Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
File: 3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jqcQseMcJoljx8Leqt7x8/xf90t4GGXfxleOeDjkp3Y=
Subject key identifier: A6:29:1D:0E:64:68:06:9E:95:2F:A4:41:86:CF:A1:21:7F:41:EA:D6
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0D0E87294B497D69972D75A41563298F9B2D1415
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:19 +0000
ROA not before: Mon 01 Apr 2024 13:58:19 +0000
ROA not after: Mon 31 Mar 2025 14:03:19 +0000
asID: 136787
IP address blocks: 212.103.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:0e:87:29:4b:49:7d:69:97:2d:75:a4:15:63:29:8f:9b:2d:14:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:19 2024 GMT
Not After : Mar 31 14:03:19 2025 GMT
Subject: CN=A6291D0E6468069E952FA44186CFA1217F41EAD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:58:db:f8:91:43:82:b7:c3:d5:2a:9d:ab:10:
6c:5e:c7:73:a1:a4:a2:ed:75:5f:96:45:d3:85:5a:
f8:01:2d:e9:c8:ae:bf:f7:17:36:85:dd:dd:1b:d5:
8b:58:a0:1f:ac:f6:d4:09:8f:13:7f:8d:e9:b5:96:
a9:19:b7:1a:ad:9f:df:f4:85:d8:63:49:c8:d8:00:
ef:8c:d6:fd:e7:bd:75:a8:af:be:67:cb:b1:93:e6:
c9:75:de:df:10:6c:e4:ff:07:68:88:98:bc:92:31:
81:04:68:dc:f4:6c:2f:39:b0:3c:20:fa:e8:bc:3c:
4f:de:23:9b:18:8e:32:e0:20:d2:42:04:f4:3d:b3:
2b:3a:96:ba:a4:28:47:19:66:22:93:47:5d:cc:b2:
ad:2e:c4:16:39:a8:d1:45:c0:04:92:06:01:1d:97:
e1:fa:bf:03:78:69:13:54:d4:cd:94:a9:1d:87:86:
76:10:c6:6a:c9:cd:4c:8d:e9:8e:60:65:9f:4c:68:
33:5d:4a:52:66:62:f4:b8:7b:e0:68:bb:a6:92:97:
d8:0f:b1:fd:f2:bb:64:76:63:c2:a2:76:f8:a2:62:
30:d9:53:fe:7d:9b:2e:1d:20:c0:77:e2:bf:6d:99:
30:27:6f:ce:c2:14:73:45:e9:c8:87:25:08:78:6b:
e9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:29:1D:0E:64:68:06:9E:95:2F:A4:41:86:CF:A1:21:7F:41:EA:D6
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.60.0/24
Signature Algorithm: sha256WithRSAEncryption
41:40:3b:b5:ff:8c:cd:db:9d:e5:d6:47:7c:df:90:7c:01:7b:
58:d3:81:46:7b:b2:a7:19:50:c7:0a:79:c9:60:95:4d:34:82:
a5:a0:b9:a9:d2:8d:4b:3c:9e:c4:d3:c4:e6:8a:27:af:e9:d8:
46:3b:30:ab:81:92:02:5f:74:a7:f5:ea:d5:4c:5a:18:00:9c:
db:62:1c:83:96:61:a6:71:85:28:5c:cb:e5:c5:8f:9a:78:a3:
6b:ba:8e:1c:94:e8:3b:d6:f3:84:eb:f3:57:2b:57:62:82:19:
cd:1d:8d:5d:a3:b3:cc:ea:66:86:72:23:d9:42:09:fc:9d:56:
80:2e:45:12:37:b9:f5:b8:62:45:94:80:3a:78:e5:56:47:80:
93:cc:f4:8b:69:24:68:66:f9:e8:54:b9:dc:bb:12:ad:de:1c:
e9:0b:23:81:c9:cf:36:85:01:31:91:f7:82:08:72:76:a3:1c:
52:4f:da:35:07:26:f7:c5:73:82:47:9a:31:5e:82:8e:b7:b3:
4f:76:2d:04:19:e6:33:81:1c:3a:16:16:b3:64:37:6b:71:dc:
e8:0b:6d:8d:60:0f:a6:b4:a7:15:5e:a7:8b:ff:d1:0f:bf:54:
50:d1:86:7e:8d:03:50:f9:3a:ae:70:cc:b9:b6:6b:00:6b:04:
cb:d0:79:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDQ6HKUtJfWmXLXWkFWMpj5stFBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTlaFw0yNTAzMzExNDAzMTlaMDMxMTAvBgNV
BAMTKEE2MjkxRDBFNjQ2ODA2OUU5NTJGQTQ0MTg2Q0ZBMTIxN0Y0MUVBRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhWNv4kUOCt8PVKp2rEGxex3Oh
pKLtdV+WRdOFWvgBLenIrr/3FzaF3d0b1YtYoB+s9tQJjxN/jem1lqkZtxqtn9/0
hdhjScjYAO+M1v3nvXWor75ny7GT5sl13t8QbOT/B2iImLySMYEEaNz0bC85sDwg
+ui8PE/eI5sYjjLgINJCBPQ9sys6lrqkKEcZZiKTR13Msq0uxBY5qNFFwASSBgEd
l+H6vwN4aRNU1M2UqR2HhnYQxmrJzUyN6Y5gZZ9MaDNdSlJmYvS4e+Bou6aSl9gP
sf3yu2R2Y8KidviiYjDZU/59my4dIMB34r9tmTAnb87CFHNF6ciHJQh4a+njAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpikdDmRoBp6VL6RBhs+hIX9B6tYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIzMTMyMmUzMTMwMzMyZTM2
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUZzwwDQYJKoZIhvcNAQELBQADggEBAEFAO7X/jM3bneXWR3zfkHwBe1jTgUZ7
sqcZUMcKeclglU00gqWguanSjUs8nsTTxOaKJ6/p2EY7MKuBkgJfdKf16tVMWhgA
nNtiHIOWYaZxhShcy+XFj5p4o2u6jhyU6DvW84Tr81crV2KCGc0djV2js8zqZoZy
I9lCCfydVoAuRRI3ufW4YkWUgDp45VZHgJPM9ItpJGhm+ehUudy7Eq3eHOkLI4HJ
zzaFATGR94IIcnajHFJP2jUHJvfFc4JHmjFego63s092LQQZ5jOBHDoWFrNkN2tx
3OgLbY1gD6a0pxVep4v/0Q+/VFDRhn6NA1D5Oq5wzLm2awBrBMvQedw=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org