Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/33312e32342e38342e302f32342d3234203d3e20313336373837.roa
File: 33312e32342e38342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +xv4HQvE2izBfWSwUxF6zCYpXi1N3jphq4kcXafcSys=
Subject key identifier: D5:22:14:FD:44:E4:C3:D6:A2:52:AB:BD:0A:3A:62:C4:80:7B:18:7D
Certificate issuer: /CN=5a2f2699ba5359ea7f3702c46d4a048219e1a64b
Certificate serial: 63A2F5F338F4B0A79E4BEBF6D914FC3FDAF2C441
Authority key identifier: 5A:2F:26:99:BA:53:59:EA:7F:37:02:C4:6D:4A:04:82:19:E1:A6:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wi8mmbpTWep_NwLEbUoEghnhpks.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/33312e32342e38342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Mar 2024 09:15:59 +0000
ROA not before: Thu 21 Mar 2024 09:10:59 +0000
ROA not after: Thu 20 Mar 2025 09:15:59 +0000
asID: 136787
IP address blocks: 31.24.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/5A2F2699BA5359EA7F3702C46D4A048219E1A64B.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/5A2F2699BA5359EA7F3702C46D4A048219E1A64B.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wi8mmbpTWep_NwLEbUoEghnhpks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:a2:f5:f3:38:f4:b0:a7:9e:4b:eb:f6:d9:14:fc:3f:da:f2:c4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a2f2699ba5359ea7f3702c46d4a048219e1a64b
Validity
Not Before: Mar 21 09:10:59 2024 GMT
Not After : Mar 20 09:15:59 2025 GMT
Subject: CN=D52214FD44E4C3D6A252ABBD0A3A62C4807B187D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:f7:49:c3:16:7d:bf:1e:0e:f3:cb:40:47:
db:30:9a:81:69:77:b8:54:a9:c3:c5:0f:d5:10:fe:
a9:87:fb:47:cc:51:3c:39:56:f1:b7:f1:dd:51:14:
56:9b:03:2e:0f:28:a3:ea:c2:62:31:86:79:a8:7c:
ec:f9:65:25:1a:ea:87:d5:59:ed:bf:6e:44:37:29:
83:15:d6:97:72:b0:38:ef:23:4a:d9:1a:3a:45:4a:
55:9c:b7:38:8d:6c:b3:b4:ca:d2:ce:f2:81:1b:21:
9f:57:12:c9:05:3a:0b:ea:bf:33:39:bc:02:3c:05:
8c:32:29:18:4e:4c:ff:da:e6:66:3f:bf:0d:0e:bd:
a7:00:44:01:49:6c:31:5a:3f:a3:73:0b:02:38:ec:
73:8e:05:96:97:4e:63:9d:de:3f:31:db:69:3c:ed:
23:f7:43:19:fe:2c:20:11:08:9c:77:b4:02:8d:63:
89:ce:0e:dd:b4:2f:02:c1:0b:02:38:fc:27:67:8f:
97:c5:3f:96:75:26:39:30:ae:9e:c3:e5:21:b4:03:
0e:27:66:49:30:2d:82:c6:56:01:49:89:7c:db:00:
01:05:ce:7a:4a:d0:f4:09:5a:f6:ab:62:00:ce:d0:
9a:c4:9a:90:78:25:b1:fe:34:f9:a9:93:ed:34:dc:
e9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:22:14:FD:44:E4:C3:D6:A2:52:AB:BD:0A:3A:62:C4:80:7B:18:7D
X509v3 Authority Key Identifier:
keyid:5A:2F:26:99:BA:53:59:EA:7F:37:02:C4:6D:4A:04:82:19:E1:A6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/5A2F2699BA5359EA7F3702C46D4A048219E1A64B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wi8mmbpTWep_NwLEbUoEghnhpks.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/211/33312e32342e38342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.84.0/24
Signature Algorithm: sha256WithRSAEncryption
87:aa:d5:5f:7f:a6:88:f1:ce:08:4f:e3:fa:82:8a:8d:44:17:
fd:2c:46:69:52:8b:d4:c3:25:e6:6d:12:8b:3e:92:95:a6:e4:
72:e9:6b:66:14:13:37:99:3d:2d:6a:7e:f0:41:49:34:92:bf:
8c:dc:8e:d5:e2:87:51:ae:5a:2c:a9:4d:4c:f2:6f:2d:9b:3e:
f3:35:b7:7f:b2:8b:6b:4e:35:b2:14:00:ab:13:31:55:70:ff:
fd:7a:2c:e8:06:69:e1:ce:96:01:88:b1:54:9c:85:53:8a:14:
ce:35:e8:82:d5:53:f4:b9:66:94:e2:72:c0:5d:32:8a:be:7c:
a4:37:d4:e8:4d:21:3d:ad:d5:04:a1:44:d4:46:9a:8c:9f:5d:
4c:dc:88:5c:bf:7f:26:a9:a9:1e:30:d6:5f:b3:64:f0:8f:46:
35:a2:45:2e:79:47:ad:31:a4:39:a6:20:8d:f2:df:88:33:9b:
be:c5:eb:ce:7a:24:9c:66:07:b4:2e:f8:94:de:81:cf:d2:13:
1a:7f:b9:1d:6d:ea:bd:a9:2d:f2:a5:37:06:de:aa:98:fe:44:
93:29:40:0a:b1:27:f2:5a:5a:54:ab:33:c4:a8:33:ff:4d:70:
c3:29:37:8e:5f:77:cb:91:19:20:38:aa:08:be:df:c3:ab:b4:
d9:8c:92:88
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUY6L18zj0sKeeS+v22RT8P9ryxEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWEyZjI2OTliYTUzNTllYTdmMzcwMmM0NmQ0YTA0ODIx
OWUxYTY0YjAeFw0yNDAzMjEwOTEwNTlaFw0yNTAzMjAwOTE1NTlaMDMxMTAvBgNV
BAMTKEQ1MjIxNEZENDRFNEMzRDZBMjUyQUJCRDBBM0E2MkM0ODA3QjE4N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCh/dJwxZ9vx4O88tAR9swmoFp
d7hUqcPFD9UQ/qmH+0fMUTw5VvG38d1RFFabAy4PKKPqwmIxhnmofOz5ZSUa6ofV
We2/bkQ3KYMV1pdysDjvI0rZGjpFSlWctziNbLO0ytLO8oEbIZ9XEskFOgvqvzM5
vAI8BYwyKRhOTP/a5mY/vw0OvacARAFJbDFaP6NzCwI47HOOBZaXTmOd3j8x22k8
7SP3Qxn+LCARCJx3tAKNY4nODt20LwLBCwI4/Cdnj5fFP5Z1Jjkwrp7D5SG0Aw4n
ZkkwLYLGVgFJiXzbAAEFznpK0PQJWvarYgDO0JrEmpB4JbH+NPmpk+003Om9AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU1SIU/UTkw9aiUqu9CjpixIB7GH0wHwYDVR0j
BBgwFoAUWi8mmbpTWep/NwLEbUoEghnhpkswDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8yMTEvNUEyRjI2OTlCQTUzNTlFQTdGMzcwMkM0NkQ0QTA0ODIxOUUxQTY0
Qi5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1dpOG1tYnBUV2VwX053TEViVW9F
Z2huaHBrcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIxMS8zMzMxMmUzMjM0MmUz
ODM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAHxhUMA0GCSqGSIb3DQEBCwUAA4IBAQCHqtVff6aI8c4IT+P6goqNRBf9LEZp
UovUwyXmbRKLPpKVpuRy6WtmFBM3mT0tan7wQUk0kr+M3I7V4odRrlosqU1M8m8t
mz7zNbd/sotrTjWyFACrEzFVcP/9eizoBmnhzpYBiLFUnIVTihTONeiC1VP0uWaU
4nLAXTKKvnykN9ToTSE9rdUEoUTURpqMn11M3Ihcv38mqakeMNZfs2Twj0Y1okUu
eUetMaQ5piCN8t+IM5u+xevOeiScZge0LviU3oHP0hMaf7kdbeq9qS3ypTcG3qqY
/kSTKUAKsSfyWlpUqzPEqDP/TXDDKTeOX3fLkRkgOKoIvt/Dq7TZjJKI
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org