Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130362e302f32342d3234203d3e20323133353032.roa
File: 33312e32322e3130362e302f32342d3234203d3e20323133353032.roa (raw, json)
Hash identifier: jNzQvK975k0nFSky/OYcsFfueNL1XvYeIp3mtR/7WPY=
Subject key identifier: F0:A3:8A:CC:02:7E:09:6A:83:5F:8F:67:2B:BB:A5:BC:5F:45:34:05
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 223D52F3C8E482DD37E4BC23F47B2200568D672C
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130362e302f32342d3234203d3e20323133353032.roa
Signing time: Fri 31 Jan 2025 10:33:35 +0000
ROA not before: Fri 31 Jan 2025 10:28:35 +0000
ROA not after: Fri 30 Jan 2026 10:33:35 +0000
asID: 213502
IP address blocks: 31.22.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3d:52:f3:c8:e4:82:dd:37:e4:bc:23:f4:7b:22:00:56:8d:67:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Jan 31 10:28:35 2025 GMT
Not After : Jan 30 10:33:35 2026 GMT
Subject: CN=F0A38ACC027E096A835F8F672BBBA5BC5F453405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:f8:a8:86:4f:8f:91:5e:39:93:54:6d:d3:
3a:79:a0:b8:15:f4:11:aa:02:c4:da:2c:f3:e8:ba:
e5:be:0b:e3:8c:c5:9b:5a:eb:c7:ae:25:a9:e0:b8:
c4:58:f7:a3:e6:37:79:b9:e6:98:10:23:11:ea:79:
9d:8c:3b:1d:cf:db:45:68:1c:d3:29:1c:2b:1d:e5:
8c:70:29:9f:8a:79:db:b5:6f:d8:f5:72:df:ed:87:
3b:18:e7:58:28:5b:26:3d:79:c5:bf:68:78:60:1d:
1c:99:06:0c:01:e5:17:10:53:cb:92:b1:80:fb:41:
c6:c4:8d:6d:63:cf:65:73:87:ed:d9:f7:b4:2e:0e:
90:40:56:7d:b3:31:c5:53:cf:ca:f1:cb:0b:ae:65:
f6:38:dd:79:15:be:8a:2e:bd:ae:80:c0:80:bb:49:
e3:8d:23:43:ce:14:5f:9b:03:3a:e0:98:3d:94:13:
61:ee:cc:ae:a5:c1:90:51:95:b7:fe:c0:82:2b:bd:
3c:bb:3d:4a:84:26:ea:51:5f:72:20:a0:53:86:4e:
4a:44:bb:85:28:e0:44:0e:ad:ac:11:23:a4:a7:2f:
2b:b5:88:fc:a8:0d:82:e2:30:91:00:f8:0f:f2:08:
ab:09:0b:2d:e4:83:1d:ca:1f:30:6d:ef:5e:25:ea:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A3:8A:CC:02:7E:09:6A:83:5F:8F:67:2B:BB:A5:BC:5F:45:34:05
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130362e302f32342d3234203d3e20323133353032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.106.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ed:03:6b:fb:81:c9:67:db:0c:18:2c:15:d8:c9:78:78:b5:
1d:56:5a:81:95:d2:a9:42:aa:b3:d3:bf:3a:7e:62:a2:23:78:
61:4c:f6:aa:01:5c:d7:8f:b0:c8:ae:4b:71:b4:0c:0c:da:26:
e6:42:75:c8:b0:ab:86:d7:10:55:7c:69:a3:d1:be:33:51:db:
67:72:e4:a6:8e:8f:bd:f5:21:dc:b2:bd:43:5d:e1:4e:ed:fe:
3d:2c:d4:19:4f:b7:47:8e:83:97:62:cd:92:d2:93:ef:5e:1c:
20:88:7e:29:3f:d1:1b:26:f7:d1:88:a2:67:c9:59:60:ac:20:
f3:68:6c:8a:fc:66:b3:8d:85:7a:14:2c:b8:d8:12:a6:04:f9:
07:5d:8e:f5:8b:80:3d:75:4b:e4:28:27:f0:e5:ff:4e:b5:b5:
b8:72:23:00:70:b1:ac:64:3c:80:75:34:e5:37:1f:91:f3:d2:
75:f4:48:2c:67:bc:cd:eb:59:16:6f:2f:4b:22:60:f1:5c:6a:
1f:49:d6:2c:dc:d4:2d:b7:5e:6c:a7:8f:b4:45:4d:f5:f6:20:
e8:7a:cd:47:a7:07:39:a8:23:eb:20:07:2c:ed:31:71:24:83:
67:a8:ea:e2:6c:87:c3:90:1a:1a:c5:d0:7d:17:0b:e3:d5:4e:
56:49:11:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIj1S88jkgt035Lwj9HsiAFaNZywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAxMzExMDI4MzVaFw0yNjAxMzAxMDMzMzVaMDMxMTAvBgNV
BAMTKEYwQTM4QUNDMDI3RTA5NkE4MzVGOEY2NzJCQkJBNUJDNUY0NTM0MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0g/iohk+PkV45k1Rt0zp5oLgV
9BGqAsTaLPPouuW+C+OMxZta68euJanguMRY96PmN3m55pgQIxHqeZ2MOx3P20Vo
HNMpHCsd5YxwKZ+Kedu1b9j1ct/thzsY51goWyY9ecW/aHhgHRyZBgwB5RcQU8uS
sYD7QcbEjW1jz2Vzh+3Z97QuDpBAVn2zMcVTz8rxywuuZfY43XkVvoouva6AwIC7
SeONI0POFF+bAzrgmD2UE2HuzK6lwZBRlbf+wIIrvTy7PUqEJupRX3IgoFOGTkpE
u4Uo4EQOrawRI6SnLyu1iPyoDYLiMJEA+A/yCKsJCy3kgx3KHzBt714l6kXFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8KOKzAJ+CWqDX49nK7ulvF9FNAUwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzMzMTJlMzIzMjJlMzEzMDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMzMzUzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HxZqMA0GCSqGSIb3DQEBCwUAA4IBAQBh7QNr+4HJZ9sMGCwV2Ml4eLUdVlqBldKp
Qqqz0786fmKiI3hhTPaqAVzXj7DIrktxtAwM2ibmQnXIsKuG1xBVfGmj0b4zUdtn
cuSmjo+99SHcsr1DXeFO7f49LNQZT7dHjoOXYs2S0pPvXhwgiH4pP9EbJvfRiKJn
yVlgrCDzaGyK/GazjYV6FCy42BKmBPkHXY71i4A9dUvkKCfw5f9OtbW4ciMAcLGs
ZDyAdTTlNx+R89J19EgsZ7zN61kWby9LImDxXGofSdYs3NQtt15sp4+0RU319iDo
es1Hpwc5qCPrIAcs7TFxJINnqOribIfDkBoaxdB9Fwvj1U5WSRF4
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:46 2025 by rpki-client