Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323132343136.roa
File: 3231332e3133392e37372e302f32342d3234203d3e20323132343136.roa (raw, json)
Hash identifier: OFT1TjEQHADTUi76ZQun/gCcNu9+i36V2pU04Vuxa5Q=
Subject key identifier: A1:EB:70:12:7F:A1:D6:FF:D4:8E:36:83:CE:E1:7F:86:86:30:6F:4E
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 3743FC0D315B1202580FDA2F15A1AF371895D107
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323132343136.roa
Signing time: Sun 27 Oct 2024 18:27:27 +0000
ROA not before: Sun 27 Oct 2024 18:22:27 +0000
ROA not after: Sun 26 Oct 2025 18:27:27 +0000
asID: 212416
IP address blocks: 213.139.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:43:fc:0d:31:5b:12:02:58:0f:da:2f:15:a1:af:37:18:95:d1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Oct 27 18:22:27 2024 GMT
Not After : Oct 26 18:27:27 2025 GMT
Subject: CN=A1EB70127FA1D6FFD48E3683CEE17F8686306F4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:0d:e8:8e:45:1e:c1:0e:cf:d8:ab:1d:e5:
2b:b9:ce:22:e2:c4:25:59:ae:1a:bf:1c:25:b5:3b:
75:f1:bc:6e:03:70:1d:4d:60:a8:df:4e:76:94:7a:
44:d9:61:9b:6a:15:6c:34:e2:ab:75:a2:af:75:fc:
67:97:4d:61:4e:3f:89:fb:c5:17:70:0a:67:55:86:
a6:af:4d:21:38:90:78:11:75:10:ec:55:23:87:39:
3b:d6:44:43:d9:45:fc:82:24:ea:8a:2d:ef:99:41:
b5:9d:0e:d4:6b:50:88:48:c0:88:85:34:68:89:5d:
d4:30:51:ab:ad:85:a2:1b:db:10:73:7b:84:bd:db:
db:22:09:b2:38:30:09:81:df:cc:79:99:a1:98:87:
a7:6b:0e:f3:69:a2:8c:9a:c0:f7:d9:8b:ce:58:1c:
4e:22:d4:7f:d7:ca:9d:6f:14:d4:01:92:59:6e:3a:
5b:20:38:b8:c9:00:21:35:13:eb:3d:44:ba:7f:ca:
c0:53:54:b4:29:14:29:fc:f8:87:83:c8:b0:d4:69:
e4:51:05:05:ec:76:26:2e:ab:d2:92:dc:e4:56:40:
4a:12:41:82:5f:ed:fd:1d:82:69:66:e6:e1:3b:4b:
ec:0c:66:c8:80:dd:c5:97:54:ce:81:93:e2:0d:57:
cd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EB:70:12:7F:A1:D6:FF:D4:8E:36:83:CE:E1:7F:86:86:30:6F:4E
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20323132343136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.77.0/24
Signature Algorithm: sha256WithRSAEncryption
12:66:2c:59:62:9c:3c:cb:3e:de:fb:5d:29:d4:f5:30:e6:58:
42:94:b5:26:44:24:9c:49:ca:29:4f:b1:8f:be:e7:ae:48:12:
ab:42:72:dc:3f:f7:a2:16:57:a3:cf:0c:58:c9:e7:97:a6:aa:
84:63:34:1d:d4:21:fa:1a:a0:53:c6:85:ca:53:0c:29:ee:3e:
28:82:63:4d:ce:4a:61:87:be:4e:95:23:b4:69:11:e8:b0:1c:
b0:6e:21:82:af:7e:20:61:c0:50:16:ce:53:e7:12:ea:99:ad:
c2:34:2d:90:59:85:04:d2:f7:0e:4e:6c:46:56:57:e0:c4:8d:
de:24:34:4c:2b:7b:d0:1d:9c:d8:61:97:99:59:35:9e:fd:49:
7b:f3:1c:86:1f:a2:27:55:6e:8d:65:e7:40:24:8b:7a:b0:86:
9e:b1:13:d2:6b:bb:ee:c0:3a:25:08:e4:fe:74:84:0c:b4:b3:
8a:0f:3e:e7:bb:33:e6:3f:a2:cd:20:c1:3a:7e:b0:a8:38:8a:
35:c2:bd:e3:11:ac:53:97:69:6e:a2:ac:be:74:c2:14:90:c0:
12:36:e6:e8:ac:c9:cd:ff:17:84:64:aa:3a:aa:13:fc:64:71:
12:c1:ba:c9:6f:8f:93:0d:f9:07:d0:9c:86:9d:0c:bc:8a:2a:
73:af:0d:93
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN0P8DTFbEgJYD9ovFaGvNxiV0QcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDEwMjcxODIyMjdaFw0yNTEwMjYxODI3MjdaMDMxMTAvBgNV
BAMTKEExRUI3MDEyN0ZBMUQ2RkZENDhFMzY4M0NFRTE3Rjg2ODYzMDZGNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPuA3ojkUewQ7P2Ksd5Su5ziLi
xCVZrhq/HCW1O3XxvG4DcB1NYKjfTnaUekTZYZtqFWw04qt1oq91/GeXTWFOP4n7
xRdwCmdVhqavTSE4kHgRdRDsVSOHOTvWREPZRfyCJOqKLe+ZQbWdDtRrUIhIwIiF
NGiJXdQwUauthaIb2xBze4S929siCbI4MAmB38x5maGYh6drDvNpooyawPfZi85Y
HE4i1H/Xyp1vFNQBklluOlsgOLjJACE1E+s9RLp/ysBTVLQpFCn8+IeDyLDUaeRR
BQXsdiYuq9KS3ORWQEoSQYJf7f0dgmlm5uE7S+wMZsiA3cWXVM6Bk+INV82lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoetwEn+h1v/UjjaDzuF/hoYwb04wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNDMxMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi00wDQYJKoZIhvcNAQELBQADggEBABJmLFlinDzLPt77XSnU9TDmWEKUtSZE
JJxJyilPsY++565IEqtCctw/96IWV6PPDFjJ55emqoRjNB3UIfoaoFPGhcpTDCnu
PiiCY03OSmGHvk6VI7RpEeiwHLBuIYKvfiBhwFAWzlPnEuqZrcI0LZBZhQTS9w5O
bEZWV+DEjd4kNEwre9AdnNhhl5lZNZ79SXvzHIYfoidVbo1l50Aki3qwhp6xE9Jr
u+7AOiUI5P50hAy0s4oPPue7M+Y/os0gwTp+sKg4ijXCveMRrFOXaW6irL50whSQ
wBI25uisyc3/F4RkqjqqE/xkcRLBuslvj5MN+QfQnIadDLyKKnOvDZM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org