Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e37372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: KdmvMXcL8Uwj02D5nT6E45Odm+yg4+GJJdvxqrfLysg=
Subject key identifier: BA:C1:EA:B0:8B:26:51:81:6A:9D:36:80:AC:E2:B7:E9:59:42:BE:73
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1BDC95E31A6A81DE3EAB19E378886FBF9B0DC54A
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20383334.roa
Signing time: Tue 30 Apr 2024 00:02:06 +0000
ROA not before: Mon 29 Apr 2024 23:57:06 +0000
ROA not after: Tue 29 Apr 2025 00:02:06 +0000
asID: 834
IP address blocks: 213.139.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:dc:95:e3:1a:6a:81:de:3e:ab:19:e3:78:88:6f:bf:9b:0d:c5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 29 23:57:06 2024 GMT
Not After : Apr 29 00:02:06 2025 GMT
Subject: CN=BAC1EAB08B2651816A9D3680ACE2B7E95942BE73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d1:40:ed:e1:44:67:72:16:6d:1a:cc:26:d9:
6a:81:cf:6e:b0:d8:d9:a6:3c:8f:9a:ec:8d:b9:d8:
95:85:bb:52:dd:fc:a7:1d:bb:ce:9b:83:5d:42:b2:
8a:37:42:ef:e0:07:1c:b8:d9:41:86:bb:3a:4d:a6:
fc:24:26:4c:2c:7f:42:bc:04:20:21:28:6a:29:c6:
24:77:50:4a:fd:87:8a:6d:87:4f:b7:6f:0a:87:d1:
eb:94:0a:45:97:5c:00:21:6a:aa:49:b7:2d:56:6a:
3f:e4:8e:91:1d:db:9d:12:78:42:d2:97:12:47:9c:
64:43:96:de:9b:2a:29:98:3e:70:0e:0b:02:7a:be:
15:ff:66:a4:fb:ed:5b:6f:18:65:15:9f:97:89:01:
18:7d:39:94:56:79:27:ed:78:95:d0:cd:af:b3:50:
91:b3:38:22:89:fe:aa:ec:4b:70:a5:d0:68:b9:ba:
74:9c:16:c5:28:05:ca:74:96:80:69:79:ed:57:4c:
b8:36:83:d1:f8:97:51:3f:08:2b:69:55:6f:13:fb:
7c:94:bd:0a:7e:ca:b7:50:9a:c9:a3:39:a8:8b:5a:
a1:24:2a:7c:a4:f2:09:ca:d2:2b:05:29:22:6b:6e:
f7:50:25:e5:bf:d7:57:7b:2c:1c:42:23:70:08:12:
b9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C1:EA:B0:8B:26:51:81:6A:9D:36:80:AC:E2:B7:E9:59:42:BE:73
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.77.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:74:22:b6:11:4e:69:e2:2a:17:38:0a:40:76:7d:05:6a:17:
37:c0:e7:4e:b5:9e:97:17:5a:3a:dd:0e:e5:5e:23:ff:b3:dd:
c2:6d:69:52:f2:ef:14:03:9f:0b:75:73:71:1a:56:5f:91:40:
c5:41:0a:82:00:4f:cf:d3:82:f2:35:d7:13:c8:f7:74:f7:83:
65:1d:dd:b3:e8:1a:81:9b:9a:d3:41:12:91:70:0d:8e:a3:cd:
a0:85:48:73:50:69:4e:05:68:de:61:fd:41:f9:30:8c:6d:57:
bb:bd:1f:55:57:52:7f:ba:1a:59:c5:96:aa:c9:18:c9:db:ad:
18:66:24:fa:71:e0:06:0a:86:eb:c9:e0:ac:a5:81:4d:a7:f7:
17:c3:02:25:b2:2e:47:ff:e3:4c:c7:ee:c5:c6:83:dd:27:f6:
c2:d4:92:1f:ab:6d:94:41:30:14:ac:9d:ca:9d:41:c1:d5:3c:
00:9f:63:57:fe:4d:83:18:b6:82:f4:b7:df:c0:e2:1b:9e:8a:
56:c2:6c:61:e1:26:ea:31:ab:9f:be:c9:7c:92:ba:92:f5:f5:
a5:43:ab:05:0a:48:c9:07:d5:f6:05:96:51:39:af:dd:a7:23:
40:d9:13:98:22:2b:cd:0e:5c:24:a4:11:28:78:1a:8d:9a:5e:
39:90:6d:36
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUG9yV4xpqgd4+qxnjeIhvv5sNxUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDA0MjkyMzU3MDZaFw0yNTA0MjkwMDAyMDZaMDMxMTAvBgNV
BAMTKEJBQzFFQUIwOEIyNjUxODE2QTlEMzY4MEFDRTJCN0U5NTk0MkJFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ0UDt4URnchZtGswm2WqBz26w
2NmmPI+a7I252JWFu1Ld/Kcdu86bg11Csoo3Qu/gBxy42UGGuzpNpvwkJkwsf0K8
BCAhKGopxiR3UEr9h4pth0+3bwqH0euUCkWXXAAhaqpJty1Waj/kjpEd250SeELS
lxJHnGRDlt6bKimYPnAOCwJ6vhX/ZqT77VtvGGUVn5eJARh9OZRWeSfteJXQza+z
UJGzOCKJ/qrsS3Cl0Gi5unScFsUoBcp0loBpee1XTLg2g9H4l1E/CCtpVW8T+3yU
vQp+yrdQmsmjOaiLWqEkKnyk8gnK0isFKSJrbvdQJeW/11d7LBxCI3AIErk1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUusHqsIsmUYFqnTaArOK36VlCvnMwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi00w
DQYJKoZIhvcNAQELBQADggEBAC10IrYRTmniKhc4CkB2fQVqFzfA5061npcXWjrd
DuVeI/+z3cJtaVLy7xQDnwt1c3EaVl+RQMVBCoIAT8/TgvI11xPI93T3g2Ud3bPo
GoGbmtNBEpFwDY6jzaCFSHNQaU4FaN5h/UH5MIxtV7u9H1VXUn+6GlnFlqrJGMnb
rRhmJPpx4AYKhuvJ4KylgU2n9xfDAiWyLkf/40zH7sXGg90n9sLUkh+rbZRBMBSs
ncqdQcHVPACfY1f+TYMYtoL0t9/A4hueilbCbGHhJuoxq5++yXySupL19aVDqwUK
SMkH1fYFllE5r92nI0DZE5giK80OXCSkESh4Go2aXjmQbTY=
-----END CERTIFICATE-----
Generated at Thu May 2 07:17:10 2024 by rpki-client on console-ams.rpki-client.org