Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
File: 33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: y/IdeGyplYGlcnrJ8TB1rSCfFF+2gAlXnTw1voNx4J4=
Subject key identifier: AA:36:D6:4F:BC:5E:3E:64:87:AE:2E:32:7C:C6:05:D2:9F:98:90:90
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3BC0225D49A788F077EF51F49FC40C296FF06558
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
Signing time: Thu 14 Dec 2023 20:05:13 +0000
ROA not before: Thu 14 Dec 2023 20:00:13 +0000
ROA not after: Thu 12 Dec 2024 20:05:13 +0000
asID: 147049
IP address blocks: 31.222.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:c0:22:5d:49:a7:88:f0:77:ef:51:f4:9f:c4:0c:29:6f:f0:65:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Dec 14 20:00:13 2023 GMT
Not After : Dec 12 20:05:13 2024 GMT
Subject: CN=AA36D64FBC5E3E6487AE2E327CC605D29F989090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7e:8b:c9:44:14:de:5c:10:0e:75:16:53:ec:
97:9b:6f:28:d5:4a:33:10:66:90:1b:ec:16:89:a9:
9a:1f:d6:6f:d2:7b:0c:c2:3f:b8:4b:e4:67:62:af:
11:58:13:6d:a4:97:a0:e6:99:7a:c1:bd:ba:8b:e6:
ae:28:8f:87:37:41:c5:94:35:40:cc:0e:1c:e7:d5:
fa:f7:e4:84:bb:a3:0d:b4:ee:69:5a:26:be:64:63:
af:54:4d:e3:8e:41:67:f0:96:88:34:39:63:16:e0:
fc:72:ee:f5:df:14:40:03:7d:64:20:ee:fb:9b:16:
b9:b4:e4:33:aa:c9:81:47:7a:49:2f:67:04:4e:fb:
90:e4:19:27:50:ce:5e:bf:53:bb:c0:7b:90:29:d9:
ad:db:1a:04:3e:5e:3d:35:f8:da:8e:7c:da:93:c1:
5e:49:30:e5:04:b1:1d:cf:94:68:56:93:ca:71:b1:
57:e0:d5:9f:6f:21:2b:41:1b:15:4a:db:c4:06:f4:
ec:ed:ff:b5:1b:9e:aa:b6:c1:d0:cf:f6:92:ef:48:
76:5c:a1:76:cf:90:da:79:75:49:ad:55:9a:ed:62:
7d:d3:db:33:9c:1e:3c:23:de:05:e0:23:63:cc:97:
b9:c4:96:4d:01:51:14:75:f7:a9:36:f9:89:09:6d:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:36:D6:4F:BC:5E:3E:64:87:AE:2E:32:7C:C6:05:D2:9F:98:90:90
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:31:80:72:1a:26:74:e3:44:4c:65:d6:16:0c:14:cb:4b:93:
19:ce:ea:bf:18:be:ca:87:69:0d:ea:41:76:4d:66:af:e8:5f:
06:42:6c:a3:48:88:ab:a1:d5:75:49:d3:b2:30:3b:9c:49:78:
58:58:d1:d9:8d:23:2a:19:85:8c:6c:bb:ce:d2:86:dd:21:90:
a8:5c:f2:d6:98:a0:15:84:ca:81:27:22:95:f6:76:b2:77:b6:
02:27:9d:f2:e3:7e:b9:1b:7a:9c:b9:42:bf:12:a7:0a:4a:10:
ce:3b:c4:76:16:3b:22:2f:a5:ca:90:04:aa:cf:7b:ad:ef:24:
17:46:95:be:68:af:29:96:80:30:f1:ea:78:0e:bc:90:01:28:
04:4b:1b:e0:38:67:73:d2:ab:06:e8:37:42:94:b4:0c:8d:6b:
14:13:2b:40:7a:7c:a0:b2:cd:27:4a:44:59:8b:d0:6d:32:47:
35:32:1e:7f:d0:0a:af:de:c8:2c:77:0f:a4:72:46:c9:79:18:
22:3a:8d:ec:bb:f0:2a:85:a0:3c:71:99:5a:f3:55:8c:61:d0:
f4:61:44:be:57:87:03:37:23:55:ef:64:df:15:99:e7:16:29:
4e:dd:96:8c:be:4b:6a:a6:cc:54:95:60:06:06:8a:89:77:5b:
6e:39:29:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUO8AiXUmniPB371H0n8QMKW/wZVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzEyMTQyMDAwMTNaFw0yNDEyMTIyMDA1MTNaMDMxMTAvBgNV
BAMTKEFBMzZENjRGQkM1RTNFNjQ4N0FFMkUzMjdDQzYwNUQyOUY5ODkwOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJfovJRBTeXBAOdRZT7JebbyjV
SjMQZpAb7BaJqZof1m/SewzCP7hL5GdirxFYE22kl6DmmXrBvbqL5q4oj4c3QcWU
NUDMDhzn1fr35IS7ow207mlaJr5kY69UTeOOQWfwlog0OWMW4Pxy7vXfFEADfWQg
7vubFrm05DOqyYFHekkvZwRO+5DkGSdQzl6/U7vAe5Ap2a3bGgQ+Xj01+NqOfNqT
wV5JMOUEsR3PlGhWk8pxsVfg1Z9vIStBGxVK28QG9Ozt/7Ubnqq2wdDP9pLvSHZc
oXbPkNp5dUmtVZrtYn3T2zOcHjwj3gXgI2PMl7nElk0BURR196k2+YkJbcBBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqjbWT7xePmSHri4yfMYF0p+YkJAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzMzMTJlMzIzMjMyMmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAf3v4wDQYJKoZIhvcNAQELBQADggEBAA0xgHIaJnTjRExl1hYMFMtLkxnO6r8Y
vsqHaQ3qQXZNZq/oXwZCbKNIiKuh1XVJ07IwO5xJeFhY0dmNIyoZhYxsu87Sht0h
kKhc8taYoBWEyoEnIpX2drJ3tgInnfLjfrkbepy5Qr8SpwpKEM47xHYWOyIvpcqQ
BKrPe63vJBdGlb5orymWgDDx6ngOvJABKARLG+A4Z3PSqwboN0KUtAyNaxQTK0B6
fKCyzSdKRFmL0G0yRzUyHn/QCq/eyCx3D6RyRsl5GCI6jey78CqFoDxxmVrzVYxh
0PRhRL5XhwM3I1XvZN8VmecWKU7dloy+S2qmzFSVYAYGiol3W245KZ0=
-----END CERTIFICATE-----
Generated at Sat May 11 08:13:55 2024 by rpki-client on console-ams.rpki-client.org