Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
File: 33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: cg04r84SRNTLG6Z7BBeaXcdPAn1JoGw8A1qxG8Qi6Y8=
Subject key identifier: 51:0B:A5:23:7C:D0:13:9A:98:62:3C:A1:2A:39:E9:F9:FB:C3:66:C9
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3145AD64BF92CF03C9EAAAA88C64D0775717478F
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 30 Jul 2024 14:04:28 +0000
ROA not before: Tue 30 Jul 2024 13:59:28 +0000
ROA not after: Tue 29 Jul 2025 14:04:28 +0000
asID: 209854
IP address blocks: 31.169.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:45:ad:64:bf:92:cf:03:c9:ea:aa:a8:8c:64:d0:77:57:17:47:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jul 30 13:59:28 2024 GMT
Not After : Jul 29 14:04:28 2025 GMT
Subject: CN=510BA5237CD0139A98623CA12A39E9F9FBC366C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ac:48:56:a0:2f:fa:dd:96:8b:fa:0c:86:82:
61:04:69:b5:5f:2e:ef:0c:39:d9:aa:65:50:c5:5e:
4d:00:c8:53:32:8a:d9:05:d6:22:e5:35:d1:0e:a1:
f7:75:15:c8:69:8d:16:e9:36:99:43:68:f0:58:49:
9d:60:b9:20:02:b2:a4:9f:7a:e4:ee:00:c8:96:e5:
0f:1c:c5:59:2f:31:b5:c9:25:9e:80:f7:19:74:84:
ed:06:27:15:ce:b7:58:46:40:1c:31:b5:15:a5:c3:
bd:a9:64:26:14:66:a6:98:80:34:aa:1a:03:32:de:
ac:7b:b3:30:2e:a8:fd:ce:08:dc:ab:03:08:36:25:
81:3c:2d:d7:41:0c:51:96:a0:6f:86:62:6b:cf:9b:
7b:bf:6b:97:86:16:de:f3:fe:6b:e8:b0:57:83:09:
59:b4:91:8a:80:3e:6f:db:15:a6:ce:29:6a:be:f5:
8f:ae:ad:85:e9:8f:02:b0:1e:31:62:f1:68:6c:90:
e5:c0:8b:43:3b:8d:fc:f5:e3:ba:04:4c:e1:e2:0a:
01:a0:8b:44:96:54:49:4e:b2:93:a5:8e:16:4d:1b:
80:c5:2a:de:dc:67:b9:49:cc:7b:d6:a3:a3:13:16:
3f:d3:81:b9:de:00:2e:07:8f:9d:75:2a:9b:79:11:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0B:A5:23:7C:D0:13:9A:98:62:3C:A1:2A:39:E9:F9:FB:C3:66:C9
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.123.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6b:29:f4:40:35:00:48:dd:fb:80:20:84:93:7f:a2:a1:f8:
2e:89:4d:3e:32:39:18:55:3c:23:32:92:e1:72:48:ed:cb:77:
5e:90:95:c3:fd:6c:43:99:1c:fb:5b:bd:c0:6f:11:4a:a6:7f:
68:c4:37:93:a7:86:5d:3d:61:f8:ab:d6:e9:70:e7:b1:23:05:
97:41:f4:72:8e:1f:80:01:43:58:7e:53:37:38:ba:0a:bd:d9:
51:4f:a5:b2:23:d0:fb:18:55:48:bd:bd:61:c1:9d:9e:15:b3:
c7:98:da:1e:65:f7:e5:01:9c:6c:a4:fa:46:74:41:00:f3:68:
e1:65:d5:00:40:59:9c:11:6b:f6:bd:2b:77:d3:d5:7d:2e:b1:
c0:be:9c:cc:52:28:dc:28:2b:35:f3:51:b7:e7:bd:f3:f3:28:
9d:aa:94:24:c4:4b:38:b5:e9:b0:37:67:c2:d1:14:60:60:e4:
a2:13:04:94:7d:83:1a:0d:4f:ac:ae:ac:ee:8c:8e:84:92:cd:
9f:cc:cb:a9:5e:49:8e:b6:c9:6a:b6:2c:3f:bc:49:c5:4b:b3:
8b:25:4b:fc:01:57:dd:bf:06:da:fe:ed:44:e3:ae:35:0c:1e:
28:18:d2:ae:47:fe:ed:93:4d:0f:1e:7b:0e:c6:5f:a7:e3:e8:
d6:9c:95:36
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMUWtZL+SzwPJ6qqojGTQd1cXR48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA3MzAxMzU5MjhaFw0yNTA3MjkxNDA0MjhaMDMxMTAvBgNV
BAMTKDUxMEJBNTIzN0NEMDEzOUE5ODYyM0NBMTJBMzlFOUY5RkJDMzY2QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPrEhWoC/63ZaL+gyGgmEEabVf
Lu8MOdmqZVDFXk0AyFMyitkF1iLlNdEOofd1FchpjRbpNplDaPBYSZ1guSACsqSf
euTuAMiW5Q8cxVkvMbXJJZ6A9xl0hO0GJxXOt1hGQBwxtRWlw72pZCYUZqaYgDSq
GgMy3qx7szAuqP3OCNyrAwg2JYE8LddBDFGWoG+GYmvPm3u/a5eGFt7z/mvosFeD
CVm0kYqAPm/bFabOKWq+9Y+urYXpjwKwHjFi8WhskOXAi0M7jfz147oETOHiCgGg
i0SWVElOspOljhZNG4DFKt7cZ7lJzHvWo6MTFj/TgbneAC4Hj511Kpt5EYsHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUQulI3zQE5qYYjyhKjnp+fvDZskwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzMzMTJlMzEzNjM5MmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzODM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfqXswDQYJKoZIhvcNAQELBQADggEBAIxrKfRANQBI3fuAIISTf6Kh+C6JTT4y
ORhVPCMykuFySO3Ld16QlcP9bEOZHPtbvcBvEUqmf2jEN5Onhl09Yfir1ulw57Ej
BZdB9HKOH4ABQ1h+Uzc4ugq92VFPpbIj0PsYVUi9vWHBnZ4Vs8eY2h5l9+UBnGyk
+kZ0QQDzaOFl1QBAWZwRa/a9K3fT1X0uscC+nMxSKNwoKzXzUbfnvfPzKJ2qlCTE
Szi16bA3Z8LRFGBg5KITBJR9gxoNT6yurO6MjoSSzZ/My6leSY62yWq2LD+8ScVL
s4slS/wBV92/Btr+7UTjrjUMHigY0q5H/u2TTQ8eew7GX6fj6NaclTY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org