Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39302e302f32342d3234203d3e2039303039.roa
File: 3231332e3133392e39302e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: cv7c938TG1TrAJ4WxpMEnrJuipZuwdL8o32jtRflF/0=
Subject key identifier: FA:23:88:BB:49:A1:87:E6:25:A6:1A:BD:9A:62:12:A9:69:BC:1A:A7
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 2BBD5452539C2440E159D122B22C4D4574C0394B
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39302e302f32342d3234203d3e2039303039.roa
Signing time: Tue 21 May 2024 08:14:48 +0000
ROA not before: Tue 21 May 2024 08:09:48 +0000
ROA not after: Tue 20 May 2025 08:14:48 +0000
asID: 9009
IP address blocks: 213.139.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:bd:54:52:53:9c:24:40:e1:59:d1:22:b2:2c:4d:45:74:c0:39:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: May 21 08:09:48 2024 GMT
Not After : May 20 08:14:48 2025 GMT
Subject: CN=FA2388BB49A187E625A61ABD9A6212A969BC1AA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d1:63:38:13:62:c8:9d:c7:9a:ef:fc:17:5c:
3d:7b:cc:35:87:95:34:95:44:6c:f7:db:9a:5e:60:
e5:c7:7d:5e:bb:65:3b:43:25:40:cf:1c:40:c3:be:
91:12:ce:9f:be:82:f4:dc:10:6e:1d:dc:dd:c3:d4:
a7:cf:3b:af:71:00:39:3a:c5:50:e9:c8:a2:3e:17:
75:04:6b:28:40:4d:ee:43:67:95:19:cb:a9:f9:16:
58:17:25:86:d2:b3:24:cb:4d:ce:9b:2e:8a:2b:67:
f4:b7:6c:a0:2c:88:27:a1:e9:93:f4:b9:54:2d:cc:
a8:91:06:fd:8f:d2:22:6f:48:23:b8:b8:f6:cf:4c:
e2:4c:94:fd:9c:60:48:dc:96:d4:95:c3:e4:11:10:
de:89:04:28:c1:66:c4:48:7a:0c:4e:df:da:dd:53:
8a:84:1e:5c:35:a4:d3:9e:29:97:c2:bc:4b:65:12:
d6:28:f1:f4:77:3c:ae:06:93:44:ad:9f:62:c1:7c:
4d:21:d7:d9:f5:a4:82:a7:33:4b:bb:95:a8:b6:d4:
c2:78:07:00:38:ff:1d:7f:cf:1f:f0:f9:b7:84:6f:
b7:26:13:93:e8:b3:90:72:29:f8:d4:28:91:a3:29:
07:59:10:fa:f4:f0:b9:05:02:27:48:b0:70:5f:c0:
a2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:23:88:BB:49:A1:87:E6:25:A6:1A:BD:9A:62:12:A9:69:BC:1A:A7
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39302e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.90.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ea:07:0a:34:0c:43:0c:62:20:c8:37:34:07:e4:80:ff:38:
db:92:77:42:4f:97:ad:33:db:4a:fe:ec:21:4d:12:fd:68:40:
85:8c:6c:96:46:c1:92:2e:41:dd:f9:9c:e5:49:2e:0f:95:06:
d7:83:db:b2:a9:de:e0:68:7c:73:b3:92:35:cd:70:96:ba:eb:
9b:9f:30:7e:34:90:21:4a:90:17:4d:e3:b9:dc:59:9f:4c:73:
7d:b9:61:d2:d7:45:96:c1:34:97:5c:08:e8:ec:96:b4:62:81:
da:2a:a9:82:c7:f0:84:46:6c:c9:44:19:61:56:06:4d:06:97:
83:0a:98:7f:ea:9f:85:cb:03:a4:f5:2b:79:30:f1:ba:00:21:
06:00:9c:7e:9e:e7:b5:6c:3f:8c:85:9e:f5:c1:d3:2b:e6:83:
f6:41:d8:b8:e3:eb:03:a2:da:bf:a7:49:26:30:80:be:2a:d5:
ca:6b:11:02:2a:e6:b1:6e:2f:46:cb:02:d7:2b:fd:7c:7d:d0:
b2:12:35:05:ac:e5:df:55:17:83:37:3b:48:2b:5f:eb:ad:68:
03:9b:9e:ed:28:6e:68:ff:47:ba:f4:94:86:0a:cb:24:26:f9:
74:65:b5:64:c7:10:1c:9e:0f:b3:07:b1:cd:0b:ae:83:d8:a3:
89:69:2f:44
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUK71UUlOcJEDhWdEisixNRXTAOUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDA1MjEwODA5NDhaFw0yNTA1MjAwODE0NDhaMDMxMTAvBgNV
BAMTKEZBMjM4OEJCNDlBMTg3RTYyNUE2MUFCRDlBNjIxMkE5NjlCQzFBQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD20WM4E2LIncea7/wXXD17zDWH
lTSVRGz325peYOXHfV67ZTtDJUDPHEDDvpESzp++gvTcEG4d3N3D1KfPO69xADk6
xVDpyKI+F3UEayhATe5DZ5UZy6n5FlgXJYbSsyTLTc6bLoorZ/S3bKAsiCeh6ZP0
uVQtzKiRBv2P0iJvSCO4uPbPTOJMlP2cYEjcltSVw+QREN6JBCjBZsRIegxO39rd
U4qEHlw1pNOeKZfCvEtlEtYo8fR3PK4Gk0Stn2LBfE0h19n1pIKnM0u7lai21MJ4
BwA4/x1/zx/w+beEb7cmE5Pos5ByKfjUKJGjKQdZEPr08LkFAidIsHBfwKLpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+iOIu0mhh+Ylphq9mmISqWm8GqcwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
WjANBgkqhkiG9w0BAQsFAAOCAQEAT+oHCjQMQwxiIMg3NAfkgP8425J3Qk+XrTPb
Sv7sIU0S/WhAhYxslkbBki5B3fmc5UkuD5UG14Pbsqne4Gh8c7OSNc1wlrrrm58w
fjSQIUqQF03judxZn0xzfblh0tdFlsE0l1wI6OyWtGKB2iqpgsfwhEZsyUQZYVYG
TQaXgwqYf+qfhcsDpPUreTDxugAhBgCcfp7ntWw/jIWe9cHTK+aD9kHYuOPrA6La
v6dJJjCAvirVymsRAirmsW4vRssC1yv9fH3QshI1Bazl31UXgzc7SCtf661oA5ue
7ShuaP9HuvSUhgrLJCb5dGW1ZMcQHJ4PswexzQuug9ijiWkvRA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 10:00:15 2024 by rpki-client on console-ams.rpki-client.org