Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e38312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: I3T5wSDwv15/M4INrVHofJUryKKpdIv6BU79I+qhn1U=
Subject key identifier: BE:45:41:1B:8E:17:26:CC:F7:F1:30:7E:61:D2:A9:49:4B:16:D7:76
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 35C3E826DC6D16DEE4430953AFE37B90D0FD6C58
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e20383334.roa
Signing time: Tue 01 Aug 2023 00:00:10 +0000
ROA not before: Mon 31 Jul 2023 23:55:10 +0000
ROA not after: Tue 30 Jul 2024 00:00:10 +0000
asID: 834
IP address blocks: 213.139.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:c3:e8:26:dc:6d:16:de:e4:43:09:53:af:e3:7b:90:d0:fd:6c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jul 31 23:55:10 2023 GMT
Not After : Jul 30 00:00:10 2024 GMT
Subject: CN=BE45411B8E1726CCF7F1307E61D2A9494B16D776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:90:d9:ae:f3:c5:d4:21:30:5f:89:6e:6b:
3a:2a:ba:8c:70:19:fb:c1:ec:fc:b8:a6:49:c6:e0:
5f:49:b2:27:59:f1:8c:5a:59:a9:50:12:b2:c8:45:
3d:a6:10:b3:a5:18:7c:5e:15:57:d3:10:35:3e:21:
99:a4:7a:9a:f8:e8:c5:88:19:a4:9e:b9:1d:a9:62:
24:ba:64:0c:cb:94:b2:69:07:34:03:82:ea:d8:b4:
bd:d7:d5:18:c5:1b:44:60:76:5c:6a:ad:f6:f6:a7:
fc:83:92:57:ee:06:e6:63:82:d8:89:6b:e7:7e:e3:
85:bd:42:48:eb:3b:5e:36:51:22:2c:28:32:7d:65:
cb:aa:cc:a9:c9:f5:52:df:4a:fb:0b:fd:f4:55:fc:
ee:f7:3b:34:76:75:74:59:ae:9e:b3:15:98:bc:61:
1c:ca:77:a4:9b:0b:e8:de:ec:92:6f:26:0a:46:d0:
cc:63:16:16:ff:07:ce:c6:c4:12:54:eb:26:dc:18:
b7:b6:a8:68:bf:da:ee:b4:84:c6:14:bd:a4:ac:c4:
aa:87:29:e4:28:3a:0f:5d:7e:fd:7a:76:a7:3b:b1:
38:0d:1c:92:a6:af:8a:e1:88:9c:6c:cf:ee:f9:88:
1a:57:17:a6:db:74:ac:39:15:46:b4:c0:c0:ab:d4:
3a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:45:41:1B:8E:17:26:CC:F7:F1:30:7E:61:D2:A9:49:4B:16:D7:76
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.81.0/24
Signature Algorithm: sha256WithRSAEncryption
77:77:99:2d:04:f1:f2:eb:c2:02:a5:ad:79:ed:dc:83:c6:5d:
d6:11:90:72:02:74:31:e9:49:fc:a3:04:6e:56:6b:28:25:53:
b5:41:e1:b2:a9:96:7a:c9:dc:d5:c9:65:8d:35:31:5b:39:fe:
57:b6:a4:ff:04:2f:2c:93:79:19:26:3e:14:d1:e2:6f:f9:9e:
66:78:32:44:7f:c3:aa:28:16:f2:14:fe:db:5e:a2:d3:0c:59:
07:b4:3b:88:be:3e:23:74:e6:15:eb:da:ba:ef:13:34:ba:4a:
55:09:36:ae:d6:cd:8c:1c:5c:4e:fe:41:a7:62:16:5d:66:e6:
1d:87:65:d6:1d:f3:75:7b:07:30:50:e2:41:ac:38:ac:0c:bb:
bd:23:c1:a4:a8:ea:37:19:a5:6c:13:ae:71:66:7c:9a:30:12:
13:6e:8a:60:34:cb:22:3c:83:9e:a1:71:4d:f2:f3:58:be:1f:
3f:74:a3:04:9f:0c:6e:3c:d8:41:3f:ae:39:45:88:d6:ed:88:
b6:40:67:6b:3c:62:bc:07:86:a4:1a:5b:84:46:8b:fc:17:af:
f8:f4:19:aa:9b:fc:f0:b5:2f:59:80:f4:e7:19:9a:55:95:28:
88:49:94:7d:82:cf:7b:ae:0a:ed:6f:35:e2:bf:f5:be:66:52:
2b:08:8d:8d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNcPoJtxtFt7kQwlTr+N7kND9bFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yMzA3MzEyMzU1MTBaFw0yNDA3MzAwMDAwMTBaMDMxMTAvBgNV
BAMTKEJFNDU0MTFCOEUxNzI2Q0NGN0YxMzA3RTYxRDJBOTQ5NEIxNkQ3NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP45DZrvPF1CEwX4luazoquoxw
GfvB7Py4pknG4F9JsidZ8YxaWalQErLIRT2mELOlGHxeFVfTEDU+IZmkepr46MWI
GaSeuR2pYiS6ZAzLlLJpBzQDgurYtL3X1RjFG0Rgdlxqrfb2p/yDklfuBuZjgtiJ
a+d+44W9QkjrO142USIsKDJ9ZcuqzKnJ9VLfSvsL/fRV/O73OzR2dXRZrp6zFZi8
YRzKd6SbC+je7JJvJgpG0MxjFhb/B87GxBJU6ybcGLe2qGi/2u60hMYUvaSsxKqH
KeQoOg9dfv16dqc7sTgNHJKmr4rhiJxsz+75iBpXF6bbdKw5FUa0wMCr1DpNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUvkVBG44XJsz38TB+YdKpSUsW13YwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi1Ew
DQYJKoZIhvcNAQELBQADggEBAHd3mS0E8fLrwgKlrXnt3IPGXdYRkHICdDHpSfyj
BG5WayglU7VB4bKplnrJ3NXJZY01MVs5/le2pP8ELyyTeRkmPhTR4m/5nmZ4MkR/
w6ooFvIU/tteotMMWQe0O4i+PiN05hXr2rrvEzS6SlUJNq7WzYwcXE7+QadiFl1m
5h2HZdYd83V7BzBQ4kGsOKwMu70jwaSo6jcZpWwTrnFmfJowEhNuimA0yyI8g56h
cU3y81i+Hz90owSfDG482EE/rjlFiNbtiLZAZ2s8YrwHhqQaW4RGi/wXr/j0Gaqb
/PC1L1mA9OcZmlWVKIhJlH2Cz3uuCu1vNeK/9b5mUisIjY0=
-----END CERTIFICATE-----
Generated at Thu May 2 05:35:05 2024 by rpki-client on console-fra.rpki-client.org