Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa
File: 3231372e37362e34382e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: fCFY3BKRuHvErVdE3SSCK7JReks1uzvk/3hTPIcSQqw=
Subject key identifier: CB:49:3A:35:9A:7B:1C:AD:44:DF:03:41:80:DC:0D:E7:31:46:88:BA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7EEF07C39E5A7E263956B08619660D776911517B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:27 +0000
ROA not before: Mon 26 Feb 2024 08:48:27 +0000
ROA not after: Mon 24 Feb 2025 08:53:27 +0000
asID: 51167
IP address blocks: 217.76.48.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ef:07:c3:9e:5a:7e:26:39:56:b0:86:19:66:0d:77:69:11:51:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:27 2024 GMT
Not After : Feb 24 08:53:27 2025 GMT
Subject: CN=CB493A359A7B1CAD44DF034180DC0DE7314688BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:91:ee:c9:f7:df:47:0a:63:07:e6:5a:88:9a:
e6:2b:6b:f7:8c:15:07:44:78:fc:09:46:3c:c9:d6:
a0:74:eb:06:da:14:04:65:7e:87:59:a4:87:bb:4c:
10:b0:d5:fe:6d:36:10:96:e5:17:b2:01:c2:81:f0:
46:c5:91:96:5a:e2:17:28:67:9e:fc:3a:cb:bf:0d:
cd:71:2b:41:40:45:87:f6:a1:19:fa:4c:0d:ac:a5:
27:44:44:4d:43:f7:f5:5b:62:25:85:a0:c2:12:69:
3d:29:e1:6c:aa:e4:3e:6e:a7:1a:da:7f:2d:98:6c:
7c:60:cb:d5:b2:b0:57:57:f1:b6:f1:ee:b5:39:d4:
46:75:7a:9a:24:e4:d5:95:35:bb:9c:87:e6:24:c3:
96:b4:b1:6e:8e:6f:be:a9:f0:23:c9:25:17:1a:69:
b5:2b:ab:4d:b5:83:42:5e:82:fa:03:b3:df:2b:29:
ae:85:d2:2b:58:29:4c:3a:30:83:7a:f6:7d:54:71:
54:1c:15:fd:d1:77:70:56:34:57:5f:86:af:a8:5e:
8c:7b:26:a4:9a:83:68:f3:ff:3a:b9:5b:67:03:5b:
b4:15:b0:88:b8:e3:e0:5d:bd:9c:32:0c:d6:c8:94:
a3:ca:ab:30:5c:d1:c7:e4:2c:44:8b:f2:1d:8f:fa:
af:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:49:3A:35:9A:7B:1C:AD:44:DF:03:41:80:DC:0D:E7:31:46:88:BA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.76.48.0/20
Signature Algorithm: sha256WithRSAEncryption
67:86:42:25:12:87:7c:36:a5:8e:c5:c9:8e:95:79:0b:80:ed:
ba:d8:95:cb:95:96:e4:df:3a:5e:11:d0:38:8c:68:70:84:a4:
e1:1e:76:97:04:bb:b0:ac:17:ce:44:57:5e:15:43:60:2d:70:
dc:5a:39:a0:21:01:10:95:ed:a3:87:38:9f:b6:76:f8:7d:a9:
56:e0:bd:23:42:11:2c:41:5f:31:e4:ca:35:45:9b:69:a0:b7:
94:d1:f1:b3:71:5f:ad:9c:0c:ff:57:60:78:ba:f4:00:c8:f2:
0e:00:fd:fa:f9:5a:72:13:f4:7f:0c:75:7e:3a:14:e5:03:6c:
4e:77:bf:2a:24:37:3b:76:48:46:c7:f8:73:29:22:96:88:49:
96:42:5d:47:34:c6:b9:ad:1b:9f:51:c7:8e:d9:d4:f0:9b:87:
b8:04:cc:10:35:d7:58:c8:62:16:91:be:f0:04:7c:71:ba:ae:
7e:49:94:e1:9d:a6:29:ff:65:74:ee:c8:bb:46:c6:f0:88:46:
86:19:e9:7c:29:fb:7e:58:21:ae:b2:ff:fa:32:78:ff:14:bf:
23:21:56:e8:c3:b4:b7:0d:a7:92:2b:cf:62:1b:82:c9:3c:b4:
6d:6c:bb:33:1a:60:2f:a3:96:63:3a:15:96:50:9e:da:e0:44:
6a:f2:47:55
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfu8Hw55afiY5VrCGGWYNd2kRUXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjdaFw0yNTAyMjQwODUzMjdaMDMxMTAvBgNV
BAMTKENCNDkzQTM1OUE3QjFDQUQ0NERGMDM0MTgwREMwREU3MzE0Njg4QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDske7J999HCmMH5lqImuYra/eM
FQdEePwJRjzJ1qB06wbaFARlfodZpIe7TBCw1f5tNhCW5ReyAcKB8EbFkZZa4hco
Z578Osu/Dc1xK0FARYf2oRn6TA2spSdERE1D9/VbYiWFoMISaT0p4Wyq5D5upxra
fy2YbHxgy9WysFdX8bbx7rU51EZ1epok5NWVNbuch+Ykw5a0sW6Ob76p8CPJJRca
abUrq021g0JegvoDs98rKa6F0itYKUw6MIN69n1UcVQcFf3Rd3BWNFdfhq+oXox7
JqSag2jz/zq5W2cDW7QVsIi44+BdvZwyDNbIlKPKqzBc0cfkLESL8h2P+q8FAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUy0k6NZp7HK1E3wNBgNwN5zFGiLowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNzM2MmUzNDM4
MmUzMDJmMzIzMDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNlM
MDANBgkqhkiG9w0BAQsFAAOCAQEAZ4ZCJRKHfDaljsXJjpV5C4DtutiVy5WW5N86
XhHQOIxocISk4R52lwS7sKwXzkRXXhVDYC1w3Fo5oCEBEJXto4c4n7Z2+H2pVuC9
I0IRLEFfMeTKNUWbaaC3lNHxs3FfrZwM/1dgeLr0AMjyDgD9+vlachP0fwx1fjoU
5QNsTne/KiQ3O3ZIRsf4cykilohJlkJdRzTGua0bn1HHjtnU8JuHuATMEDXXWMhi
FpG+8AR8cbqufkmU4Z2mKf9ldO7Iu0bG8IhGhhnpfCn7flghrrL/+jJ4/xS/IyFW
6MO0tw2nkivPYhuCyTy0bWy7MxpgL6OWYzoVllCe2uBEavJHVQ==
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org