Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
File: 3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: a5nG92XVA418heAqpkc5ZFwG6jZTt+och2kT0TTqzJ8=
Subject key identifier: 9D:4D:69:F4:52:0E:91:43:01:83:43:6F:26:19:23:0C:4D:1C:06:21
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 4516AF65ACE5EA98238F03AB9C9358334F11423D
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
Signing time: Thu 04 Apr 2024 11:05:15 +0000
ROA not before: Thu 04 Apr 2024 11:00:15 +0000
ROA not after: Thu 03 Apr 2025 11:05:15 +0000
asID: 58061
IP address blocks: 213.225.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:16:af:65:ac:e5:ea:98:23:8f:03:ab:9c:93:58:33:4f:11:42:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:15 2024 GMT
Not After : Apr 3 11:05:15 2025 GMT
Subject: CN=9D4D69F4520E91430183436F2619230C4D1C0621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:f4:f1:e2:43:56:db:3d:6f:97:1d:82:57:
86:fe:57:51:84:0c:a1:e2:1f:dc:89:eb:3c:a4:3a:
b7:3a:a3:32:e5:7c:fb:23:13:ce:3b:38:f0:2a:85:
8d:93:29:96:da:ef:7c:02:6f:4d:e4:40:68:43:2e:
57:6d:1e:aa:7f:aa:bd:79:5c:cb:a3:c7:44:3f:49:
e9:6b:6b:c4:d3:5b:be:21:a1:b7:d8:fe:15:43:37:
a1:63:9b:25:9c:f7:b9:b7:bc:c9:47:1b:90:14:b1:
51:3c:14:62:62:7c:3a:7e:4e:fe:57:f8:f0:19:a5:
17:a0:fd:7e:8f:ad:b5:b8:c8:77:96:ce:e4:6d:47:
84:11:20:1c:2c:e6:53:89:48:63:c8:7f:f4:f0:fb:
d9:78:07:e9:08:3a:e4:7c:04:a5:e3:59:b7:3a:0a:
64:c9:9d:00:b6:f6:de:87:70:f4:c7:63:1f:77:aa:
46:61:5b:4b:d4:5d:4c:58:3b:cd:5a:95:f5:71:cf:
79:f9:dd:1f:46:a6:fe:6d:06:f5:e8:6f:20:5c:63:
49:1f:02:c6:9f:c1:17:49:f3:a2:29:04:f5:98:98:
31:05:4a:58:6a:98:1d:18:f1:9e:bf:33:01:a6:a5:
a4:ac:76:b2:1e:b8:f1:f8:20:a8:4f:06:c7:b7:d6:
f3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4D:69:F4:52:0E:91:43:01:83:43:6F:26:19:23:0C:4D:1C:06:21
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.237.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:b1:ac:79:bd:07:ce:14:9a:9e:8f:4b:96:30:79:b8:1d:d6:
1e:b6:b6:22:47:05:fa:a2:a8:99:73:1e:39:80:50:be:94:fe:
85:39:33:90:c3:90:19:96:c4:9f:ba:da:83:23:78:73:ed:03:
3a:1b:5b:c7:8b:4d:f2:64:33:be:80:e3:18:a2:13:9a:20:13:
41:e6:d6:4d:a4:61:12:30:ad:b9:75:75:ff:61:ba:51:32:ff:
27:64:db:cc:cc:e1:bf:af:a8:f5:8c:75:48:84:39:ac:d7:c5:
b4:ee:30:a6:65:11:d1:cd:a6:15:99:bc:f9:13:6a:e7:b7:65:
12:1e:d6:00:0c:47:a7:5b:be:f3:1a:8c:48:0e:0a:08:2e:ed:
3b:1e:b7:ed:dc:1a:7e:28:d1:50:5e:e4:2f:2d:70:03:f5:15:
51:c8:aa:a5:c8:a8:35:75:1b:49:14:fb:ac:ae:7a:a3:cd:e3:
d1:43:56:9b:cf:26:ad:e4:df:8c:f1:7d:58:40:9b:fe:e5:e5:
62:97:50:8f:ef:0b:3b:41:da:a1:34:c9:ef:41:59:e7:be:ce:
e1:4e:85:d1:4c:18:9c:f2:4d:1f:7f:6e:6f:15:97:f0:98:30:
66:5d:94:8a:12:42:de:a5:41:f8:85:60:17:bd:a2:b3:2a:1f:
b2:d2:41:f6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURRavZazl6pgjjwOrnJNYM08RQj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTVaFw0yNTA0MDMxMTA1MTVaMDMxMTAvBgNV
BAMTKDlENEQ2OUY0NTIwRTkxNDMwMTgzNDM2RjI2MTkyMzBDNEQxQzA2MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCus/Tx4kNW2z1vlx2CV4b+V1GE
DKHiH9yJ6zykOrc6ozLlfPsjE847OPAqhY2TKZba73wCb03kQGhDLldtHqp/qr15
XMujx0Q/Selra8TTW74hobfY/hVDN6FjmyWc97m3vMlHG5AUsVE8FGJifDp+Tv5X
+PAZpReg/X6PrbW4yHeWzuRtR4QRIBws5lOJSGPIf/Tw+9l4B+kIOuR8BKXjWbc6
CmTJnQC29t6HcPTHYx93qkZhW0vUXUxYO81alfVxz3n53R9Gpv5tBvXobyBcY0kf
AsafwRdJ86IpBPWYmDEFSlhqmB0Y8Z6/MwGmpaSsdrIeuPH4IKhPBse31vNrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnU1p9FIOkUMBg0NvJhkjDE0cBiEwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV4e0wDQYJKoZIhvcNAQELBQADggEBALOxrHm9B84Ump6PS5Ywebgd1h62tiJH
BfqiqJlzHjmAUL6U/oU5M5DDkBmWxJ+62oMjeHPtAzobW8eLTfJkM76A4xiiE5og
E0Hm1k2kYRIwrbl1df9hulEy/ydk28zM4b+vqPWMdUiEOazXxbTuMKZlEdHNphWZ
vPkTaue3ZRIe1gAMR6dbvvMajEgOCggu7Tset+3cGn4o0VBe5C8tcAP1FVHIqqXI
qDV1G0kU+6yueqPN49FDVpvPJq3k34zxfVhAm/7l5WKXUI/vCztB2qE0ye9BWee+
zuFOhdFMGJzyTR9/bm8Vl/CYMGZdlIoSQt6lQfiFYBe9orMqH7LSQfY=
-----END CERTIFICATE-----
Generated at Sat May 11 08:13:51 2024 by rpki-client on console-ams.rpki-client.org