Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231352e302f32342d3234203d3e20313336373837.roa
File: 33312e34302e3231352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: P7lPxOgSmCIr0NclUvdErPXbAKbYxJ7JxAy338mDJyo=
Subject key identifier: 15:37:C2:58:4A:89:D1:83:13:3F:52:F2:FC:4F:53:86:90:67:7F:82
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 74556A9DCC8866125C24F713513FA6D3771191E6
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:18 +0000
ROA not before: Mon 01 Apr 2024 13:58:18 +0000
ROA not after: Mon 31 Mar 2025 14:03:18 +0000
asID: 136787
IP address blocks: 31.40.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:55:6a:9d:cc:88:66:12:5c:24:f7:13:51:3f:a6:d3:77:11:91:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 1 13:58:18 2024 GMT
Not After : Mar 31 14:03:18 2025 GMT
Subject: CN=1537C2584A89D183133F52F2FC4F538690677F82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1e:50:04:bd:42:e4:70:3f:a2:d1:a9:1a:e5:
1e:ad:3c:36:b0:f9:8f:7e:60:ed:f2:8b:05:df:84:
36:70:6b:6d:b0:63:d2:0b:7a:bb:85:90:de:25:2b:
5d:af:5d:1d:0f:5c:a2:80:6b:50:aa:de:2b:d3:6c:
61:ca:74:40:bc:ad:b7:b0:7d:a1:51:21:2f:69:6b:
63:08:ef:d3:7a:8a:07:d8:4c:b9:02:02:c6:b6:5d:
e1:be:83:0d:79:aa:21:9b:a2:3b:e3:98:bb:50:78:
7f:67:80:52:a1:6b:7d:28:41:32:d5:9f:96:5d:ef:
1e:46:7f:44:2b:f9:22:1b:75:c2:a3:40:84:cd:1a:
b7:78:1e:d5:7d:e3:86:0c:0b:31:6c:3d:a9:b8:c9:
ae:ae:8b:fd:e8:31:c8:c4:be:08:15:f1:b5:e3:2d:
b3:52:9d:a3:e5:77:f7:c7:7b:74:05:74:0d:13:03:
0a:a8:67:be:2f:b0:3c:d1:5a:ab:bd:89:02:fb:9f:
59:32:05:01:7b:9b:44:9f:c3:73:39:d5:31:67:2e:
03:49:fa:62:75:cb:ac:1e:40:21:2e:d0:4e:a1:85:
c7:60:c9:b9:01:46:59:7d:3a:19:b5:b9:1b:08:89:
8a:d0:95:60:3c:d8:97:1e:0d:03:e6:5d:87:bd:2f:
2d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:37:C2:58:4A:89:D1:83:13:3F:52:F2:FC:4F:53:86:90:67:7F:82
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/33312e34302e3231352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.215.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:56:66:7e:15:9e:25:b3:03:48:a7:82:1d:34:5b:ca:3b:d3:
4e:5d:a9:7f:3b:9b:12:72:ef:53:81:f2:3c:fb:2a:00:00:ec:
fa:dc:f9:82:66:2a:d1:4c:05:12:2b:c0:76:53:e3:74:c9:66:
4f:07:77:3a:2c:36:62:f5:54:2b:fe:01:80:be:9f:ee:b9:6f:
12:53:85:66:01:b2:6c:a3:1f:ea:2d:f7:10:b4:ae:21:e5:91:
d7:dc:6d:73:2c:aa:c5:94:72:7f:43:62:03:79:62:7c:53:0a:
02:f5:02:20:0a:c3:d3:a5:e8:43:aa:62:09:1f:9d:83:97:0a:
73:63:2a:01:39:63:bb:9b:bc:a2:34:e7:58:21:7e:12:aa:44:
ec:d2:ff:8c:b3:c7:f3:a9:e8:ba:b0:9c:a1:a7:14:aa:e4:c1:
26:30:1d:1d:dd:cb:4e:57:1d:4c:e9:b3:94:ea:10:92:cc:fd:
f7:1c:52:2b:7d:78:e5:c0:a5:c4:46:6a:0b:d6:57:a1:9f:dc:
db:87:a7:d6:5f:0f:8e:e1:53:af:ec:f7:35:66:12:cb:6f:88:
14:ed:11:a2:cf:a9:32:8a:36:6a:de:49:0a:79:bf:4c:07:78:
af:58:e4:44:75:c6:0d:0c:aa:7f:6b:44:0b:ea:8d:f1:70:ec:
7f:29:36:38
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdFVqncyIZhJcJPcTUT+m03cRkeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDA0MDExMzU4MThaFw0yNTAzMzExNDAzMThaMDMxMTAvBgNV
BAMTKDE1MzdDMjU4NEE4OUQxODMxMzNGNTJGMkZDNEY1Mzg2OTA2NzdGODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnHlAEvULkcD+i0aka5R6tPDaw
+Y9+YO3yiwXfhDZwa22wY9ILeruFkN4lK12vXR0PXKKAa1Cq3ivTbGHKdEC8rbew
faFRIS9pa2MI79N6igfYTLkCAsa2XeG+gw15qiGbojvjmLtQeH9ngFKha30oQTLV
n5Zd7x5Gf0Qr+SIbdcKjQITNGrd4HtV944YMCzFsPam4ya6ui/3oMcjEvggV8bXj
LbNSnaPld/fHe3QFdA0TAwqoZ74vsDzRWqu9iQL7n1kyBQF7m0Sfw3M51TFnLgNJ
+mJ1y6weQCEu0E6hhcdgybkBRll9Ohm1uRsIiYrQlWA82JceDQPmXYe9Ly05AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFTfCWEqJ0YMTP1Ly/E9ThpBnf4IwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzMzMTJlMzQzMDJlMzIzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
HyjXMA0GCSqGSIb3DQEBCwUAA4IBAQBrVmZ+FZ4lswNIp4IdNFvKO9NOXal/O5sS
cu9TgfI8+yoAAOz63PmCZirRTAUSK8B2U+N0yWZPB3c6LDZi9VQr/gGAvp/uuW8S
U4VmAbJsox/qLfcQtK4h5ZHX3G1zLKrFlHJ/Q2IDeWJ8UwoC9QIgCsPTpehDqmIJ
H52DlwpzYyoBOWO7m7yiNOdYIX4SqkTs0v+Ms8fzqei6sJyhpxSq5MEmMB0d3ctO
Vx1M6bOU6hCSzP33HFIrfXjlwKXERmoL1lehn9zbh6fWXw+O4VOv7Pc1ZhLLb4gU
7RGiz6kyijZq3kkKeb9MB3ivWOREdcYNDKp/a0QL6o3xcOx/KTY4
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:52 2024 by rpki-client on console-ams.rpki-client.org