Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20323135343030.roa
File: 3231332e3232352e3233362e302f32342d3234203d3e20323135343030.roa (raw, json)
Hash identifier: 4HtZMlrLo49KGs5KkvuGEppsx62SsxjUc4LoUqP8aXs=
Subject key identifier: B7:0C:2A:69:B4:60:D7:36:90:34:66:D4:A2:8B:F8:13:D9:42:B4:9E
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 41441D4D472C8342AD3A3ECAADCE1525FA799D3F
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20323135343030.roa
Signing time: Mon 04 Mar 2024 13:47:49 +0000
ROA not before: Mon 04 Mar 2024 13:42:49 +0000
ROA not after: Mon 03 Mar 2025 13:47:49 +0000
asID: 215400
IP address blocks: 213.225.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:44:1d:4d:47:2c:83:42:ad:3a:3e:ca:ad:ce:15:25:fa:79:9d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 4 13:42:49 2024 GMT
Not After : Mar 3 13:47:49 2025 GMT
Subject: CN=B70C2A69B460D736903466D4A28BF813D942B49E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:68:9c:81:16:c0:4c:77:90:54:b6:0f:c8:c0:
b3:7b:f7:78:88:e1:50:b5:52:a4:8e:ca:43:aa:16:
f2:a7:83:40:31:e1:dd:1f:df:c9:63:a4:f2:e4:14:
f3:8c:51:10:2f:fb:78:28:53:a0:cd:bb:2c:f8:dc:
b5:88:21:d6:77:a8:16:4c:3a:ee:ee:80:62:bb:37:
55:3a:29:d7:fc:08:67:03:9d:ef:09:d9:f1:db:7d:
6f:c5:73:18:d0:73:1b:cf:33:59:97:41:0f:cc:09:
38:f5:d4:30:bd:f5:6b:ab:36:f4:3d:6e:8e:97:62:
a5:df:e9:06:1b:3a:03:55:e9:34:6c:72:fb:f3:56:
9a:5a:d3:3d:b1:7f:94:57:e6:62:9b:00:bf:33:21:
22:16:00:d0:f6:62:09:b3:94:2c:84:93:1a:b3:a0:
89:18:b8:25:79:b7:80:f9:13:1c:2c:f0:81:da:0d:
9c:99:ef:34:48:c2:a6:a5:e0:0d:2f:c6:85:59:c8:
a2:73:08:0e:2d:d9:f3:fc:1b:c0:52:ef:c7:87:4b:
c4:c4:1e:88:0c:d8:7c:ad:1e:a2:74:6a:89:01:b8:
b5:6c:9c:ce:55:f6:cf:12:fa:13:b6:bc:6d:a5:54:
e7:6b:82:8b:26:13:da:14:b1:72:da:04:31:45:03:
6a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0C:2A:69:B4:60:D7:36:90:34:66:D4:A2:8B:F8:13:D9:42:B4:9E
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20323135343030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:13:7a:e9:6a:78:11:b6:33:eb:f9:36:17:0c:a4:b8:99:58:
da:2b:2d:8f:4f:d9:b8:89:96:a9:c5:c0:24:2e:f1:54:7e:5a:
90:fc:55:5b:c5:bc:27:ec:4a:c1:eb:69:42:0c:59:91:04:8a:
87:21:96:e2:32:b4:95:f5:6d:93:f3:38:d2:b2:7b:af:f0:c1:
aa:da:16:62:00:48:cd:bd:41:cc:6a:ca:da:b6:a7:a6:f8:66:
e4:05:e7:35:82:8b:15:a3:40:bb:aa:55:5e:31:35:c5:22:cd:
7d:9f:18:00:db:da:9d:bd:c7:db:75:33:3e:cd:d6:c0:75:e1:
a0:8e:7f:ba:87:89:b9:e8:d6:0f:88:9a:99:f9:53:79:20:ca:
6f:e3:84:e6:2c:b6:20:35:64:26:c8:0c:0e:dd:d4:12:47:54:
dc:0a:66:20:a1:bd:b3:63:06:bc:62:39:d0:81:b6:07:3d:36:
5a:ad:63:ff:8e:a8:94:93:78:bc:a0:ba:b5:33:b4:a3:f8:19:
35:51:23:eb:f9:35:c0:58:af:ca:c9:93:e6:7c:04:4e:f8:dc:
76:e4:95:41:3e:12:c0:e3:fc:d0:c8:5a:3c:8e:b7:2d:3e:38:
37:25:0f:af:9b:93:df:53:6e:54:9f:48:ff:df:28:31:9a:6c:
4d:d9:52:2c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQUQdTUcsg0KtOj7Krc4VJfp5nT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDAzMDQxMzQyNDlaFw0yNTAzMDMxMzQ3NDlaMDMxMTAvBgNV
BAMTKEI3MEMyQTY5QjQ2MEQ3MzY5MDM0NjZENEEyOEJGODEzRDk0MkI0OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4aJyBFsBMd5BUtg/IwLN793iI
4VC1UqSOykOqFvKng0Ax4d0f38ljpPLkFPOMURAv+3goU6DNuyz43LWIIdZ3qBZM
Ou7ugGK7N1U6Kdf8CGcDne8J2fHbfW/FcxjQcxvPM1mXQQ/MCTj11DC99WurNvQ9
bo6XYqXf6QYbOgNV6TRscvvzVppa0z2xf5RX5mKbAL8zISIWAND2YgmzlCyEkxqz
oIkYuCV5t4D5Exws8IHaDZyZ7zRIwqal4A0vxoVZyKJzCA4t2fP8G8BS78eHS8TE
HogM2HytHqJ0aokBuLVsnM5V9s8S+hO2vG2lVOdrgosmE9oUsXLaBDFFA2qVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtwwqabRg1zaQNGbUoov4E9lCtJ4wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM0MzAzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANXh7DANBgkqhkiG9w0BAQsFAAOCAQEAthN66Wp4EbYz6/k2FwykuJlY2ist
j0/ZuImWqcXAJC7xVH5akPxVW8W8J+xKwetpQgxZkQSKhyGW4jK0lfVtk/M40rJ7
r/DBqtoWYgBIzb1BzGrK2ranpvhm5AXnNYKLFaNAu6pVXjE1xSLNfZ8YANvanb3H
23UzPs3WwHXhoI5/uoeJuejWD4iamflTeSDKb+OE5iy2IDVkJsgMDt3UEkdU3Apm
IKG9s2MGvGI50IG2Bz02Wq1j/46olJN4vKC6tTO0o/gZNVEj6/k1wFivysmT5nwE
TvjcduSVQT4SwOP80MhaPI63LT44NyUPr5uT31NuVJ9I/98oMZpsTdlSLA==
-----END CERTIFICATE-----
Generated at Fri May 10 16:27:19 2024 by rpki-client on console-fra.rpki-client.org