Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132312e302f32342d3234203d3e20323039383534.roa
File: 33312e3136392e3132312e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: epJOBhBASO5tEYKLpu7JbFi2E6smsZWSUUfkLc22X8Y=
Subject key identifier: 20:87:13:79:EA:44:B5:62:0F:3C:AF:93:43:AD:0A:CB:59:9F:65:4C
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 570441415EE7D0DC103262DF7B9DB4765ED52402
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132312e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 29 Aug 2023 13:32:02 +0000
ROA not before: Tue 29 Aug 2023 13:27:02 +0000
ROA not after: Tue 27 Aug 2024 13:32:02 +0000
asID: 209854
IP address blocks: 31.169.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:04:41:41:5e:e7:d0:dc:10:32:62:df:7b:9d:b4:76:5e:d5:24:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 29 13:27:02 2023 GMT
Not After : Aug 27 13:32:02 2024 GMT
Subject: CN=20871379EA44B5620F3CAF9343AD0ACB599F654C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:6d:43:39:fa:da:ff:86:97:00:d4:d5:13:
ab:5a:1f:59:2a:27:b6:88:c2:29:17:4a:d0:b9:6b:
ec:b4:a0:bf:8f:c3:5f:54:e8:63:ec:39:5d:09:0b:
73:4c:fb:7d:19:40:91:4f:8e:61:b6:b8:36:4e:36:
37:e8:ad:11:06:7e:77:ad:c5:40:41:dd:58:47:31:
6d:6a:d7:b8:12:15:57:0c:b0:ad:31:e4:93:a9:5a:
c1:68:8d:3d:80:76:54:2b:fd:77:a5:63:73:6b:f6:
c2:a7:ab:b9:87:f0:21:bf:5c:a0:6a:22:4b:30:2e:
5a:7d:cb:a5:49:91:19:2d:bc:7f:b9:de:a4:d1:09:
79:c8:e2:c1:bc:81:14:1d:03:76:4f:9d:65:41:75:
53:31:5b:cb:89:1e:02:4d:fc:56:64:62:37:cf:fd:
b3:4a:92:41:46:a9:09:01:c2:e9:c8:02:de:9f:7a:
a1:90:ba:6c:86:e8:c8:97:e2:be:4c:e6:2f:89:36:
ed:d6:d4:5f:1b:80:7b:24:67:e8:af:10:54:8b:8c:
b7:f4:6c:83:4b:5f:96:c2:4b:9c:bc:bc:db:1e:68:
ed:40:dd:25:7d:eb:ca:99:be:59:50:15:4a:a6:94:
29:4c:57:de:10:a8:1a:45:bb:e6:4e:ab:9c:9d:1a:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:87:13:79:EA:44:B5:62:0F:3C:AF:93:43:AD:0A:CB:59:9F:65:4C
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132312e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.121.0/24
Signature Algorithm: sha256WithRSAEncryption
62:8e:3b:bd:c5:87:c9:02:00:2f:b7:43:8b:b7:4b:1b:49:2b:
55:9b:8f:dc:0c:5c:be:ee:fb:57:70:17:c7:40:f4:25:47:94:
fb:92:4d:56:16:c3:bc:8f:35:99:25:51:b0:63:92:a4:28:d2:
55:74:02:a8:51:ce:0b:50:08:4b:5f:12:cc:7a:b0:81:41:ff:
cf:87:7c:38:e9:1b:ff:65:20:50:1f:31:e0:d5:ac:9e:41:fa:
0b:a2:51:a0:a9:a5:90:c8:90:e9:a0:fb:c8:d2:f2:7b:3c:12:
fd:54:68:ca:92:15:a2:b7:75:56:c0:3f:75:e7:0d:ba:b3:c0:
35:9f:54:c6:36:61:a6:3c:d0:69:e5:4d:b4:63:50:94:78:ec:
9c:a0:67:62:55:df:1b:2b:46:99:43:c4:c7:bd:78:09:6e:c5:
ce:23:ef:10:a5:92:85:dc:01:47:6c:8d:09:0b:75:60:5f:0f:
f0:5a:2e:6e:e7:c1:0f:4f:4d:96:fc:ad:f2:c1:52:43:15:6d:
9d:9f:59:c0:4a:0e:c6:c2:25:cf:c7:8b:db:93:77:97:b5:ed:
fd:9a:a8:40:8e:ab:0b:a3:ff:72:e7:84:db:28:e1:84:a9:20:
65:e8:de:c5:f9:90:4b:f6:31:3b:8d:bb:c2:40:91:5d:2e:4d:
fc:fe:2a:57
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVwRBQV7n0NwQMmLfe520dl7VJAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA4MjkxMzI3MDJaFw0yNDA4MjcxMzMyMDJaMDMxMTAvBgNV
BAMTKDIwODcxMzc5RUE0NEI1NjIwRjNDQUY5MzQzQUQwQUNCNTk5RjY1NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Y21DOfra/4aXANTVE6taH1kq
J7aIwikXStC5a+y0oL+Pw19U6GPsOV0JC3NM+30ZQJFPjmG2uDZONjforREGfnet
xUBB3VhHMW1q17gSFVcMsK0x5JOpWsFojT2AdlQr/XelY3Nr9sKnq7mH8CG/XKBq
IkswLlp9y6VJkRktvH+53qTRCXnI4sG8gRQdA3ZPnWVBdVMxW8uJHgJN/FZkYjfP
/bNKkkFGqQkBwunIAt6feqGQumyG6MiX4r5M5i+JNu3W1F8bgHskZ+ivEFSLjLf0
bINLX5bCS5y8vNseaO1A3SV968qZvllQFUqmlClMV94QqBpFu+ZOq5ydGhBvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIIcTeepEtWIPPK+TQ60Ky1mfZUwwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzMzMTJlMzEzNjM5MmUzMTMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzODM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfqXkwDQYJKoZIhvcNAQELBQADggEBAGKOO73Fh8kCAC+3Q4u3SxtJK1Wbj9wM
XL7u+1dwF8dA9CVHlPuSTVYWw7yPNZklUbBjkqQo0lV0AqhRzgtQCEtfEsx6sIFB
/8+HfDjpG/9lIFAfMeDVrJ5B+guiUaCppZDIkOmg+8jS8ns8Ev1UaMqSFaK3dVbA
P3XnDbqzwDWfVMY2YaY80GnlTbRjUJR47JygZ2JV3xsrRplDxMe9eAluxc4j7xCl
koXcAUdsjQkLdWBfD/BaLm7nwQ9PTZb8rfLBUkMVbZ2fWcBKDsbCJc/Hi9uTd5e1
7f2aqECOqwuj/3LnhNso4YSpIGXo3sX5kEv2MTuNu8JAkV0uTfz+Klc=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:25 2024 by rpki-client on console-fra.rpki-client.org