Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa
File: 3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa (raw, json)
Hash identifier: bA+64SeZjVCMAIfm9fWsRIVm+e0SiNXYOc4SPiHzKB8=
Subject key identifier: 29:93:D7:59:55:D0:8B:12:0F:9B:A2:8A:18:45:6D:CC:65:12:6A:93
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 4D58B47AAAC194BCE211C07040353B1288C7A6BB
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa
Signing time: Mon 24 Jul 2023 04:58:43 +0000
ROA not before: Mon 24 Jul 2023 04:53:43 +0000
ROA not after: Mon 22 Jul 2024 04:58:43 +0000
asID: 202408
IP address blocks: 212.102.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 04:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:58:b4:7a:aa:c1:94:bc:e2:11:c0:70:40:35:3b:12:88:c7:a6:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jul 24 04:53:43 2023 GMT
Not After : Jul 22 04:58:43 2024 GMT
Subject: CN=2993D75955D08B120F9BA28A18456DCC65126A93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e9:f1:0f:b4:81:e9:29:db:df:ac:52:f9:e3:
e2:76:a9:2f:31:b0:ef:2c:e3:3a:82:52:95:cc:8a:
de:b3:39:a9:f1:44:6f:1b:87:af:be:27:dc:23:a4:
8d:98:bb:75:d7:62:5d:2b:a8:e2:45:dc:d1:29:8c:
ad:43:8a:fe:8d:e3:61:42:52:9d:a1:dc:8a:ea:9b:
c1:7f:d9:4c:c9:f1:09:a4:22:37:30:43:79:19:a9:
87:43:53:80:c6:70:c4:32:4d:dd:21:ed:0e:d1:cd:
f5:fd:88:ce:fe:58:2d:d6:f1:99:15:b1:99:0d:08:
98:a3:d5:a9:56:a1:f6:77:c8:43:ac:e6:fe:b4:c9:
0b:6d:3d:d6:61:e6:f8:29:13:52:30:2f:d1:a2:00:
95:a4:6e:01:41:ef:39:b7:41:c5:aa:fa:b1:8d:39:
19:24:9b:58:83:1b:f0:78:d8:9d:de:19:0f:20:5c:
d5:40:21:3f:b0:f3:ee:77:22:68:2f:7b:d6:82:ff:
3b:ec:e6:46:58:ea:65:a7:b6:b2:e2:e0:e2:ad:b3:
1b:8e:95:0e:40:4c:67:ca:23:13:71:2d:7b:22:55:
5f:64:de:b7:f8:8f:4d:ef:9a:20:15:06:83:1b:f4:
bc:55:a0:7e:42:93:9d:3a:4d:9a:21:3b:85:47:f8:
85:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:93:D7:59:55:D0:8B:12:0F:9B:A2:8A:18:45:6D:CC:65:12:6A:93
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c1:d1:f1:df:cc:d6:8a:59:b1:da:4b:d7:39:85:ec:e9:c5:
d6:c8:b1:80:08:69:6f:88:9f:35:d1:0e:9d:56:f6:34:6f:7b:
ff:42:63:17:d0:ab:9b:6a:cd:26:6c:1f:b7:42:19:f2:d5:98:
f5:1c:7c:e1:ca:cf:42:cd:47:77:1e:cd:b0:3e:1b:6c:50:8b:
73:a0:60:bb:25:a4:59:6a:a3:22:fe:d3:9f:76:53:43:44:12:
ad:1a:63:49:12:8f:8b:f7:8b:18:d8:4f:6d:c7:74:35:be:c1:
59:7a:5f:e0:63:7e:4a:51:61:b4:62:06:c2:71:04:95:d0:ec:
e0:03:ec:3c:39:34:cd:f7:4e:20:b5:57:c4:78:e1:bb:1b:54:
45:2f:b2:8b:a6:f5:c2:e3:78:45:70:15:53:eb:ca:da:a0:4e:
9d:16:e6:e7:ef:17:f9:e0:e5:6c:02:ab:c9:7f:3e:f8:ba:c9:
7c:9d:2f:c4:1f:ed:91:40:86:35:22:eb:40:ec:a9:05:1a:db:
46:ed:1a:ec:9c:e3:c8:87:34:9a:18:87:2b:b6:07:9a:b4:a0:
d0:f4:9b:84:f8:ed:bf:58:dd:11:95:a5:19:1c:87:f0:24:62:
4c:09:03:09:1f:0b:15:df:0b:9d:67:f0:66:23:b5:0e:16:2a:
6c:40:f7:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTVi0eqrBlLziEcBwQDU7EojHprswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzA3MjQwNDUzNDNaFw0yNDA3MjIwNDU4NDNaMDMxMTAvBgNV
BAMTKDI5OTNENzU5NTVEMDhCMTIwRjlCQTI4QTE4NDU2RENDNjUxMjZBOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP6fEPtIHpKdvfrFL54+J2qS8x
sO8s4zqCUpXMit6zOanxRG8bh6++J9wjpI2Yu3XXYl0rqOJF3NEpjK1Div6N42FC
Up2h3Irqm8F/2UzJ8QmkIjcwQ3kZqYdDU4DGcMQyTd0h7Q7RzfX9iM7+WC3W8ZkV
sZkNCJij1alWofZ3yEOs5v60yQttPdZh5vgpE1IwL9GiAJWkbgFB7zm3QcWq+rGN
ORkkm1iDG/B42J3eGQ8gXNVAIT+w8+53Imgve9aC/zvs5kZY6mWntrLi4OKtsxuO
lQ5ATGfKIxNxLXsiVV9k3rf4j03vmiAVBoMb9LxVoH5Ck506TZohO4VH+IW5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKZPXWVXQixIPm6KKGEVtzGUSapMwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIzMTMyMmUzMTMwMzIyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM0MzAzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANRmcjANBgkqhkiG9w0BAQsFAAOCAQEAL8HR8d/M1opZsdpL1zmF7OnF1six
gAhpb4ifNdEOnVb2NG97/0JjF9Crm2rNJmwft0IZ8tWY9Rx84crPQs1Hdx7NsD4b
bFCLc6BguyWkWWqjIv7Tn3ZTQ0QSrRpjSRKPi/eLGNhPbcd0Nb7BWXpf4GN+SlFh
tGIGwnEEldDs4APsPDk0zfdOILVXxHjhuxtURS+yi6b1wuN4RXAVU+vK2qBOnRbm
5+8X+eDlbAKryX8++LrJfJ0vxB/tkUCGNSLrQOypBRrbRu0a7JzjyIc0mhiHK7YH
mrSg0PSbhPjtv1jdEZWlGRyH8CRiTAkDCR8LFd8LnWfwZiO1DhYqbED3Rw==
-----END CERTIFICATE-----
Generated at Sat May 11 11:26:32 2024 by rpki-client on console-fra.rpki-client.org