Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
File: 3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: ZrA/MtoNCPBJdGYJK0jrTVw5wGbgicWUD7odkDVTP3w=
Subject key identifier: CF:30:44:89:AE:35:A2:F6:A0:ED:69:FE:9D:2B:E9:9A:97:24:F8:CE
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 1AAA83C56EF7A437F0A859A12627B58F3E6EC985
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
Signing time: Tue 25 Jun 2024 06:51:46 +0000
ROA not before: Tue 25 Jun 2024 06:46:46 +0000
ROA not after: Tue 24 Jun 2025 06:51:46 +0000
asID: 212609
IP address blocks: 212.102.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:aa:83:c5:6e:f7:a4:37:f0:a8:59:a1:26:27:b5:8f:3e:6e:c9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jun 25 06:46:46 2024 GMT
Not After : Jun 24 06:51:46 2025 GMT
Subject: CN=CF304489AE35A2F6A0ED69FE9D2BE99A9724F8CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:68:59:3e:7c:5a:bb:2a:8b:03:2f:ac:7b:
6d:0e:c6:bc:28:f3:6c:78:e3:70:55:8c:81:8d:ab:
94:7a:fa:30:19:4c:6c:65:af:b9:38:74:27:38:02:
10:e1:b6:f8:1b:57:6c:8a:dc:52:41:44:5f:bf:1c:
d5:b2:98:e5:86:bd:62:cd:13:e7:ce:0b:d6:ec:61:
0a:91:68:ce:c2:3f:7c:db:b5:7b:ee:b7:88:e6:21:
ce:bc:5a:30:ac:a8:e8:17:b1:cd:c0:7c:94:ca:26:
50:bc:91:fe:20:a3:7c:13:42:d4:4c:3e:88:52:93:
c4:d9:ad:30:cc:b2:00:d8:93:f5:7d:31:64:03:2b:
8d:82:29:6a:51:0d:29:f4:a3:10:95:75:bd:c7:e9:
98:b6:77:83:73:fe:5a:75:e4:6e:97:3c:a5:71:a9:
d5:f4:1a:4d:85:0a:b1:1b:00:c8:d5:e8:05:73:b8:
84:44:27:d4:a3:85:53:cf:26:71:0b:e7:80:a5:07:
a6:ad:93:af:49:68:f0:ae:74:69:ae:5c:c6:04:78:
c3:c2:3f:55:50:50:1b:4a:53:61:84:41:ec:81:8a:
33:87:77:41:45:08:91:57:fb:06:a3:21:7f:62:16:
bc:39:8d:33:3b:17:8b:a0:3b:b1:bd:e3:19:71:04:
60:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:30:44:89:AE:35:A2:F6:A0:ED:69:FE:9D:2B:E9:9A:97:24:F8:CE
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.114.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:77:65:6f:3b:14:29:f8:03:25:9e:35:38:b2:79:71:eb:8c:
bf:17:31:8b:d9:f3:a1:ed:9d:5c:b8:f9:7c:90:02:71:88:7e:
a2:1d:a0:7c:00:9a:d0:6e:33:4e:98:ef:39:55:fb:24:93:7d:
57:14:ba:62:b4:67:e5:07:64:26:75:89:fc:27:25:d3:c0:8d:
6e:8e:f9:e8:7c:c4:1a:e5:9b:c9:29:26:79:a3:7e:e0:32:fa:
c0:06:92:11:ad:a7:f7:d9:13:ea:0c:d1:78:a5:67:7d:63:78:
6f:bc:25:80:92:47:ae:e0:f2:cb:f0:c4:0a:27:34:21:fa:d6:
f6:1a:a9:0a:75:bd:c6:3d:25:b7:64:9a:92:27:d1:7f:34:a8:
a5:05:34:b4:0e:6f:af:ae:2b:05:4a:ec:8d:77:e1:72:73:a1:
aa:b5:3a:65:e8:76:d5:c3:b9:ab:e1:d5:b0:3e:24:92:32:d0:
2b:ae:e4:8c:ad:de:e6:bd:14:0e:e7:42:45:54:53:7a:61:0c:
d9:08:c8:81:1c:71:09:2e:82:13:5c:fe:3d:0a:32:37:35:70:
f3:c2:37:71:d9:22:59:78:48:b5:8c:72:10:73:ca:f9:7b:3c:
e1:e3:1f:08:78:8e:5f:b1:2b:9b:f2:e6:75:ed:96:2b:a4:78:
58:3a:39:d3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGqqDxW73pDfwqFmhJie1jz5uyYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDA2MjUwNjQ2NDZaFw0yNTA2MjQwNjUxNDZaMDMxMTAvBgNV
BAMTKENGMzA0NDg5QUUzNUEyRjZBMEVENjlGRTlEMkJFOTlBOTcyNEY4Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWa2hZPnxauyqLAy+se20Oxrwo
82x443BVjIGNq5R6+jAZTGxlr7k4dCc4AhDhtvgbV2yK3FJBRF+/HNWymOWGvWLN
E+fOC9bsYQqRaM7CP3zbtXvut4jmIc68WjCsqOgXsc3AfJTKJlC8kf4go3wTQtRM
PohSk8TZrTDMsgDYk/V9MWQDK42CKWpRDSn0oxCVdb3H6Zi2d4Nz/lp15G6XPKVx
qdX0Gk2FCrEbAMjV6AVzuIREJ9SjhVPPJnEL54ClB6atk69JaPCudGmuXMYEeMPC
P1VQUBtKU2GEQeyBijOHd0FFCJFX+wajIX9iFrw5jTM7F4ugO7G94xlxBGClAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzzBEia41ovag7Wn+nSvpmpck+M4wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIzMTMyMmUzMTMwMzIyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM2MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANRmcjANBgkqhkiG9w0BAQsFAAOCAQEAs3dlbzsUKfgDJZ41OLJ5ceuMvxcx
i9nzoe2dXLj5fJACcYh+oh2gfACa0G4zTpjvOVX7JJN9VxS6YrRn5QdkJnWJ/Ccl
08CNbo756HzEGuWbySkmeaN+4DL6wAaSEa2n99kT6gzReKVnfWN4b7wlgJJHruDy
y/DECic0IfrW9hqpCnW9xj0lt2SakifRfzSopQU0tA5vr64rBUrsjXfhcnOhqrU6
Zeh21cO5q+HVsD4kkjLQK67kjK3e5r0UDudCRVRTemEM2QjIgRxxCS6CE1z+PQoy
NzVw88I3cdkiWXhItYxyEHPK+Xs84eMfCHiOX7Erm/Lmde2WK6R4WDo50w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org