Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323134393431.roa
File: 3231332e3235342e3137302e302f32342d3234203d3e20323134393431.roa (raw, json)
Hash identifier: DDeP4uYwqP8b0ON0e+nML7HE4UFDik7BChJ/x0EHl9Q=
Subject key identifier: 3D:83:0E:E8:13:F7:00:46:EA:74:84:47:85:05:AB:8C:26:2F:22:51
Certificate issuer: /CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Certificate serial: 218C32B80CDF3980DD6D38A905AF2ABCB8F86052
Authority key identifier: 5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323134393431.roa
Signing time: Mon 11 Nov 2024 17:57:27 +0000
ROA not before: Mon 11 Nov 2024 17:52:27 +0000
ROA not after: Mon 10 Nov 2025 17:57:27 +0000
asID: 214941
IP address blocks: 213.254.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.mft
rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 07:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8c:32:b8:0c:df:39:80:dd:6d:38:a9:05:af:2a:bc:b8:f8:60:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Validity
Not Before: Nov 11 17:52:27 2024 GMT
Not After : Nov 10 17:57:27 2025 GMT
Subject: CN=3D830EE813F70046EA7484478505AB8C262F2251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:07:57:63:df:bb:8f:da:0b:5f:80:c0:4c:5d:
dc:d2:32:02:83:c0:d2:c8:bb:90:d5:f6:42:f8:7f:
b1:7a:47:60:11:15:9b:84:b7:2e:b8:73:04:f2:32:
2c:bb:06:c5:75:07:81:6c:ba:d0:c9:a2:e8:f7:33:
6a:31:45:0f:a6:28:4d:0c:b0:2f:2d:ac:67:5d:76:
46:54:a9:01:de:23:31:4e:dc:75:45:9f:9d:f6:d6:
cd:fb:35:fc:a6:b8:b5:92:f3:1b:73:57:07:d7:95:
a8:da:f2:86:67:b1:83:56:9d:12:4d:31:cf:5a:d8:
4d:e0:b8:3c:e9:38:b9:34:dc:56:fb:78:d8:ee:db:
88:a2:84:b8:d8:9f:02:fa:b7:15:e5:cc:e1:9f:97:
4f:8c:5f:22:1c:66:4f:05:a0:71:e6:df:ae:27:37:
c3:7f:e4:32:c8:92:17:e5:07:30:65:e1:b9:0b:f1:
64:65:be:f4:ae:c5:1f:fd:39:57:8b:73:22:fe:f9:
d7:a3:33:16:3b:d4:8d:a5:1b:0e:de:89:07:33:76:
81:7d:c5:e9:c5:e0:cf:e3:e7:a9:42:13:bf:17:64:
a1:65:c1:5f:e8:57:36:43:fb:e4:df:0d:fb:e4:04:
96:85:01:19:2b:31:2f:a4:53:17:fe:46:7d:bc:d6:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:0E:E8:13:F7:00:46:EA:74:84:47:85:05:AB:8C:26:2F:22:51
X509v3 Authority Key Identifier:
keyid:5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e20323134393431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.254.170.0/24
Signature Algorithm: sha256WithRSAEncryption
86:fd:2e:43:f8:8b:8a:c7:ce:60:3c:3d:bf:b4:c8:c9:8c:08:
77:dc:19:c2:f4:ef:d6:eb:d7:07:49:3c:8e:0b:c7:9c:a5:dd:
3d:9a:58:aa:94:b5:42:f4:d7:ea:60:0a:66:fd:6b:65:c4:55:
a0:3d:62:4a:1d:47:b1:56:93:a7:89:e2:a6:35:9d:c8:f3:f7:
b5:78:0b:92:9b:5b:f2:73:fa:86:1b:24:66:bb:21:d5:8b:d5:
fa:5b:5f:b7:ac:79:b4:d0:e6:b7:bf:1f:55:c9:b5:4d:18:da:
d5:c5:59:41:9d:eb:c6:68:58:28:38:1f:3c:7a:04:4f:5c:ca:
90:18:44:28:bf:0b:fc:2d:01:95:c8:67:55:56:e2:4a:9e:16:
b6:96:69:ca:04:1f:db:a6:4a:4e:cc:21:0b:1e:65:d0:94:d8:
0c:da:47:68:d2:8d:fe:97:80:f6:c4:b4:99:ca:ee:a3:52:db:
02:34:70:3b:55:59:78:4f:7b:43:17:c1:e2:27:9b:59:4b:2b:
1b:eb:f9:fd:3a:36:dd:e9:b4:a3:bd:25:da:15:ab:ef:2d:e9:
65:9f:e2:4e:d1:1b:73:82:6a:19:46:fd:9b:df:1d:a3:c8:e2:
de:fa:0d:0c:a2:d2:5b:ba:79:57:6b:d1:6d:ba:5e:4e:9d:7e:
be:05:7d:18
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIYwyuAzfOYDdbTipBa8qvLj4YFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVjYjRjYWRiYmFkZDUwMGY0OWNhNjk3ZDU2NmEyNzYx
ZTAxNzYwODAeFw0yNDExMTExNzUyMjdaFw0yNTExMTAxNzU3MjdaMDMxMTAvBgNV
BAMTKDNEODMwRUU4MTNGNzAwNDZFQTc0ODQ0Nzg1MDVBQjhDMjYyRjIyNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrB1dj37uP2gtfgMBMXdzSMgKD
wNLIu5DV9kL4f7F6R2ARFZuEty64cwTyMiy7BsV1B4FsutDJouj3M2oxRQ+mKE0M
sC8trGdddkZUqQHeIzFO3HVFn5321s37NfymuLWS8xtzVwfXlaja8oZnsYNWnRJN
Mc9a2E3guDzpOLk03Fb7eNju24iihLjYnwL6txXlzOGfl0+MXyIcZk8FoHHm364n
N8N/5DLIkhflBzBl4bkL8WRlvvSuxR/9OVeLcyL++dejMxY71I2lGw7eiQczdoF9
xenF4M/j56lCE78XZKFlwV/oVzZD++TfDfvkBJaFARkrMS+kUxf+Rn281iuTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUPYMO6BP3AEbqdIRHhQWrjCYvIlEwHwYDVR0j
BBgwFoAUXstMrbut1QD0nKaX1Waidh4BdggwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgtYmZlMC00MjM1LWFmYjQtZDUzZWRmYmFj
ZGQyLzAvNUVDQjRDQURCQkFERDUwMEY0OUNBNjk3RDU2NkEyNzYxRTAxNzYwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hzdE1yYnV0MVFEMG5LYVgxV2FpZGg0
QmRnZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgt
YmZlMC00MjM1LWFmYjQtZDUzZWRmYmFjZGQyLzAvMzIzMTMzMmUzMjM1MzQyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM5MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANX+qjANBgkqhkiG9w0BAQsFAAOCAQEAhv0uQ/iLisfOYDw9v7TIyYwId9wZ
wvTv1uvXB0k8jgvHnKXdPZpYqpS1QvTX6mAKZv1rZcRVoD1iSh1HsVaTp4nipjWd
yPP3tXgLkptb8nP6hhskZrsh1YvV+ltft6x5tNDmt78fVcm1TRja1cVZQZ3rxmhY
KDgfPHoET1zKkBhEKL8L/C0BlchnVVbiSp4WtpZpygQf26ZKTswhCx5l0JTYDNpH
aNKN/peA9sS0mcruo1LbAjRwO1VZeE97QxfB4iebWUsrG+v5/To23em0o70l2hWr
7y3pZZ/iTtEbc4JqGUb9m98do8ji3voNDKLSW7p5V2vRbbpeTp1+vgV9GA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:14 2025 by rpki-client