Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
File: 33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: s4x0m6mlq4hdba4MFEpoQ18T4UzpbECVvfvqjSnCs2o=
Subject key identifier: 94:41:88:CA:89:51:00:28:96:0E:50:07:C9:43:E7:69:A7:33:6D:DB
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 264FEB4DD47FE306F5703145983AAA5BF2AEB935
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 29 Aug 2023 13:32:14 +0000
ROA not before: Tue 29 Aug 2023 13:27:14 +0000
ROA not after: Tue 27 Aug 2024 13:32:14 +0000
asID: 209854
IP address blocks: 31.169.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:4f:eb:4d:d4:7f:e3:06:f5:70:31:45:98:3a:aa:5b:f2:ae:b9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Aug 29 13:27:14 2023 GMT
Not After : Aug 27 13:32:14 2024 GMT
Subject: CN=944188CA89510028960E5007C943E769A7336DDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:50:05:87:5a:c9:94:81:38:ae:8f:60:99:
0a:5c:c3:21:d2:dd:f2:8c:ab:5d:81:74:2a:22:3b:
a9:d1:d4:4f:7c:a8:47:1f:bb:c6:81:92:f3:ee:f8:
9d:57:5d:e6:9a:9a:bf:2f:a2:f3:1d:b7:46:e8:0b:
12:df:80:26:84:8b:c4:9a:9b:ed:99:13:45:df:69:
9c:be:bf:e6:67:fa:3f:a2:7e:5f:e5:e8:08:ba:dc:
a7:2e:5f:8a:61:95:13:b9:09:55:21:eb:23:a7:22:
56:c4:2c:7c:f0:a6:e6:70:27:6f:2c:90:01:01:84:
e8:f1:0a:69:e4:c5:80:41:13:13:eb:8a:7e:87:54:
88:5b:32:9c:b4:f0:84:66:d7:ec:4a:35:1e:55:5f:
b9:38:c0:43:26:ac:8d:37:a7:48:b5:6e:11:1a:9c:
3b:36:15:6c:c9:52:96:8b:12:37:ac:c9:ba:9c:64:
0b:98:0c:16:4b:2e:31:77:f3:ff:aa:31:8c:ed:f9:
4a:35:6e:1c:8d:c6:c5:37:cd:a2:10:80:b7:e9:a8:
24:84:c2:f3:a2:9c:6c:ea:4d:11:d1:96:8a:e5:e7:
64:eb:2e:a5:b7:d3:a4:11:31:28:08:46:99:39:db:
c4:7e:2f:85:15:08:d4:70:61:80:70:23:5a:a7:ee:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:41:88:CA:89:51:00:28:96:0E:50:07:C9:43:E7:69:A7:33:6D:DB
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132332e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.123.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b4:e2:7b:c6:52:ec:07:5c:67:52:0f:88:50:26:42:71:47:
c8:8d:f5:ab:ac:31:8d:61:f1:21:77:f7:dc:59:fc:85:2d:ea:
bd:4e:68:46:28:fd:5e:10:4b:c5:f1:fd:59:f1:c5:9a:95:f6:
74:83:17:d7:ea:bd:a2:17:e5:cd:d5:1e:23:28:64:18:eb:ca:
d5:36:cf:2a:95:eb:48:53:55:d6:05:ad:e3:bf:d8:9c:07:48:
81:63:18:56:85:27:4e:21:cb:5f:c8:88:5c:ca:7b:cd:62:86:
a3:74:93:bc:20:27:62:04:09:e2:4c:37:2e:0d:fa:33:18:c9:
5d:a7:b1:4e:c0:47:38:0a:09:ba:71:c7:cb:34:97:63:90:dc:
6c:85:94:a9:44:f8:25:37:95:48:d1:fb:15:3c:8f:cd:3f:bc:
4f:36:56:a7:6d:a2:ae:bf:b4:39:b7:13:29:b9:ee:1f:59:d0:
05:8b:74:b9:e3:1c:a8:f4:62:2c:cc:3a:a5:cf:81:6b:0d:3f:
3a:39:ad:9f:02:05:fd:a4:f3:dc:fa:fd:1e:f7:ba:f5:d2:7c:
16:a8:1c:05:f5:d7:bb:1e:45:1f:a4:00:43:99:ac:a5:0c:2a:
17:c9:38:6f:92:91:9c:98:3d:e0:91:f5:27:8e:b4:c8:0b:b6:
80:95:23:3a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJk/rTdR/4wb1cDFFmDqqW/KuuTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA4MjkxMzI3MTRaFw0yNDA4MjcxMzMyMTRaMDMxMTAvBgNV
BAMTKDk0NDE4OENBODk1MTAwMjg5NjBFNTAwN0M5NDNFNzY5QTczMzZEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1m1AFh1rJlIE4ro9gmQpcwyHS
3fKMq12BdCoiO6nR1E98qEcfu8aBkvPu+J1XXeaamr8vovMdt0boCxLfgCaEi8Sa
m+2ZE0XfaZy+v+Zn+j+ifl/l6Ai63KcuX4phlRO5CVUh6yOnIlbELHzwpuZwJ28s
kAEBhOjxCmnkxYBBExPrin6HVIhbMpy08IRm1+xKNR5VX7k4wEMmrI03p0i1bhEa
nDs2FWzJUpaLEjesybqcZAuYDBZLLjF38/+qMYzt+Uo1bhyNxsU3zaIQgLfpqCSE
wvOinGzqTRHRlorl52TrLqW306QRMSgIRpk528R+L4UVCNRwYYBwI1qn7jZZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlEGIyolRACiWDlAHyUPnaaczbdswHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzMzMTJlMzEzNjM5MmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzODM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfqXswDQYJKoZIhvcNAQELBQADggEBAA604nvGUuwHXGdSD4hQJkJxR8iN9aus
MY1h8SF399xZ/IUt6r1OaEYo/V4QS8Xx/VnxxZqV9nSDF9fqvaIX5c3VHiMoZBjr
ytU2zyqV60hTVdYFreO/2JwHSIFjGFaFJ04hy1/IiFzKe81ihqN0k7wgJ2IECeJM
Ny4N+jMYyV2nsU7ARzgKCbpxx8s0l2OQ3GyFlKlE+CU3lUjR+xU8j80/vE82Vqdt
oq6/tDm3Eym57h9Z0AWLdLnjHKj0YizMOqXPgWsNPzo5rZ8CBf2k89z6/R73uvXS
fBaoHAX117seRR+kAEOZrKUMKhfJOG+SkZyYPeCR9SeOtMgLtoCVIzo=
-----END CERTIFICATE-----
Generated at Wed May 8 01:22:09 2024 by rpki-client on console-ams.rpki-client.org