Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20323039323432.roa
File: 3231332e3133392e38302e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: YdX+fXUti68/8C3ziNoPSSL7DqiBK1OnnQdcQ6MJQjc=
Subject key identifier: 85:81:1E:56:D0:89:68:2C:80:FB:08:26:D4:3D:DF:51:BD:85:2C:BA
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 3150AA3C94179CBF14B7079ABB64F1F382A0EF28
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20323039323432.roa
Signing time: Tue 19 Nov 2024 16:35:02 +0000
ROA not before: Tue 19 Nov 2024 16:30:02 +0000
ROA not after: Tue 18 Nov 2025 16:35:02 +0000
asID: 209242
IP address blocks: 213.139.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:50:aa:3c:94:17:9c:bf:14:b7:07:9a:bb:64:f1:f3:82:a0:ef:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Nov 19 16:30:02 2024 GMT
Not After : Nov 18 16:35:02 2025 GMT
Subject: CN=85811E56D089682C80FB0826D43DDF51BD852CBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:bd:5d:e9:d1:8c:d7:89:a1:01:c3:84:4c:
ae:d4:23:dc:3f:c9:4a:3c:0a:93:eb:28:d3:ce:c4:
72:2e:33:73:dd:11:89:f4:4c:76:d3:61:cf:9a:c6:
f4:5d:25:3f:70:71:3b:8e:12:a8:ab:17:3d:b4:cd:
11:3f:72:65:27:0d:9c:e0:60:55:9b:87:53:12:25:
f2:26:a8:0c:78:9c:05:ff:e6:bc:cb:56:21:be:d5:
f8:37:45:40:3a:66:82:f9:26:52:ae:65:0f:db:24:
6f:65:6f:fb:33:70:82:9d:89:8f:97:b1:d6:0b:55:
c4:9d:91:d7:12:8a:98:fd:1a:af:33:8b:09:02:f1:
38:df:af:e0:fe:75:cf:23:22:40:ce:a6:16:a1:cb:
30:50:93:91:ad:a8:a8:8f:ea:b7:5f:ff:0d:a5:dc:
23:bb:60:44:70:20:f6:92:e7:c3:db:b5:2b:63:82:
bd:90:8a:26:fc:1e:de:13:0a:f3:20:4c:5c:3d:0b:
2f:f3:da:4c:eb:a2:7a:75:fa:77:5f:37:23:44:cc:
a5:f2:e4:29:f5:ec:3d:12:34:9d:0b:ae:1e:10:c7:
1e:48:52:68:cc:f7:8d:5e:8d:d5:e5:28:7c:83:33:
68:1a:29:87:a7:61:e0:01:91:3e:c4:a2:24:1e:a8:
ed:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:81:1E:56:D0:89:68:2C:80:FB:08:26:D4:3D:DF:51:BD:85:2C:BA
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38302e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.80.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:61:a8:87:00:a3:27:5a:e2:de:fb:48:15:38:88:7b:3c:89:
a3:87:8c:47:fc:31:09:7e:6e:69:68:b6:c3:02:fe:af:f3:87:
ae:b4:91:aa:04:f9:d8:eb:ff:6d:2e:56:e3:4a:c3:c0:28:06:
5b:b6:83:68:31:a3:20:db:de:4d:85:2c:cb:ce:40:8b:11:7d:
00:07:2d:86:2e:ba:6e:53:22:fb:e9:f7:84:22:8f:a2:8d:44:
4d:e5:2a:84:d0:83:fb:54:88:8d:b5:b0:ea:85:56:bc:cc:15:
16:46:5c:0d:9b:6c:62:20:28:79:81:d1:92:5c:eb:23:a2:37:
5c:90:19:da:83:91:77:f0:e9:ea:c0:e2:27:a4:59:6b:ff:85:
6a:9c:cb:80:5e:fd:e5:8b:88:7b:64:0e:7d:10:e3:a2:cb:32:
a2:60:14:ce:8e:f3:f5:f0:24:06:da:ff:c5:ee:37:e6:c9:b8:
fb:b7:28:fc:1e:0b:b4:a6:2a:7d:c2:59:41:8c:4b:b6:2f:d8:
c6:6d:0f:87:17:47:bf:49:b0:a6:19:98:4d:f7:08:15:80:51:
4c:6e:43:12:72:58:8b:46:3c:77:53:d5:5c:25:c0:88:2d:da:
ea:84:44:4c:54:36:9c:c3:04:8d:92:07:d1:75:82:9a:3e:7f:
9d:a5:8b:d6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMVCqPJQXnL8Utweau2Tx84Kg7ygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDExMTkxNjMwMDJaFw0yNTExMTgxNjM1MDJaMDMxMTAvBgNV
BAMTKDg1ODExRTU2RDA4OTY4MkM4MEZCMDgyNkQ0M0RERjUxQkQ4NTJDQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGr1d6dGM14mhAcOETK7UI9w/
yUo8CpPrKNPOxHIuM3PdEYn0THbTYc+axvRdJT9wcTuOEqirFz20zRE/cmUnDZzg
YFWbh1MSJfImqAx4nAX/5rzLViG+1fg3RUA6ZoL5JlKuZQ/bJG9lb/szcIKdiY+X
sdYLVcSdkdcSipj9Gq8ziwkC8Tjfr+D+dc8jIkDOphahyzBQk5GtqKiP6rdf/w2l
3CO7YERwIPaS58PbtStjgr2Qiib8Ht4TCvMgTFw9Cy/z2kzronp1+ndfNyNEzKXy
5Cn17D0SNJ0Lrh4Qxx5IUmjM941ejdXlKHyDM2gaKYenYeABkT7EoiQeqO0BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhYEeVtCJaCyA+wgm1D3fUb2FLLowHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMjM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi1AwDQYJKoZIhvcNAQELBQADggEBALNhqIcAoyda4t77SBU4iHs8iaOHjEf8
MQl+bmlotsMC/q/zh660kaoE+djr/20uVuNKw8AoBlu2g2gxoyDb3k2FLMvOQIsR
fQAHLYYuum5TIvvp94Qij6KNRE3lKoTQg/tUiI21sOqFVrzMFRZGXA2bbGIgKHmB
0ZJc6yOiN1yQGdqDkXfw6erA4iekWWv/hWqcy4Be/eWLiHtkDn0Q46LLMqJgFM6O
8/XwJAba/8XuN+bJuPu3KPweC7SmKn3CWUGMS7Yv2MZtD4cXR79JsKYZmE33CBWA
UUxuQxJyWItGPHdT1VwlwIgt2uqERExUNpzDBI2SB9F1gpo+f52li9Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org