Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
File: 3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa (raw, json)
Hash identifier: +wkvvsVbjCgLJDSb47q7l32YdN9x/qgucUBB5pc/Pwk=
Subject key identifier: 97:E6:D5:27:F1:CF:40:5F:2D:A9:BB:A7:35:AD:FB:5A:75:AA:8B:10
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 28F00957E5BF929846622A643E824DDB2721F750
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
Signing time: Thu 04 Apr 2024 11:05:16 +0000
ROA not before: Thu 04 Apr 2024 11:00:16 +0000
ROA not after: Thu 03 Apr 2025 11:05:16 +0000
asID: 272692
IP address blocks: 213.225.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:f0:09:57:e5:bf:92:98:46:62:2a:64:3e:82:4d:db:27:21:f7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Apr 4 11:00:16 2024 GMT
Not After : Apr 3 11:05:16 2025 GMT
Subject: CN=97E6D527F1CF405F2DA9BBA735ADFB5A75AA8B10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:3f:c3:b5:85:05:e8:76:8f:e0:41:b9:5e:
e5:55:51:27:27:22:9b:60:93:41:d4:5b:7e:70:ba:
df:9f:83:88:2d:6e:ea:c2:9e:fa:f9:4d:2b:4e:87:
d1:76:31:74:fb:93:62:7a:ed:07:53:02:21:b1:a5:
22:28:41:33:4c:8e:db:33:ae:e4:49:53:7f:30:a1:
02:a2:8c:25:8f:b8:3c:68:53:aa:b9:94:e5:df:cb:
4a:6d:00:61:01:17:40:50:d8:f6:82:77:cf:92:85:
a8:58:1f:07:25:8e:b5:b4:29:56:a4:31:e2:f7:1e:
4b:e5:18:fe:22:dd:fc:a5:5f:ac:6d:86:0c:17:e5:
1c:a2:90:6b:9e:e9:33:4b:0d:b6:70:b6:66:f7:0e:
30:e0:48:e9:a6:39:49:f5:52:e8:df:cf:ab:db:1e:
cb:22:76:1b:71:91:2d:91:70:eb:8e:96:41:fb:7a:
5e:5a:f0:48:7c:70:b3:69:d6:81:7c:cc:98:a1:f2:
04:ed:2b:48:3f:b5:ff:4d:02:e3:07:fa:95:e3:a5:
a0:39:14:4a:5f:c8:51:e4:9b:fe:4f:13:ce:94:3d:
19:4a:ae:3a:41:d5:a2:7f:1a:35:ba:65:66:51:a7:
d0:2c:5e:5e:53:b0:9e:ea:e9:d6:64:fe:0c:95:28:
ea:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E6:D5:27:F1:CF:40:5F:2D:A9:BB:A7:35:AD:FB:5A:75:AA:8B:10
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233382e302f32342d3234203d3e20323732363932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:c2:b2:78:d7:af:8f:9a:a3:c2:ae:5a:a5:14:b1:89:71:69:
4a:dd:f0:9e:aa:ec:4a:0b:20:a7:15:8b:0e:b6:f6:10:8f:97:
be:e0:24:57:e1:aa:17:32:ae:de:42:7d:b4:08:7e:bb:d8:6c:
09:4b:16:32:66:e4:6e:d6:16:76:8a:4d:c1:b1:26:bf:6a:15:
cc:cf:35:85:e7:24:2e:df:11:a8:5e:b7:84:6a:02:0c:96:30:
cd:cb:db:6e:ba:de:fe:b2:3e:6a:4b:4b:b8:84:77:71:5e:0c:
f2:37:c9:4f:46:b3:21:5c:43:5f:77:d1:d1:a4:34:76:db:3a:
b1:29:74:f9:1c:b4:0c:e7:d9:82:2c:cc:b2:b5:9e:50:1e:ad:
42:52:d2:62:c7:13:9b:55:e6:90:4e:ea:b6:60:5e:05:1e:3e:
ee:d4:41:80:2b:ae:55:9f:91:6a:86:b5:ff:16:70:ee:79:a7:
36:47:21:97:63:78:3b:18:ed:3f:85:a8:83:21:51:be:4f:b7:
af:c6:6c:17:9d:d0:9e:46:2a:1a:a4:74:9f:56:29:3e:2a:e5:
a7:8f:4b:26:5d:c9:75:25:c4:f4:3b:3b:fd:ea:a3:90:d7:f4:
64:5f:de:a7:df:06:49:5c:1d:1a:35:c0:d5:fe:96:09:37:34:
06:c6:51:ab
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKPAJV+W/kphGYipkPoJN2ych91AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTZaFw0yNTA0MDMxMTA1MTZaMDMxMTAvBgNV
BAMTKDk3RTZENTI3RjFDRjQwNUYyREE5QkJBNzM1QURGQjVBNzVBQThCMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuIj/DtYUF6HaP4EG5XuVVUScn
Iptgk0HUW35wut+fg4gtburCnvr5TStOh9F2MXT7k2J67QdTAiGxpSIoQTNMjtsz
ruRJU38woQKijCWPuDxoU6q5lOXfy0ptAGEBF0BQ2PaCd8+ShahYHwcljrW0KVak
MeL3HkvlGP4i3fylX6xthgwX5RyikGue6TNLDbZwtmb3DjDgSOmmOUn1Uujfz6vb
HssidhtxkS2RcOuOlkH7el5a8Eh8cLNp1oF8zJih8gTtK0g/tf9NAuMH+pXjpaA5
FEpfyFHkm/5PE86UPRlKrjpB1aJ/GjW6ZWZRp9AsXl5TsJ7q6dZk/gyVKOrbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUl+bVJ/HPQF8tqbunNa37WnWqixAwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMjM2MzkzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANXh7jANBgkqhkiG9w0BAQsFAAOCAQEAp8KyeNevj5qjwq5apRSxiXFpSt3w
nqrsSgsgpxWLDrb2EI+XvuAkV+GqFzKu3kJ9tAh+u9hsCUsWMmbkbtYWdopNwbEm
v2oVzM81heckLt8RqF63hGoCDJYwzcvbbrre/rI+aktLuIR3cV4M8jfJT0azIVxD
X3fR0aQ0dts6sSl0+Ry0DOfZgizMsrWeUB6tQlLSYscTm1XmkE7qtmBeBR4+7tRB
gCuuVZ+Raoa1/xZw7nmnNkchl2N4OxjtP4WogyFRvk+3r8ZsF53QnkYqGqR0n1Yp
Pirlp49LJl3JdSXE9Ds7/eqjkNf0ZF/ep98GSVwdGjXA1f6WCTc0BsZRqw==
-----END CERTIFICATE-----
Generated at Sat May 11 08:34:13 2024 by rpki-client on console-fra.rpki-client.org