Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
File: 33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: M7m7B5PzpUCtqcj2D99NR5XGm45WEmOjzV3uv3dJIbw=
Subject key identifier: A1:A5:32:CD:09:AE:B4:23:AE:EC:BD:41:D9:C6:BF:4B:A8:BA:EA:FC
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 6CA151FB7189A547D0266F6782B4ECACCD2A6258
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
Signing time: Thu 14 Nov 2024 20:05:34 +0000
ROA not before: Thu 14 Nov 2024 20:00:34 +0000
ROA not after: Thu 13 Nov 2025 20:05:34 +0000
asID: 147049
IP address blocks: 31.222.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a1:51:fb:71:89:a5:47:d0:26:6f:67:82:b4:ec:ac:cd:2a:62:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Nov 14 20:00:34 2024 GMT
Not After : Nov 13 20:05:34 2025 GMT
Subject: CN=A1A532CD09AEB423AEECBD41D9C6BF4BA8BAEAFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:13:1a:5b:d2:29:4b:e9:0f:b4:b0:c9:7d:10:
6c:8a:52:16:33:57:82:b4:d3:de:d5:4c:a9:b1:56:
34:62:0c:20:a3:8d:bf:77:e0:c0:c7:1b:28:20:ee:
b5:e3:71:67:fc:64:e0:54:64:3e:4e:22:2a:e1:45:
3e:dd:7e:6a:35:d4:46:56:7b:e9:d8:04:c6:3d:b1:
07:3e:bc:94:f2:43:5f:0c:f7:3b:38:46:98:64:5a:
f1:e8:87:97:19:0e:d8:66:89:32:3d:46:08:2e:13:
40:7a:1d:6e:62:ab:de:02:84:85:6d:f4:1e:b0:49:
38:59:ca:ca:a4:f8:c0:7c:d9:15:a3:5a:96:8a:e7:
1e:47:b3:e0:d9:b5:cc:c3:4e:36:22:c4:c2:e8:81:
e7:83:fc:62:12:60:16:df:2c:3b:cb:9d:b6:94:0a:
bc:97:14:d3:2f:6a:a0:c2:ef:c2:d7:db:ca:74:0b:
92:d8:bd:42:d3:bd:ce:31:5d:6b:46:69:ef:30:cc:
54:be:b0:76:7f:16:e3:a0:f5:00:f8:30:80:97:2e:
be:63:2c:3c:4c:8b:89:55:1f:92:9d:6e:2b:78:d5:
67:76:01:f8:c8:4e:1c:98:49:49:3f:d2:1c:07:68:
fa:6e:f8:d7:5c:a5:25:8e:c5:bc:bc:67:16:a3:6f:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A5:32:CD:09:AE:B4:23:AE:EC:BD:41:D9:C6:BF:4B:A8:BA:EA:FC
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/33312e3232322e3235342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.254.0/24
Signature Algorithm: sha256WithRSAEncryption
13:86:e5:96:38:29:90:d7:49:75:fe:87:c1:90:31:1b:6b:9e:
15:a6:18:ea:9e:cc:a3:6f:dd:bd:7f:44:42:90:f1:ba:6b:90:
12:8d:50:ee:0b:0f:48:ba:e4:fe:7b:92:bf:b6:84:82:2d:07:
28:35:31:7a:72:f7:8f:d0:5e:35:fc:70:f9:69:76:86:5e:c3:
e1:f3:4b:b7:28:7f:69:fe:a0:cf:23:75:50:66:e4:62:2b:60:
89:b0:54:f9:50:e5:ea:d6:0b:fb:e7:3c:5c:2c:72:9c:d6:e3:
0d:4d:10:0e:77:30:15:38:df:9e:cc:7e:34:bd:0d:a5:e6:ee:
24:8c:4b:86:d7:c8:52:51:3b:4b:8c:ff:8a:95:b7:48:0f:cd:
cf:2b:45:db:c9:fe:46:d3:3a:93:56:64:f2:ab:fd:0e:c5:25:
c8:86:88:67:54:b6:c9:30:0a:38:8b:cb:a2:aa:cd:76:0c:b8:
bb:f0:a3:57:4e:5d:bd:a0:0e:96:2f:80:9f:3a:e9:f5:bf:6b:
6b:4e:a0:75:a9:ed:aa:52:1c:d9:97:5c:6e:aa:94:e2:57:f3:
b3:d4:76:23:30:e4:c5:88:8f:28:3e:e0:6b:e9:fd:dd:0a:4d:
34:93:45:57:be:5b:41:f2:de:81:3d:ac:bb:f3:39:04:9e:9e:
45:12:ec:cc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbKFR+3GJpUfQJm9ngrTsrM0qYlgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDExMTQyMDAwMzRaFw0yNTExMTMyMDA1MzRaMDMxMTAvBgNV
BAMTKEExQTUzMkNEMDlBRUI0MjNBRUVDQkQ0MUQ5QzZCRjRCQThCQUVBRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcExpb0ilL6Q+0sMl9EGyKUhYz
V4K0097VTKmxVjRiDCCjjb934MDHGygg7rXjcWf8ZOBUZD5OIirhRT7dfmo11EZW
e+nYBMY9sQc+vJTyQ18M9zs4RphkWvHoh5cZDthmiTI9RgguE0B6HW5iq94ChIVt
9B6wSThZysqk+MB82RWjWpaK5x5Hs+DZtczDTjYixMLogeeD/GISYBbfLDvLnbaU
CryXFNMvaqDC78LX28p0C5LYvULTvc4xXWtGae8wzFS+sHZ/FuOg9QD4MICXLr5j
LDxMi4lVH5Kdbit41Wd2AfjIThyYSUk/0hwHaPpu+NdcpSWOxby8Zxajb1AbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoaUyzQmutCOu7L1B2ca/S6i66vwwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzMzMTJlMzIzMjMyMmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAf3v4wDQYJKoZIhvcNAQELBQADggEBABOG5ZY4KZDXSXX+h8GQMRtrnhWmGOqe
zKNv3b1/REKQ8bprkBKNUO4LD0i65P57kr+2hIItByg1MXpy94/QXjX8cPlpdoZe
w+HzS7cof2n+oM8jdVBm5GIrYImwVPlQ5erWC/vnPFwscpzW4w1NEA53MBU4357M
fjS9DaXm7iSMS4bXyFJRO0uM/4qVt0gPzc8rRdvJ/kbTOpNWZPKr/Q7FJciGiGdU
tskwCjiLy6KqzXYMuLvwo1dOXb2gDpYvgJ866fW/a2tOoHWp7apSHNmXXG6qlOJX
87PUdiMw5MWIjyg+4Gvp/d0KTTSTRVe+W0Hy3oE9rLvzOQSenkUS7Mw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org