Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231332e302f32342d3234203d3e20313336373837.roa
File: 33312e34302e3231332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 5cvfXXi9FE6FMykuCq02Te3ipi/jvl4CY7K9NaamH+c=
Subject key identifier: C5:C9:5D:7A:5D:2E:F7:0D:6C:27:F0:F7:3B:95:C7:76:F5:71:A4:E4
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 5F2198875CE10631DB575B5B1DE8B097CA418827
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:17 +0000
ROA not before: Mon 01 Apr 2024 13:58:17 +0000
ROA not after: Mon 31 Mar 2025 14:03:17 +0000
asID: 136787
IP address blocks: 31.40.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:21:98:87:5c:e1:06:31:db:57:5b:5b:1d:e8:b0:97:ca:41:88:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:17 2024 GMT
Not After : Mar 31 14:03:17 2025 GMT
Subject: CN=C5C95D7A5D2EF70D6C27F0F73B95C776F571A4E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1e:d7:92:9e:38:f3:27:cf:65:34:fd:99:a7:
43:c0:7f:73:5d:fe:f4:fc:90:79:58:af:af:19:09:
e9:0c:c7:49:93:fe:55:45:43:dd:f2:cd:15:ca:78:
51:eb:cb:2d:39:4d:44:b7:66:32:88:ae:e9:9e:94:
74:5e:d7:51:de:01:9c:b2:1c:b6:73:08:2a:3e:9f:
41:ce:6c:52:0a:45:cf:0b:66:df:3b:bf:41:a0:dd:
e8:a6:2d:91:7f:e0:da:4d:5c:26:88:0d:f4:40:45:
e9:1c:08:a6:7c:e6:71:2d:e3:1c:5d:62:51:ed:dd:
17:39:d4:b0:35:f9:51:b5:f7:b4:6b:81:78:7f:e3:
64:1a:1b:cf:01:c1:b0:96:d9:9e:e3:20:0a:4b:c1:
33:c4:9a:01:b5:c2:ce:aa:72:68:82:fd:0d:06:e7:
2c:f3:ca:86:fd:fc:d7:5d:4b:bf:88:d4:f9:99:88:
7a:cd:c0:28:bd:3a:62:39:7f:e2:96:8a:22:f5:c6:
c5:30:95:9b:8e:d7:b4:12:f0:34:97:19:46:7a:af:
ca:e9:83:4d:1a:df:4b:21:53:0c:13:e5:7c:ca:06:
15:41:a1:4e:64:d6:09:62:38:2c:e9:29:c5:c5:bd:
76:b2:63:96:8a:b5:0f:42:8b:09:7a:cb:c1:84:21:
c4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C9:5D:7A:5D:2E:F7:0D:6C:27:F0:F7:3B:95:C7:76:F5:71:A4:E4
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.213.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:8e:d7:aa:9e:a2:70:dc:f8:3b:e2:5c:88:94:d6:67:d1:2d:
7f:ce:e9:a3:6c:9d:84:c4:ee:61:02:06:7c:de:2e:b1:70:85:
7c:58:9a:50:71:02:8f:d2:0c:03:1b:c5:c6:07:66:65:e2:e7:
38:d8:29:de:3a:f4:bc:36:12:ac:18:db:a4:95:d6:e1:b2:66:
2d:41:89:fe:9c:46:41:95:2a:d0:25:1e:76:53:18:e3:72:21:
9c:bd:24:16:70:1c:ff:5c:ba:ed:b3:21:99:16:62:dd:2e:60:
8a:64:1d:b8:63:dc:f0:bf:a0:90:c5:5b:02:07:1c:be:51:c4:
00:23:ca:fe:42:ea:87:30:8d:70:8b:ff:bb:a7:3d:4d:27:ae:
ea:e5:83:06:ba:7c:58:6a:a4:a1:35:ca:59:bb:8b:0b:70:06:
a0:5e:12:e4:7e:c1:fd:6a:69:fb:fb:67:04:96:c3:83:e5:19:
7e:c5:45:a0:1c:54:cb:f7:0e:5a:7a:62:84:61:07:b7:94:2c:
09:9f:5d:1b:77:5d:74:c5:3d:73:39:83:10:4f:e6:57:11:04:
f0:29:c7:86:ea:dd:1b:03:dc:95:25:ed:ff:23:e3:85:10:0d:
23:7c:62:f3:92:35:cb:28:ed:84:3d:9b:ae:11:69:90:a0:a5:
1f:9e:ce:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXyGYh1zhBjHbV1tbHeiwl8pBiCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MTdaFw0yNTAzMzExNDAzMTdaMDMxMTAvBgNV
BAMTKEM1Qzk1RDdBNUQyRUY3MEQ2QzI3RjBGNzNCOTVDNzc2RjU3MUE0RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVHteSnjjzJ89lNP2Zp0PAf3Nd
/vT8kHlYr68ZCekMx0mT/lVFQ93yzRXKeFHryy05TUS3ZjKIrumelHRe11HeAZyy
HLZzCCo+n0HObFIKRc8LZt87v0Gg3eimLZF/4NpNXCaIDfRARekcCKZ85nEt4xxd
YlHt3Rc51LA1+VG197RrgXh/42QaG88BwbCW2Z7jIApLwTPEmgG1ws6qcmiC/Q0G
5yzzyob9/NddS7+I1PmZiHrNwCi9OmI5f+KWiiL1xsUwlZuO17QS8DSXGUZ6r8rp
g00a30shUwwT5XzKBhVBoU5k1gliOCzpKcXFvXayY5aKtQ9Ciwl6y8GEIcStAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxcldel0u9w1sJ/D3O5XHdvVxpOQwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzMzMTJlMzQzMDJlMzIzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HyjVMA0GCSqGSIb3DQEBCwUAA4IBAQBdjteqnqJw3Pg74lyIlNZn0S1/zumjbJ2E
xO5hAgZ83i6xcIV8WJpQcQKP0gwDG8XGB2Zl4uc42CneOvS8NhKsGNukldbhsmYt
QYn+nEZBlSrQJR52UxjjciGcvSQWcBz/XLrtsyGZFmLdLmCKZB24Y9zwv6CQxVsC
Bxy+UcQAI8r+QuqHMI1wi/+7pz1NJ67q5YMGunxYaqShNcpZu4sLcAagXhLkfsH9
amn7+2cElsOD5Rl+xUWgHFTL9w5aemKEYQe3lCwJn10bd110xT1zOYMQT+ZXEQTw
KceG6t0bA9yVJe3/I+OFEA0jfGLzkjXLKO2EPZuuEWmQoKUfns7m
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org