Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
File: 33312e3232302e31312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zPZyTkkK15XWHDIkQWCD89FWy233hOsLEv+TaFTVivg=
Subject key identifier: AF:A5:D2:BF:00:9F:F1:EB:24:3E:BB:65:A1:18:89:29:AC:7E:5C:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 069124AD4820C4D1439BA699AAC013C0F11C8FCB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:37 +0000
ROA not before: Sun 12 May 2024 10:58:37 +0000
ROA not after: Sun 11 May 2025 11:03:37 +0000
asID: 136787
IP address blocks: 31.220.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:91:24:ad:48:20:c4:d1:43:9b:a6:99:aa:c0:13:c0:f1:1c:8f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 12 10:58:37 2024 GMT
Not After : May 11 11:03:37 2025 GMT
Subject: CN=AFA5D2BF009FF1EB243EBB65A1188929AC7E5C71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:28:a2:63:98:57:58:8a:6d:25:ad:48:d5:
02:4a:36:80:43:92:94:09:6d:0f:53:ad:11:f5:82:
a6:a1:8a:48:55:2d:06:4e:39:7e:74:fc:31:aa:5a:
33:8c:d7:df:d8:b4:a0:f0:59:36:a2:c5:21:9e:f5:
e0:95:46:5f:5c:71:e5:0f:92:f4:97:ae:f0:07:a2:
37:75:85:8e:4c:19:85:ab:73:f4:dd:b5:b7:9a:22:
6a:0a:3f:73:04:74:4f:1e:50:29:d4:f8:92:52:f9:
81:67:81:80:33:15:39:df:53:2b:54:fd:2e:74:6b:
42:48:e3:59:72:c2:d6:41:92:e2:34:30:db:43:49:
a2:9f:19:0e:41:81:d6:d4:a4:2c:1b:73:9f:84:00:
ed:d7:0f:6e:12:fc:43:e6:1b:81:b3:03:03:8e:47:
52:aa:f1:00:10:ce:4b:eb:96:90:66:60:35:d7:df:
a1:6c:a6:30:c0:d1:2d:02:14:86:88:25:89:7e:38:
db:02:e2:ff:f4:db:56:9d:94:35:21:d7:4b:18:3a:
5a:02:e8:ec:97:a5:be:2a:e0:40:87:7e:ba:19:7f:
de:3d:7f:28:04:20:46:59:d5:59:34:78:86:9e:23:
90:b2:a3:22:cc:93:80:02:79:72:36:99:63:4a:a6:
bb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A5:D2:BF:00:9F:F1:EB:24:3E:BB:65:A1:18:89:29:AC:7E:5C:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.11.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:96:ae:19:ba:9b:e5:0a:2e:dd:3c:8d:ac:92:81:8b:b6:39:
05:4c:15:9b:ae:d6:1f:b7:25:df:9a:f1:cb:f5:b1:67:45:e2:
30:b8:80:6a:a2:f5:ac:93:bd:a6:cf:39:78:d2:ac:ed:33:69:
b0:59:45:58:47:e9:2c:d8:49:97:20:c0:18:a8:06:b7:6c:5e:
95:6c:46:75:88:99:4a:51:58:75:03:c9:72:d0:79:30:7a:76:
2f:8a:39:61:e1:5b:49:d1:af:cf:68:38:31:17:24:9c:76:17:
b8:4d:93:4e:43:ea:cf:63:63:37:4f:2c:e2:71:17:e7:27:a2:
6e:0d:84:54:28:55:ec:6f:41:20:5b:20:dc:80:06:07:54:ec:
78:45:8f:3d:a5:a9:a8:73:6b:d0:ac:b5:5e:07:62:92:05:40:
9f:bd:d5:e0:7e:6e:73:3e:a8:c0:51:72:0d:1d:0f:3f:66:d5:
17:94:43:22:7f:dd:0a:a0:40:60:f8:b6:13:58:5b:7d:c0:94:
d0:2c:4d:fe:87:e6:14:e9:0c:93:90:31:ac:92:04:75:59:31:
9c:35:cb:4a:d8:85:6c:71:06:74:0c:01:79:d7:72:96:b0:48:
ee:12:a9:7e:8f:3e:15:50:0b:ce:c0:b5:4f:f4:d2:8e:9a:45:
3f:7c:d4:db
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBpEkrUggxNFDm6aZqsATwPEcj8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MTIxMDU4MzdaFw0yNTA1MTExMTAzMzdaMDMxMTAvBgNV
BAMTKEFGQTVEMkJGMDA5RkYxRUIyNDNFQkI2NUExMTg4OTI5QUM3RTVDNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc0yiiY5hXWIptJa1I1QJKNoBD
kpQJbQ9TrRH1gqahikhVLQZOOX50/DGqWjOM19/YtKDwWTaixSGe9eCVRl9cceUP
kvSXrvAHojd1hY5MGYWrc/TdtbeaImoKP3MEdE8eUCnU+JJS+YFngYAzFTnfUytU
/S50a0JI41lywtZBkuI0MNtDSaKfGQ5BgdbUpCwbc5+EAO3XD24S/EPmG4GzAwOO
R1Kq8QAQzkvrlpBmYDXX36FspjDA0S0CFIaIJYl+ONsC4v/021adlDUh10sYOloC
6OyXpb4q4ECHfroZf949fygEIEZZ1Vk0eIaeI5CyoyLMk4ACeXI2mWNKprsdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUr6XSvwCf8eskPrtloRiJKax+XHEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wLMA0GCSqGSIb3DQEBCwUAA4IBAQB6lq4ZupvlCi7dPI2skoGLtjkFTBWbrtYf
tyXfmvHL9bFnReIwuIBqovWsk72mzzl40qztM2mwWUVYR+ks2EmXIMAYqAa3bF6V
bEZ1iJlKUVh1A8ly0HkwenYvijlh4VtJ0a/PaDgxFyScdhe4TZNOQ+rPY2M3Tyzi
cRfnJ6JuDYRUKFXsb0EgWyDcgAYHVOx4RY89pamoc2vQrLVeB2KSBUCfvdXgfm5z
PqjAUXINHQ8/ZtUXlEMif90KoEBg+LYTWFt9wJTQLE3+h+YU6QyTkDGskgR1WTGc
NctK2IVscQZ0DAF513KWsEjuEql+jz4VUAvOwLVP9NKOmkU/fNTb
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org