:9f:55:eb:a9:44:38:fd:
ec:f0:87:c2:30:f4:f3:2d:0a:1c:f6:44:1e:4b:ae:
a5:40:d4:1c:9e:3b:5c:24:17:81:c9:13:37:c4:76:
03:6f:92:e2:a5:c9:4e:cc:20:32:4b:24:df:f8:74:
49:68:ad:52:a3:c3:e9:fa:ab:52:d5:1a:b2:c1:2a:
9f:d6:f8:0b:1a:9e:f0:67:cc:45:35:65:ca:a6:3e:
05:f2:c1:78:03:a0:db:e1:0a:f6:ea:8d:96:5a:ff:
18:26:34:a2:a4:6d:d2:f2:7c:44:e1:37:4a:0d:f2:
78:69:2b:6e:bb:84:6f:e5:13:93:22:7d:7d:74:ba:
5d:92:ec:21:ac:c3:31:26:60:fc:01:fe:9f:e0:8f:
ad:42:8f:1b:62:08:1d:3a:d2:64:3c:96:60:4c:31:
1c:01:ab:2b:27:8f:a2:ac:72:11:f7:7f:39:d6:f0:
08:b2:41:cc:5f:ae:61:be:ba:60:7e:a3:b3:54:7f:
26:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:36:D2:12:63:3A:B0:C1:01:0E:27:53:BE:B1:41:FF:F4:C7:E7:89
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.73.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:be:b8:f5:f0:60:db:c5:ae:ac:29:43:85:ce:4b:f6:de:76:
a7:97:2f:c0:13:07:69:36:4b:44:e6:1f:b3:85:c4:e6:2f:57:
7c:9a:7a:e1:eb:74:74:22:5d:04:54:e1:c2:d1:bf:cf:f5:06:
a9:09:2d:0e:05:d0:43:cf:b5:4d:b9:d9:69:31:37:da:57:1f:
64:21:6b:f3:c4:33:13:5c:e7:f2:59:fe:17:0f:19:e5:9e:9f:
e8:49:a8:d7:7c:8d:01:eb:8d:cf:e4:07:cf:8a:e9:62:3e:7c:
06:22:f7:1a:85:f2:58:0a:38:2e:02:7a:6b:ff:ab:af:2e:ee:
c1:f3:53:af:d4:a4:81:0b:6d:65:2c:c4:f5:31:a0:3c:03:23:
0d:9c:f5:88:d9:50:f3:a9:ce:a1:56:cf:c5:6d:7b:10:8c:cc:
1f:c4:a7:90:24:74:6c:3c:65:f0:97:14:ab:10:ed:94:d6:5b:
91:a5:7e:12:e3:1d:75:9c:12:73:f7:5a:a8:76:47:a2:f5:ef:
a2:14:2b:93:c1:32:2f:9c:7b:7c:67:39:37:82:58:d4:d7:8d:
55:cc:82:4c:ce:88:3a:46:e5:97:80:e9:01:df:a0:c0:4b:06:
77:2a:20:24:71:b8:fa:56:3e:a1:1d:bc:26:77:66:35:7a:25:
1d:5c:bc:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGry0ZH0uriNxh59YHLgk60Q3oCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDExMjAxMjM4MjhaFw0yNTExMTkxMjQzMjhaMDMxMTAvBgNV
BAMTKEU2MzZEMjEyNjMzQUIwQzEwMTBFMjc1M0JFQjE0MUZGRjRDN0U3ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Xa/z5LnvWqEdD8pzHHgqJIjJ
pXSe/oVYg6y4ZZoFKxUuhkQVfePGxbwHLTRgBfiRFqTgb2HVueF8KiwaeNGEOyzK
n1XrqUQ4/ezwh8Iw9PMtChz2RB5LrqVA1ByeO1wkF4HJEzfEdgNvkuKlyU7MIDJL
JN/4dElorVKjw+n6q1LVGrLBKp/W+AsanvBnzEU1ZcqmPgXywXgDoNvhCvbqjZZa
/xgmNKKkbdLyfEThN0oN8nhpK267hG/lE5MifX10ul2S7CGswzEmYPwB/p/gj61C
jxtiCB060mQ8lmBMMRwBqysnj6KschH3fznW8AiyQcxfrmG+umB+o7NUfyaPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5jbSEmM6sMEBDidTvrFB//TH54kwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzYzMzM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi0kwDQYJKoZIhvcNAQELBQADggEBAKW+uPXwYNvFrqwpQ4XOS/bedqeXL8AT
B2k2S0TmH7OFxOYvV3yaeuHrdHQiXQRU4cLRv8/1BqkJLQ4F0EPPtU252WkxN9pX
H2Qha/PEMxNc5/JZ/hcPGeWen+hJqNd8jQHrjc/kB8+K6WI+fAYi9xqF8lgKOC4C
emv/q68u7sHzU6/UpIELbWUsxPUxoDwDIw2c9YjZUPOpzqFWz8VtexCMzB/Ep5Ak
dGw8ZfCXFKsQ7ZTWW5GlfhLjHXWcEnP3Wqh2R6L176IUK5PBMi+ce3xnOTeCWNTX
jVXMgkzOiDpG5ZeA6QHfoMBLBncqICRxuPpWPqEdvCZ3ZjV6JR1cvJQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:46 2025 by rpki-client