Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e39322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: wH8ujP8Oz3P5iS8h+uqCY/5lG3L0F574SONikFgzZA8=
Subject key identifier: B8:C1:1A:0E:6E:4B:18:06:45:E3:38:B5:83:50:A0:69:C8:59:B6:31
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1751C97D696345FEAF7436A6773C5FEAF960E49B
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
Signing time: Wed 06 Sep 2023 09:30:05 +0000
ROA not before: Wed 06 Sep 2023 09:25:05 +0000
ROA not after: Wed 04 Sep 2024 09:30:05 +0000
asID: 834
IP address blocks: 213.139.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:51:c9:7d:69:63:45:fe:af:74:36:a6:77:3c:5f:ea:f9:60:e4:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Sep 6 09:25:05 2023 GMT
Not After : Sep 4 09:30:05 2024 GMT
Subject: CN=B8C11A0E6E4B180645E338B58350A069C859B631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:c2:bc:63:0c:da:ef:0d:9f:a5:97:e8:02:
28:b9:21:9e:1a:74:64:49:98:6a:5c:ec:fe:ff:1e:
7e:2c:7c:7f:33:a6:c7:1e:9e:be:b4:8a:87:93:b9:
2a:24:5e:3e:a1:b3:8c:40:42:1f:b7:63:e7:5e:78:
06:fd:8d:85:8d:b3:41:60:06:ab:58:e2:b1:67:c2:
ac:60:a3:de:b5:d4:d1:7f:75:99:ac:38:07:cc:4d:
89:b7:1a:fc:b8:56:c3:64:07:12:e4:9a:06:f7:36:
6c:90:67:58:d5:56:c0:96:98:cb:a9:f2:9e:e2:e5:
45:6e:97:21:af:47:ed:3e:6c:26:10:56:57:89:7c:
8a:0a:02:e1:a4:76:69:33:c8:2b:12:5b:97:f9:3c:
ee:f4:6a:8b:f0:a9:e0:b2:89:86:c2:ff:69:d6:31:
30:0d:19:ff:84:74:b6:3c:86:03:bd:81:a3:bf:6d:
cf:55:b3:08:ac:0f:34:f3:fb:3b:87:8b:d3:69:e5:
19:2d:6a:3a:9c:45:90:9c:59:4e:b2:4b:09:59:5a:
f1:3b:40:18:39:7e:ad:e3:e3:a4:ad:80:ca:0f:7e:
9a:1a:b2:6e:66:27:9c:27:b2:a8:3c:c8:19:94:d4:
d6:11:08:e8:ba:f7:2d:dd:ff:76:c4:b4:03:57:f7:
b3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C1:1A:0E:6E:4B:18:06:45:E3:38:B5:83:50:A0:69:C8:59:B6:31
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.92.0/24
Signature Algorithm: sha256WithRSAEncryption
48:4c:a3:9f:d4:b9:23:db:fc:3d:c4:53:4f:db:c9:6a:0b:f0:
35:c9:6e:6b:0f:74:9c:3a:fb:3a:9d:6a:7c:90:18:8f:d9:08:
f0:57:5a:cb:75:f8:36:72:2c:81:5c:bc:1f:0e:69:fc:b2:d9:
87:59:30:d7:d0:79:d8:c1:51:2b:e8:e4:26:e2:c5:4e:53:7d:
c4:91:f6:85:de:80:3a:e4:fa:b9:06:98:14:b4:c7:49:2e:21:
db:d1:f0:62:3d:26:f0:4f:2f:b5:54:8f:04:69:86:5d:37:7d:
37:7d:c8:cb:d7:5d:01:a1:03:e1:6e:e4:f4:0e:71:88:a1:33:
74:8b:e1:35:b4:04:32:20:05:fb:08:89:29:c5:ff:2c:0e:2e:
8d:ca:f6:7f:61:72:65:19:52:93:87:eb:58:99:6b:bf:5c:8f:
80:6a:0a:47:22:9d:40:a7:47:59:40:18:6b:1f:05:9b:ba:4f:
37:8d:ec:92:17:a6:f7:79:30:83:97:f9:84:2e:f3:f8:d0:29:
9c:cb:40:9a:40:2b:de:ea:77:23:89:0d:a5:a4:38:ff:4d:06:
23:ad:3d:fd:4e:a4:cd:12:77:4a:9d:b9:91:6b:fe:56:b6:bd:
84:af:e9:cd:dc:aa:f6:49:db:04:76:0b:20:92:f9:2b:a2:f6:
14:3f:fd:a8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUF1HJfWljRf6vdDamdzxf6vlg5JswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yMzA5MDYwOTI1MDVaFw0yNDA5MDQwOTMwMDVaMDMxMTAvBgNV
BAMTKEI4QzExQTBFNkU0QjE4MDY0NUUzMzhCNTgzNTBBMDY5Qzg1OUI2MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1DMK8Ywza7w2fpZfoAii5IZ4a
dGRJmGpc7P7/Hn4sfH8zpscenr60ioeTuSokXj6hs4xAQh+3Y+deeAb9jYWNs0Fg
BqtY4rFnwqxgo9611NF/dZmsOAfMTYm3Gvy4VsNkBxLkmgb3NmyQZ1jVVsCWmMup
8p7i5UVulyGvR+0+bCYQVleJfIoKAuGkdmkzyCsSW5f5PO70aovwqeCyiYbC/2nW
MTANGf+EdLY8hgO9gaO/bc9VswisDzTz+zuHi9Np5RktajqcRZCcWU6ySwlZWvE7
QBg5fq3j46StgMoPfpoasm5mJ5wnsqg8yBmU1NYRCOi69y3d/3bEtANX97O9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUuMEaDm5LGAZF4zi1g1CgachZtjEwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi1ww
DQYJKoZIhvcNAQELBQADggEBAEhMo5/UuSPb/D3EU0/byWoL8DXJbmsPdJw6+zqd
anyQGI/ZCPBXWst1+DZyLIFcvB8Oafyy2YdZMNfQedjBUSvo5CbixU5TfcSR9oXe
gDrk+rkGmBS0x0kuIdvR8GI9JvBPL7VUjwRphl03fTd9yMvXXQGhA+Fu5PQOcYih
M3SL4TW0BDIgBfsIiSnF/ywOLo3K9n9hcmUZUpOH61iZa79cj4BqCkcinUCnR1lA
GGsfBZu6TzeN7JIXpvd5MIOX+YQu8/jQKZzLQJpAK97qdyOJDaWkOP9NBiOtPf1O
pM0Sd0qduZFr/la2vYSv6c3cqvZJ2wR2CyCS+Sui9hQ//ag=
-----END CERTIFICATE-----
Generated at Wed May 1 12:38:26 2024 by rpki-client on console-ams.rpki-client.org