Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
File: 3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: iWl5+GsMKPUiMiICH65TUjB65N5F2gj4L1b1CRdHiLw=
Subject key identifier: 24:A1:85:C7:45:39:D0:FB:04:59:E4:C1:79:0B:9B:24:48:8C:CE:73
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 84DB1C89DCDC6CEACE25110AB41529210C69
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
Signing time: Wed 27 Dec 2023 14:45:52 +0000
ROA not before: Wed 27 Dec 2023 14:40:52 +0000
ROA not after: Wed 25 Dec 2024 14:45:52 +0000
asID: 62240
IP address blocks: 213.109.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
84:db:1c:89:dc:dc:6c:ea:ce:25:11:0a:b4:15:29:21:0c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Dec 27 14:40:52 2023 GMT
Not After : Dec 25 14:45:52 2024 GMT
Subject: CN=24A185C74539D0FB0459E4C1790B9B24488CCE73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:10:62:2c:6e:96:d2:12:3c:e1:e3:aa:83:
0f:68:69:a4:0b:34:dd:4c:55:e5:c9:82:de:32:4e:
c0:e7:37:02:34:38:24:c9:6a:91:78:0f:d3:6f:96:
d5:5f:56:13:eb:e9:c6:9b:17:2d:b0:39:f2:c8:4e:
6c:59:be:4f:96:13:d4:f9:b6:d8:64:e8:a0:ad:65:
06:e2:5c:69:94:a9:aa:4f:2c:97:5f:f5:20:29:55:
1c:17:81:75:b3:51:56:b1:ea:97:1b:db:80:0f:98:
d6:8e:07:9b:27:10:76:48:64:49:91:15:60:d1:c1:
82:c6:e5:70:eb:e8:08:b1:03:ee:b1:e7:3f:d9:01:
bd:d0:ba:da:4a:a9:0d:6b:e4:d7:e0:7e:6b:72:45:
84:b5:06:5f:d7:fd:9d:88:c4:12:66:f3:6a:a9:ff:
00:93:3b:26:b9:ca:17:f5:78:27:cd:e8:e5:cb:6d:
16:8f:1a:a9:4d:02:ac:66:af:74:73:00:f5:0a:8b:
b9:a7:d5:d6:69:64:c0:ec:a3:21:dd:4b:e9:2e:58:
69:ec:50:5d:61:70:c2:c4:6c:78:9b:44:d5:ae:ca:
ee:bf:a1:1a:83:19:91:74:c5:b3:fd:58:b1:40:23:
cb:c8:5f:e4:9f:46:df:32:d6:f6:1c:c9:af:57:33:
2c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A1:85:C7:45:39:D0:FB:04:59:E4:C1:79:0B:9B:24:48:8C:CE:73
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
86:31:e0:17:a1:ab:2f:52:b6:0c:82:d4:07:ba:74:1c:18:0e:
17:05:93:df:cf:cd:7f:18:dd:73:fe:31:ea:bc:aa:6b:dc:37:
9d:b8:fe:32:4c:75:77:60:28:55:da:0d:c1:64:39:fb:73:42:
f0:02:92:64:f4:63:59:c7:37:e8:be:5e:01:26:2f:ec:80:0c:
6b:6e:dc:a0:df:a6:a7:08:d8:e6:2e:b4:6d:54:bd:e5:8d:0b:
d7:19:82:55:74:c8:b0:8e:09:43:35:b0:e3:da:66:c4:e1:ec:
3b:2c:9f:f1:ee:c4:e6:13:cc:d7:48:ca:cf:c5:5d:4e:04:59:
28:4c:55:f3:e5:eb:df:16:d0:8b:93:83:71:83:fb:36:ce:4f:
65:90:57:7a:17:97:ec:79:cc:d3:b8:a5:1a:20:e3:f7:b3:28:
99:26:eb:95:c9:ab:80:dd:2a:64:7e:94:89:17:7c:8a:40:db:
92:8d:f5:de:17:e9:72:17:53:0f:3b:2e:21:86:25:45:a5:7e:
d8:49:85:11:53:a9:e2:6b:60:a1:f9:bc:b2:1e:0a:81:5b:f3:
7b:b3:11:97:44:97:03:51:7c:03:1b:4a:79:37:fe:6a:01:c6:
21:ce:3f:f4:7a:c3:8e:65:d4:b8:b5:08:06:78:5f:bb:7a:d9:
ec:25:1c:13
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITAITbHInc3GzqziURCrQVKSEMaTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygxMmMyYTgzNTQ2ODlhZWMyYTc0ZmNhMTQ5NDQ5Mjc2MjFi
YTI3Yzk0MB4XDTIzMTIyNzE0NDA1MloXDTI0MTIyNTE0NDU1MlowMzExMC8GA1UE
AxMoMjRBMTg1Qzc0NTM5RDBGQjA0NTlFNEMxNzkwQjlCMjQ0ODhDQ0U3MzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBrEGIsbpbSEjzh46qDD2hppAs0
3UxV5cmC3jJOwOc3AjQ4JMlqkXgP02+W1V9WE+vpxpsXLbA58shObFm+T5YT1Pm2
2GTooK1lBuJcaZSpqk8sl1/1IClVHBeBdbNRVrHqlxvbgA+Y1o4HmycQdkhkSZEV
YNHBgsblcOvoCLED7rHnP9kBvdC62kqpDWvk1+B+a3JFhLUGX9f9nYjEEmbzaqn/
AJM7JrnKF/V4J83o5cttFo8aqU0CrGavdHMA9QqLuafV1mlkwOyjId1L6S5YaexQ
XWFwwsRseJtE1a7K7r+hGoMZkXTFs/1YsUAjy8hf5J9G3zLW9hzJr1czLD0CAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBQkoYXHRTnQ+wRZ5MF5C5skSIzOczAfBgNVHSME
GDAWgBQSwqg1RomuwqdPyhSUSSdiG6J8lDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5
YWYvNy8xMkMyQTgzNTQ2ODlBRUMyQTc0RkNBMTQ5NDQ5Mjc2MjFCQTI3Qzk0LmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRXNLb05VYUpyc0tuVDhvVWxFa25ZaHVp
ZkpRLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02
N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvNy8zMjMxMzMyZTMxMzAzOTJlMzIz
MDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMjMyMzQzMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANVtyDANBgkqhkiG9w0BAQsFAAOCAQEAhjHgF6GrL1K2DILUB7p0HBgOFwWT38/N
fxjdc/4x6ryqa9w3nbj+Mkx1d2AoVdoNwWQ5+3NC8AKSZPRjWcc36L5eASYv7IAM
a27coN+mpwjY5i60bVS95Y0L1xmCVXTIsI4JQzWw49pmxOHsOyyf8e7E5hPM10jK
z8VdTgRZKExV8+Xr3xbQi5ODcYP7Ns5PZZBXeheX7HnM07ilGiDj97MomSbrlcmr
gN0qZH6UiRd8ikDbko313hfpchdTDzsuIYYlRaV+2EmFEVOp4mtgofm8sh4KgVvz
e7MRl0SXA1F8AxtKeTf+agHGIc4/9HrDjmXUuLUIBnhfu3rZ7CUcEw==
-----END CERTIFICATE-----
Generated at Sun May 5 03:54:06 2024 by rpki-client on console-fra.rpki-client.org