Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e2037303138.roa
File: 3231332e3133392e37382e302f32342d3234203d3e2037303138.roa (raw, json)
Hash identifier: Wi3BqskDkmGWkMgAqHNJff7vtrKNb3u3OfrEqc91Sx8=
Subject key identifier: 71:5E:25:C6:E7:ED:74:4C:2E:07:02:AE:50:02:94:C8:5A:E1:41:B1
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 7025DEFA5E14B23926818F528710B2E8391BA65A
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e2037303138.roa
Signing time: Sun 14 Apr 2024 08:05:45 +0000
ROA not before: Sun 14 Apr 2024 08:00:45 +0000
ROA not after: Sun 13 Apr 2025 08:05:45 +0000
asID: 7018
IP address blocks: 213.139.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:25:de:fa:5e:14:b2:39:26:81:8f:52:87:10:b2:e8:39:1b:a6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 14 08:00:45 2024 GMT
Not After : Apr 13 08:05:45 2025 GMT
Subject: CN=715E25C6E7ED744C2E0702AE500294C85AE141B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:53:07:40:d8:35:13:f1:2e:ea:38:8d:79:
3b:5c:bb:ff:53:41:77:c6:2a:65:f0:bc:88:d5:ea:
6f:c4:1f:d5:f4:73:fe:2e:8b:28:2c:8c:21:bc:32:
c5:4b:f7:30:31:55:4f:d7:72:35:2a:24:2f:73:34:
c1:2f:68:30:b0:87:0d:be:c5:0e:d7:88:dd:59:73:
85:dc:68:bc:25:1a:6b:82:3a:28:f3:72:9a:88:f4:
77:b1:de:f2:fd:9a:30:d8:b7:08:01:ed:7c:20:36:
0a:db:1a:28:6d:ad:d5:37:3f:b5:12:1b:da:1f:6b:
18:0e:d9:d5:83:4a:12:ce:98:5c:b3:12:e2:93:6b:
00:af:8f:27:55:74:07:85:c6:06:ad:75:c5:39:e3:
58:92:be:6f:40:19:b0:f0:15:33:42:cb:cb:c7:12:
9b:19:e2:47:aa:34:ec:a6:c5:70:93:bb:ca:f5:bd:
f5:f1:66:b4:05:88:db:cf:45:2f:24:81:27:ce:e9:
a3:82:39:29:fe:68:d8:da:26:0d:97:ec:41:37:6a:
2d:1b:32:c7:49:6e:e5:c3:71:a7:51:ee:42:b2:0f:
aa:0e:26:8e:f6:56:05:06:15:a9:80:a4:49:5e:f7:
31:ae:30:f4:a1:d7:7d:f3:d1:cc:f5:0c:1c:bc:39:
46:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5E:25:C6:E7:ED:74:4C:2E:07:02:AE:50:02:94:C8:5A:E1:41:B1
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e2037303138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.78.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:21:ca:39:fc:72:4a:d1:0e:23:d7:ef:d6:bd:04:f4:2b:f6:
18:af:91:9b:60:65:b2:3a:dc:4b:6a:40:8f:8f:f7:a6:0f:f7:
1d:2d:25:59:39:e5:db:01:dc:28:6a:63:99:53:90:2e:06:4a:
bc:62:14:0e:db:ab:f8:3b:b8:cd:e6:f5:33:04:f2:cc:8a:84:
96:44:a7:4d:b9:f8:b7:e5:1e:12:2b:72:76:de:53:6c:b7:c7:
7c:7d:b2:14:1a:29:bd:23:3c:17:c4:e2:dc:95:5d:99:f5:c2:
fb:72:4d:b1:16:00:a6:3e:b0:2c:72:ea:90:a3:55:dd:ed:d2:
fe:d0:12:ab:90:7a:18:9b:ba:9d:71:27:51:54:34:4d:0f:38:
61:a8:f2:29:a3:65:1e:02:f5:72:e7:e6:20:32:48:8f:38:b7:
40:fa:61:21:62:71:f5:3d:88:20:9c:b9:b6:ad:50:eb:35:a8:
13:d9:b4:3f:06:7f:7d:63:ad:56:f8:ca:3f:27:c6:7a:14:bf:
0a:26:69:bb:80:64:de:57:7c:0e:e5:de:bc:da:0d:e6:e6:90:
76:e7:df:7c:a9:19:6d:29:c2:f9:e1:2b:e6:b0:c7:4b:2a:e9:
e2:cc:c4:ec:b3:48:86:74:e1:f8:22:54:50:fe:ff:97:2b:47:
fc:bf:ae:57
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcCXe+l4UsjkmgY9ShxCy6DkbplowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDA0MTQwODAwNDVaFw0yNTA0MTMwODA1NDVaMDMxMTAvBgNV
BAMTKDcxNUUyNUM2RTdFRDc0NEMyRTA3MDJBRTUwMDI5NEM4NUFFMTQxQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGTVMHQNg1E/Eu6jiNeTtcu/9T
QXfGKmXwvIjV6m/EH9X0c/4uiygsjCG8MsVL9zAxVU/XcjUqJC9zNMEvaDCwhw2+
xQ7XiN1Zc4XcaLwlGmuCOijzcpqI9Hex3vL9mjDYtwgB7XwgNgrbGihtrdU3P7US
G9ofaxgO2dWDShLOmFyzEuKTawCvjydVdAeFxgatdcU541iSvm9AGbDwFTNCy8vH
EpsZ4keqNOymxXCTu8r1vfXxZrQFiNvPRS8kgSfO6aOCOSn+aNjaJg2X7EE3ai0b
MsdJbuXDcadR7kKyD6oOJo72VgUGFamApEle9zGuMPSh133z0cz1DBy8OUYnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUcV4lxuftdEwuBwKuUAKUyFrhQbEwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNzMwMzEzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
TjANBgkqhkiG9w0BAQsFAAOCAQEAnSHKOfxyStEOI9fv1r0E9Cv2GK+Rm2Blsjrc
S2pAj4/3pg/3HS0lWTnl2wHcKGpjmVOQLgZKvGIUDtur+Du4zeb1MwTyzIqElkSn
Tbn4t+UeEitydt5TbLfHfH2yFBopvSM8F8Ti3JVdmfXC+3JNsRYApj6wLHLqkKNV
3e3S/tASq5B6GJu6nXEnUVQ0TQ84YajyKaNlHgL1cufmIDJIjzi3QPphIWJx9T2I
IJy5tq1Q6zWoE9m0PwZ/fWOtVvjKPyfGehS/CiZpu4Bk3ld8DuXevNoN5uaQduff
fKkZbSnC+eEr5rDHSyrp4szE7LNIhnTh+CJUUP7/lytH/L+uVw==
-----END CERTIFICATE-----
Generated at Sat May 4 03:15:29 2024 by rpki-client on console-fra.rpki-client.org