Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa
File: 3231332e3133392e37342e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: SYDNtbUftTvIAY1nHMVswIaI7CgNSFMYjysKDb9SdV4=
Subject key identifier: 69:B7:7B:01:FA:DB:7D:4A:B9:68:8A:07:0A:B5:13:4A:EC:70:D5:CB
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1749C24E5034DABE6E1ECBA08591D2778D86306E
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa
Signing time: Wed 27 Mar 2024 00:45:05 +0000
ROA not before: Wed 27 Mar 2024 00:40:05 +0000
ROA not after: Wed 26 Mar 2025 00:45:05 +0000
asID: 29802
IP address blocks: 213.139.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:49:c2:4e:50:34:da:be:6e:1e:cb:a0:85:91:d2:77:8d:86:30:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Mar 27 00:40:05 2024 GMT
Not After : Mar 26 00:45:05 2025 GMT
Subject: CN=69B77B01FADB7D4AB9688A070AB5134AEC70D5CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:af:67:eb:09:cf:da:6a:61:c6:4a:52:31:
af:d7:f0:78:e0:d6:dd:e6:eb:42:bb:58:cd:a6:3c:
84:ee:af:1a:c9:2f:86:1b:23:4f:87:1d:00:54:25:
47:21:66:bc:31:e0:7e:1c:d6:e6:3a:a8:c6:2b:db:
6a:6f:91:79:b5:8d:26:ea:e1:1c:42:a4:93:8a:44:
d7:a9:0c:49:36:16:f0:6d:7e:15:5d:ff:63:ad:34:
49:4a:7c:5a:ce:5b:5b:7e:d4:bb:9f:1a:34:85:02:
62:81:a3:df:f0:fa:40:03:10:45:e8:e4:6b:2c:55:
86:67:02:0b:dc:27:e0:a7:bd:28:48:3e:3c:6d:17:
72:8b:91:07:1f:af:87:05:30:a3:a2:7e:88:b8:0c:
d6:83:16:98:1f:f0:1e:d3:63:3d:47:9e:03:3f:2e:
92:0d:a9:4c:30:f0:15:5c:8e:7c:7f:61:08:e3:15:
46:7c:8f:ef:8c:85:9d:8e:51:bd:90:3f:55:2a:4d:
5e:55:51:4d:c2:cc:f3:86:c8:0d:0e:98:98:f3:36:
91:71:c0:92:bf:85:50:b4:6a:10:73:d4:c5:f2:c2:
3d:b6:fd:3b:5c:e8:98:c8:c1:14:ac:6b:be:f5:c0:
a4:12:d1:68:18:45:52:1f:76:62:67:0b:8f:9b:f7:
a0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B7:7B:01:FA:DB:7D:4A:B9:68:8A:07:0A:B5:13:4A:EC:70:D5:CB
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.74.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:81:b6:0f:a5:f9:e0:fb:84:bb:a1:9d:99:7c:ea:ea:57:1c:
35:9a:4b:32:20:be:69:81:17:4b:0b:b5:7b:48:80:6e:e9:2a:
ca:2c:c1:6a:0e:b3:d4:2c:11:02:b2:17:0b:af:de:3d:0c:eb:
0e:3f:52:73:de:54:87:f4:5e:a7:8a:7f:fa:6d:e0:10:96:8c:
d8:34:09:2a:ac:18:28:a1:82:d7:3c:21:bd:10:d8:e3:9d:6c:
52:f4:23:15:e7:6e:a2:bf:0b:0a:17:c6:20:87:c3:f7:fe:1a:
5c:d4:a5:fe:6c:2e:2e:97:e3:dd:77:84:22:d7:89:9d:f3:f1:
9a:09:71:dc:d4:8c:c1:0e:68:30:ef:ab:83:d2:db:fc:9e:7d:
56:4a:79:0b:37:45:47:4b:b4:b8:4f:b2:ff:24:be:30:a7:fa:
0e:fb:86:51:cc:70:de:7d:48:1d:b7:e0:c4:a2:44:68:0d:7e:
a7:4a:48:8c:47:27:e1:9a:c4:34:74:e9:43:71:32:2a:2e:a1:
60:69:91:69:03:17:3b:fc:ce:8e:d2:b4:56:28:cc:89:32:c5:
19:fb:df:73:34:5b:fc:e1:f2:4a:8b:a5:eb:5c:2c:e6:9c:ae:
53:52:69:ae:c8:2a:6d:86:bb:98:8e:8c:ac:25:85:65:9d:a3:
f2:ce:67:ac
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUF0nCTlA02r5uHsughZHSd42GMG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDAzMjcwMDQwMDVaFw0yNTAzMjYwMDQ1MDVaMDMxMTAvBgNV
BAMTKDY5Qjc3QjAxRkFEQjdENEFCOTY4OEEwNzBBQjUxMzRBRUM3MEQ1Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3N69n6wnP2mphxkpSMa/X8Hjg
1t3m60K7WM2mPITurxrJL4YbI0+HHQBUJUchZrwx4H4c1uY6qMYr22pvkXm1jSbq
4RxCpJOKRNepDEk2FvBtfhVd/2OtNElKfFrOW1t+1LufGjSFAmKBo9/w+kADEEXo
5GssVYZnAgvcJ+CnvShIPjxtF3KLkQcfr4cFMKOifoi4DNaDFpgf8B7TYz1HngM/
LpINqUww8BVcjnx/YQjjFUZ8j++MhZ2OUb2QP1UqTV5VUU3CzPOGyA0OmJjzNpFx
wJK/hVC0ahBz1MXywj22/Ttc6JjIwRSsa771wKQS0WgYRVIfdmJnC4+b96BrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUabd7AfrbfUq5aIoHCrUTSuxw1cswHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtKMA0GCSqGSIb3DQEBCwUAA4IBAQAegbYPpfng+4S7oZ2ZfOrqVxw1mksyIL5p
gRdLC7V7SIBu6SrKLMFqDrPULBECshcLr949DOsOP1Jz3lSH9F6nin/6beAQlozY
NAkqrBgooYLXPCG9ENjjnWxS9CMV526ivwsKF8Ygh8P3/hpc1KX+bC4ul+Pdd4Qi
14md8/GaCXHc1IzBDmgw76uD0tv8nn1WSnkLN0VHS7S4T7L/JL4wp/oO+4ZRzHDe
fUgdt+DEokRoDX6nSkiMRyfhmsQ0dOlDcTIqLqFgaZFpAxc7/M6O0rRWKMyJMsUZ
+99zNFv84fJKi6XrXCzmnK5TUmmuyCpthruYjoysJYVlnaPyzmes
-----END CERTIFICATE-----
Generated at Sun Nov 24 09:11:58 2024 by rpki-client on console-fra.rpki-client.org