Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231322e302f32342d3234203d3e20313336323538.roa
File: 33312e34302e3231322e302f32342d3234203d3e20313336323538.roa (raw, json)
Hash identifier: NidEmqZPRgpJoLDZ3jKWHfc9OhGO5gN0d2BQ/M7Am8U=
Subject key identifier: 32:B0:64:D6:92:3D:A1:AF:AA:16:07:0D:B5:CF:A1:6D:F6:DF:95:14
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 76FC99BAA9ECF5968D0E39FDE63A3C7A952889EE
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231322e302f32342d3234203d3e20313336323538.roa
Signing time: Mon 26 Feb 2024 08:52:56 +0000
ROA not before: Mon 26 Feb 2024 08:47:56 +0000
ROA not after: Mon 24 Feb 2025 08:52:56 +0000
asID: 136258
IP address blocks: 31.40.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:fc:99:ba:a9:ec:f5:96:8d:0e:39:fd:e6:3a:3c:7a:95:28:89:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:56 2024 GMT
Not After : Feb 24 08:52:56 2025 GMT
Subject: CN=32B064D6923DA1AFAA16070DB5CFA16DF6DF9514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:c9:af:aa:1b:89:cf:5b:68:38:7b:22:c2:
df:2a:56:66:56:ee:85:89:77:f3:36:2e:d5:9d:1c:
a2:c0:a1:70:7f:aa:e0:fd:cf:00:6f:4d:c7:7c:0f:
b2:00:e3:dc:19:19:86:7b:a2:ca:da:d6:af:18:fd:
7a:35:3a:a7:f8:72:12:38:e6:2a:38:04:ff:b2:c3:
42:ea:38:1b:d5:e3:ed:06:ce:86:0a:0b:68:b8:2a:
cf:52:ca:ae:0a:2c:58:3e:fa:c7:9f:3f:98:29:7e:
0b:57:3c:1a:c2:bf:07:dc:5d:de:b7:7a:96:9e:05:
7e:b3:00:bd:95:47:93:27:d6:5d:fe:31:52:12:65:
20:0d:16:f8:11:fc:46:fe:ca:cf:f3:ce:63:a6:97:
5b:c8:09:30:98:44:db:cc:a0:ea:f3:f3:d9:e7:78:
52:fd:f0:fb:6d:50:d2:a1:05:95:50:0b:df:50:af:
13:85:9d:97:78:5c:34:ae:0a:ba:1f:52:75:69:a9:
bd:eb:f8:92:e2:ff:81:21:ea:8a:28:29:53:c5:3c:
ae:c9:17:b4:ed:19:73:c9:0c:c6:d1:d7:0e:12:68:
2a:61:a0:42:72:17:44:d3:6d:e9:7f:dc:16:d9:d4:
7c:e5:f1:1b:7b:eb:8e:62:fd:0c:43:c1:85:df:d9:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B0:64:D6:92:3D:A1:AF:AA:16:07:0D:B5:CF:A1:6D:F6:DF:95:14
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231322e302f32342d3234203d3e20313336323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:96:1e:92:b7:56:1b:99:e7:83:1d:5c:01:a6:aa:a7:02:79:
96:d2:68:87:59:a1:ac:fc:37:e5:d0:c1:b5:17:f3:30:34:f2:
07:2f:0c:a1:20:a8:b4:f3:5e:e5:b7:e1:c3:06:d6:f2:4e:76:
54:08:16:44:f8:c8:8a:28:97:0f:96:ce:ff:c6:b2:21:c7:42:
60:6a:8b:85:4c:08:62:97:94:30:c4:1e:80:9b:b8:4f:bc:b8:
d7:c7:a9:c4:c2:d6:ea:3e:8f:3e:83:e7:8e:cb:d2:9e:20:6c:
a9:c1:44:dc:6f:ae:d4:06:84:c4:9e:df:98:f2:2b:db:ba:cf:
d2:d5:ca:f6:12:27:bf:31:17:3f:55:e8:91:8d:4c:6f:4c:33:
c5:5e:6b:5c:96:7d:13:13:81:4a:7c:fb:1a:46:99:8a:e1:96:
7d:47:f1:d0:b0:c7:63:fa:3b:29:6e:c9:ea:4b:88:0d:52:0c:
7c:e8:c6:89:af:dd:fc:a9:ff:77:ff:80:3d:e6:dc:b3:47:d1:
e1:64:3c:c0:4e:a8:bb:23:a5:2a:42:2e:4d:eb:db:22:65:b7:
56:fe:ea:9b:8d:0f:89:86:ab:7e:48:47:e8:ff:1c:fa:08:3b:
bd:92:01:3a:be:a8:de:88:2b:35:24:95:9d:05:08:7a:a9:53:
61:81:88:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdvyZuqns9ZaNDjn95jo8epUoie4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTZaFw0yNTAyMjQwODUyNTZaMDMxMTAvBgNV
BAMTKDMyQjA2NEQ2OTIzREExQUZBQTE2MDcwREI1Q0ZBMTZERjZERjk1MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5W8mvqhuJz1toOHsiwt8qVmZW
7oWJd/M2LtWdHKLAoXB/quD9zwBvTcd8D7IA49wZGYZ7osra1q8Y/Xo1Oqf4chI4
5io4BP+yw0LqOBvV4+0GzoYKC2i4Ks9Syq4KLFg++sefP5gpfgtXPBrCvwfcXd63
epaeBX6zAL2VR5Mn1l3+MVISZSANFvgR/Eb+ys/zzmOml1vICTCYRNvMoOrz89nn
eFL98PttUNKhBZVQC99QrxOFnZd4XDSuCrofUnVpqb3r+JLi/4Eh6oooKVPFPK7J
F7TtGXPJDMbR1w4SaCphoEJyF0TTbel/3BbZ1Hzl8Rt7645i/QxDwYXf2Za3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMrBk1pI9oa+qFgcNtc+hbfbflRQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzMzMTJlMzQzMDJlMzIzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzIzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HyjUMA0GCSqGSIb3DQEBCwUAA4IBAQANlh6St1YbmeeDHVwBpqqnAnmW0miHWaGs
/Dfl0MG1F/MwNPIHLwyhIKi0817lt+HDBtbyTnZUCBZE+MiKKJcPls7/xrIhx0Jg
aouFTAhil5QwxB6Am7hPvLjXx6nEwtbqPo8+g+eOy9KeIGypwUTcb67UBoTEnt+Y
8ivbus/S1cr2Eie/MRc/VeiRjUxvTDPFXmtcln0TE4FKfPsaRpmK4ZZ9R/HQsMdj
+jspbsnqS4gNUgx86MaJr938qf93/4A95tyzR9HhZDzATqi7I6UqQi5N69siZbdW
/uqbjQ+Jhqt+SEfo/xz6CDu9kgE6vqjeiCs1JJWdBQh6qVNhgYjw
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org