Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233392e302f32342d3234203d3e203631333137.roa
File: 3231322e322e3233392e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: rAttKH7p9JN8nY2T7b86+P3puFBRxurGx36oaaKtrjs=
Subject key identifier: 82:31:46:AC:AE:B5:BE:49:2C:67:7E:10:4F:67:95:D0:92:D2:42:F9
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 233464FC702241936ACD839367FD5D543650A109
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233392e302f32342d3234203d3e203631333137.roa
Signing time: Thu 04 Apr 2024 11:05:15 +0000
ROA not before: Thu 04 Apr 2024 11:00:15 +0000
ROA not after: Thu 03 Apr 2025 11:05:15 +0000
asID: 61317
IP address blocks: 212.2.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:34:64:fc:70:22:41:93:6a:cd:83:93:67:fd:5d:54:36:50:a1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:15 2024 GMT
Not After : Apr 3 11:05:15 2025 GMT
Subject: CN=823146ACAEB5BE492C677E104F6795D092D242F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:29:e4:bb:36:48:5a:bd:60:72:85:0e:76:10:
e7:bb:9d:1a:62:42:35:2d:c2:89:70:56:bc:8f:70:
d3:68:83:fd:4c:2e:c5:7d:fe:ee:c7:24:4e:9d:93:
89:23:89:72:4a:b3:2b:9d:73:2b:b5:0e:a3:4a:f7:
32:8e:a0:ff:b3:41:40:35:71:fd:a9:39:0d:d7:21:
7a:b9:a1:46:1b:83:23:a2:2e:9a:10:e0:36:8c:c8:
ff:c7:f6:b7:69:4c:2d:2a:2b:cc:17:23:f0:2e:0c:
a3:9d:f7:94:c8:a1:55:2a:b7:60:bb:f2:02:de:aa:
33:2c:1c:6e:ea:99:b5:1c:ce:6b:f1:42:c6:92:a4:
8c:08:f4:35:4b:24:d7:a5:c4:51:46:fb:f6:53:b8:
0e:fa:0e:9f:07:19:ae:09:4f:43:eb:1d:d8:2b:31:
98:ba:99:3c:07:b3:07:55:8f:52:e9:1a:c0:97:55:
5a:cb:42:40:42:57:0c:53:27:51:75:37:5f:b7:4d:
26:d3:37:2c:f6:85:87:0d:be:0e:4e:4e:2b:48:b1:
96:0a:06:a9:15:00:05:3c:08:38:2b:e3:2a:da:1e:
0f:ae:3a:dc:e7:30:de:2e:1e:90:ae:93:21:b0:b9:
43:62:f2:cf:34:76:16:57:be:17:2b:65:d4:0e:45:
7f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:31:46:AC:AE:B5:BE:49:2C:67:7E:10:4F:67:95:D0:92:D2:42:F9
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231322e322e3233392e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.2.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b9:14:0e:12:05:35:a3:71:25:51:8e:32:05:58:f8:e0:75:
27:09:db:03:c9:a2:2a:dc:c4:8a:91:9e:de:53:3c:e9:d4:e0:
8c:ae:37:60:7d:3d:bf:2f:ce:e2:79:5f:1a:aa:12:95:db:25:
26:90:39:11:24:93:7d:b0:ef:97:a4:3a:c8:2e:ee:60:53:12:
59:54:6b:ff:24:28:4f:b8:ef:93:b3:86:24:01:a9:4f:1a:ef:
c3:6a:a9:b8:d8:02:cd:31:71:bb:f4:4c:90:3a:56:b7:2d:50:
e9:ad:58:84:5e:a4:4d:dd:6d:98:df:ac:04:45:54:6b:31:5d:
5f:e8:65:c9:c8:b3:8e:5b:e9:89:8b:ec:25:db:25:2f:8e:c8:
e8:00:12:6b:f2:43:c9:81:45:2e:3f:44:20:db:0c:10:f9:81:
25:7c:6e:4f:ac:76:14:44:82:fc:6c:5a:f0:2a:9c:34:72:31:
cc:34:db:96:87:5b:ac:16:58:47:e3:3b:10:0a:69:52:c1:6e:
f4:46:f0:75:64:27:f6:ab:d7:2e:ea:6f:2d:f8:30:17:ff:50:
d2:dc:fb:88:ec:bc:71:90:b3:2c:9c:22:06:7d:0d:a3:cf:26:
fb:d5:b7:e8:1f:ec:fb:05:29:e5:35:6b:82:0a:1a:94:a9:4c:
44:a6:aa:5e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUIzRk/HAiQZNqzYOTZ/1dVDZQoQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTVaFw0yNTA0MDMxMTA1MTVaMDMxMTAvBgNV
BAMTKDgyMzE0NkFDQUVCNUJFNDkyQzY3N0UxMDRGNjc5NUQwOTJEMjQyRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtKeS7NkhavWByhQ52EOe7nRpi
QjUtwolwVryPcNNog/1MLsV9/u7HJE6dk4kjiXJKsyudcyu1DqNK9zKOoP+zQUA1
cf2pOQ3XIXq5oUYbgyOiLpoQ4DaMyP/H9rdpTC0qK8wXI/AuDKOd95TIoVUqt2C7
8gLeqjMsHG7qmbUczmvxQsaSpIwI9DVLJNelxFFG+/ZTuA76Dp8HGa4JT0PrHdgr
MZi6mTwHswdVj1LpGsCXVVrLQkBCVwxTJ1F1N1+3TSbTNyz2hYcNvg5OTitIsZYK
BqkVAAU8CDgr4yraHg+uOtznMN4uHpCukyGwuUNi8s80dhZXvhcrZdQORX+fAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgjFGrK61vkksZ34QT2eV0JLSQvkwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMyMmUzMjJlMzIzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQC
7zANBgkqhkiG9w0BAQsFAAOCAQEAbbkUDhIFNaNxJVGOMgVY+OB1JwnbA8miKtzE
ipGe3lM86dTgjK43YH09vy/O4nlfGqoSldslJpA5ESSTfbDvl6Q6yC7uYFMSWVRr
/yQoT7jvk7OGJAGpTxrvw2qpuNgCzTFxu/RMkDpWty1Q6a1YhF6kTd1tmN+sBEVU
azFdX+hlycizjlvpiYvsJdslL47I6AASa/JDyYFFLj9EINsMEPmBJXxuT6x2FESC
/Gxa8CqcNHIxzDTblodbrBZYR+M7EAppUsFu9EbwdWQn9qvXLupvLfgwF/9Q0tz7
iOy8cZCzLJwiBn0No88m+9W36B/s+wUp5TVrggoalKlMRKaqXg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:13:50 2024 by rpki-client on console-ams.rpki-client.org