Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
File: 3231322e322e3233382e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: IgU1SC5wc3taOE2/72dwl7gM2xQN+vyzd4Q/PdZfc0Y=
Subject key identifier: 05:21:7C:4B:D2:1F:3B:E6:6D:CC:EC:CB:7C:46:AA:BB:4E:66:45:41
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 70D3B90079515C0415A8E0059AC5E9B9D631FCCE
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
Signing time: Thu 04 Apr 2024 11:05:14 +0000
ROA not before: Thu 04 Apr 2024 11:00:14 +0000
ROA not after: Thu 03 Apr 2025 11:05:14 +0000
asID: 42831
IP address blocks: 212.2.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:d3:b9:00:79:51:5c:04:15:a8:e0:05:9a:c5:e9:b9:d6:31:fc:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:14 2024 GMT
Not After : Apr 3 11:05:14 2025 GMT
Subject: CN=05217C4BD21F3BE66DCCECCB7C46AABB4E664541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:49:c6:6d:25:4b:d5:d8:6b:d6:df:a9:f6:
3a:1d:7f:2a:4c:ce:97:c6:0a:f9:4d:36:ad:ad:e3:
3d:28:4c:f1:a0:52:65:43:4e:7c:af:64:3d:1c:77:
57:06:29:02:a8:d1:67:bf:cb:bf:fa:65:ac:00:88:
18:c8:e3:75:fa:84:ad:cd:e6:ff:79:e1:2f:1a:e4:
6e:1f:49:9f:45:7e:32:69:03:fd:33:8d:e9:af:35:
80:18:5a:b9:4b:d7:e3:69:61:a9:05:e7:d9:6b:c3:
a7:ce:cb:fd:11:b9:7f:6d:a0:f1:24:7b:a7:d8:f6:
51:ca:99:89:89:4a:f1:68:58:31:f2:0c:c6:6a:b2:
2b:1d:0f:41:0a:e4:e7:21:33:38:33:9b:38:57:6a:
70:38:77:4b:7b:c2:b0:b6:78:85:5d:d9:ab:25:37:
1a:7c:9d:04:92:cc:a5:9c:f8:58:71:c2:45:47:f4:
a2:ea:a5:6d:a4:ca:72:22:af:f2:be:c5:f8:74:ba:
af:37:03:56:d7:fc:43:85:e6:23:07:90:89:82:33:
79:d3:96:77:51:48:49:94:a5:8d:22:02:8c:d7:3a:
e2:e6:f0:31:d5:14:ae:0a:a6:35:50:e9:c4:f8:5e:
c3:c8:8e:93:5d:5c:a4:d6:72:ea:d9:a9:a7:fb:86:
32:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:21:7C:4B:D2:1F:3B:E6:6D:CC:EC:CB:7C:46:AA:BB:4E:66:45:41
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.2.238.0/24
Signature Algorithm: sha256WithRSAEncryption
01:47:82:41:d7:49:a8:ea:c9:1c:98:8b:1e:56:ed:2c:1c:68:
d1:5c:aa:21:c1:cb:e4:82:f5:75:a1:60:4c:fa:f2:8f:6d:1e:
1c:58:8d:d7:ef:c3:1d:e0:ff:ef:2d:96:3d:3b:9b:e0:56:92:
47:8d:6c:bd:01:ca:c9:3c:2d:83:63:2b:89:2c:a3:03:04:03:
53:59:ea:88:eb:96:8e:95:ff:e9:5a:1b:ad:85:77:55:ca:b8:
7c:17:3b:8a:ab:51:05:e3:f9:21:fe:f1:3a:39:09:5b:9d:cf:
a8:af:b4:17:6d:4b:52:48:55:ca:9c:f6:35:ee:09:d1:6d:95:
80:34:32:c5:1a:aa:a5:d7:ce:5d:6f:22:68:c2:cd:8f:c4:c7:
26:49:95:69:f8:ac:96:21:c7:9e:ee:02:f8:64:66:5b:0d:90:
97:3e:d6:37:41:cd:ca:04:c5:ff:44:bb:cf:19:97:28:ae:d9:
ac:bf:c5:f3:d6:01:70:f7:ab:8c:f9:8f:fa:1b:1e:43:cb:70:
56:61:06:4f:b8:7e:a0:33:e7:ac:ef:70:61:8c:17:a4:27:c0:
70:8c:62:c0:66:ae:73:0a:3c:26:a4:80:9b:b2:8c:25:8b:b6:
47:61:54:8c:07:76:e0:e2:b1:61:f5:66:c6:56:55:60:48:71:
01:35:44:50
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcNO5AHlRXAQVqOAFmsXpudYx/M4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTRaFw0yNTA0MDMxMTA1MTRaMDMxMTAvBgNV
BAMTKDA1MjE3QzRCRDIxRjNCRTY2RENDRUNDQjdDNDZBQUJCNEU2NjQ1NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1l0nGbSVL1dhr1t+p9jodfypM
zpfGCvlNNq2t4z0oTPGgUmVDTnyvZD0cd1cGKQKo0We/y7/6ZawAiBjI43X6hK3N
5v954S8a5G4fSZ9FfjJpA/0zjemvNYAYWrlL1+NpYakF59lrw6fOy/0RuX9toPEk
e6fY9lHKmYmJSvFoWDHyDMZqsisdD0EK5OchMzgzmzhXanA4d0t7wrC2eIVd2asl
Nxp8nQSSzKWc+FhxwkVH9KLqpW2kynIir/K+xfh0uq83A1bX/EOF5iMHkImCM3nT
lndRSEmUpY0iAozXOuLm8DHVFK4KpjVQ6cT4XsPIjpNdXKTWcurZqaf7hjJRAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUBSF8S9IfO+ZtzOzLfEaqu05mRUEwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMyMmUzMjJlMzIzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM4MzMzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQC
7jANBgkqhkiG9w0BAQsFAAOCAQEAAUeCQddJqOrJHJiLHlbtLBxo0VyqIcHL5IL1
daFgTPryj20eHFiN1+/DHeD/7y2WPTub4FaSR41svQHKyTwtg2MriSyjAwQDU1nq
iOuWjpX/6VobrYV3Vcq4fBc7iqtRBeP5If7xOjkJW53PqK+0F21LUkhVypz2Ne4J
0W2VgDQyxRqqpdfOXW8iaMLNj8THJkmVafisliHHnu4C+GRmWw2Qlz7WN0HNygTF
/0S7zxmXKK7ZrL/F89YBcPerjPmP+hseQ8twVmEGT7h+oDPnrO9wYYwXpCfAcIxi
wGaucwo8JqSAm7KMJYu2R2FUjAd24OKxYfVmxlZVYEhxATVEUA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 16:18:02 2024 by rpki-client on console-fra.rpki-client.org