Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34362e302f32332d3233203d3e20323031333431.roa
File: 33312e3232302e34362e302f32332d3233203d3e20323031333431.roa (raw, json)
Hash identifier: Jul9+Lga0A+9vnr67D25xP70lXget4e44MprdaP8iqU=
Subject key identifier: AA:F2:1A:1E:11:AE:88:A7:55:C6:ED:CA:63:4C:13:A2:94:89:E6:AE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7CD040B5A0AA0016302B9185321F0117D412E3A5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34362e302f32332d3233203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:01 +0000
ROA not before: Mon 26 Feb 2024 08:48:01 +0000
ROA not after: Mon 24 Feb 2025 08:53:01 +0000
asID: 201341
IP address blocks: 31.220.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:d0:40:b5:a0:aa:00:16:30:2b:91:85:32:1f:01:17:d4:12:e3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:01 2024 GMT
Not After : Feb 24 08:53:01 2025 GMT
Subject: CN=AAF21A1E11AE88A755C6EDCA634C13A29489E6AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:e4:3d:fe:44:fd:8d:1c:51:6b:f3:e2:ce:
3a:36:2f:34:00:fa:d8:52:69:b5:5b:3a:24:ad:3c:
f1:63:c1:de:6d:3b:f3:86:5a:ca:0a:b7:cb:4e:74:
9e:f7:f6:32:7d:0a:fc:a8:a8:39:0b:b6:82:98:cb:
8b:4e:d2:5e:f1:8c:97:65:48:85:08:f4:1c:1b:df:
30:46:7d:0e:28:b4:ba:f2:16:d3:f4:e1:cd:75:69:
d0:57:77:4f:bd:ea:41:b7:06:95:93:6e:f8:d2:1a:
98:b2:d4:6b:92:1b:84:c3:ab:73:d7:9e:ee:9b:2f:
89:5f:6a:0e:c1:ac:28:78:5c:66:de:9b:e2:8b:88:
9f:b1:d6:79:77:fb:5c:53:88:7e:e7:fa:a1:ef:6d:
f1:55:31:7d:7a:ae:90:47:6e:30:8a:9a:61:d6:76:
60:48:42:ae:de:06:d7:a1:02:3e:24:84:e2:69:55:
86:8f:2d:96:31:8b:95:56:bb:88:6c:43:01:72:15:
06:ec:90:f2:ea:60:15:8c:51:6a:75:e8:5a:1b:a7:
21:78:c8:f9:d5:13:8b:a4:c3:8c:7a:8c:a6:8c:17:
1a:82:d6:79:cf:f6:44:c6:08:b0:42:f4:f3:69:7f:
43:21:4d:e1:55:6d:39:41:97:ca:26:c7:5f:d2:b9:
8e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F2:1A:1E:11:AE:88:A7:55:C6:ED:CA:63:4C:13:A2:94:89:E6:AE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34362e302f32332d3233203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.46.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:87:51:9a:f2:be:c7:4c:62:94:ab:f4:3a:59:50:09:09:da:
ec:f8:b9:b9:ec:03:95:e3:ea:f7:4f:7c:e5:e2:e3:a5:20:94:
ec:46:09:ef:85:62:de:dc:d9:4e:0e:df:b7:01:26:9f:d0:c4:
99:d5:22:81:00:33:98:19:c1:21:59:10:d3:81:62:31:51:80:
27:16:16:e8:6c:3b:cd:d5:3b:0b:47:87:96:2d:52:99:2b:37:
8a:39:33:92:f3:dd:c4:4b:42:47:d2:cf:74:73:91:17:8b:c3:
40:31:6a:8a:08:57:5f:65:de:2e:60:ff:de:2b:dd:30:54:dc:
b8:d3:d8:fc:31:51:3d:f3:03:ba:59:d2:63:ee:c0:dc:db:44:
7c:36:7e:aa:58:22:80:b0:e0:8d:13:a3:56:da:20:0e:16:ee:
f3:66:03:de:db:17:e9:1a:fe:6c:37:ce:48:82:67:c1:cc:89:
a0:96:fd:c4:76:8c:62:d8:02:6e:78:c7:f8:c1:d5:31:23:5d:
80:7e:02:7d:8c:c4:11:53:b0:f0:fd:50:d1:2c:09:36:b7:c1:
ce:94:4f:82:33:53:1c:31:1e:3d:3e:b5:d7:68:6e:40:4d:fb:
2d:d8:4a:4b:50:5f:7d:16:52:bb:67:9d:b3:42:ae:e8:6b:d8:
9d:33:58:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfNBAtaCqABYwK5GFMh8BF9QS46UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDFaFw0yNTAyMjQwODUzMDFaMDMxMTAvBgNV
BAMTKEFBRjIxQTFFMTFBRTg4QTc1NUM2RURDQTYzNEMxM0EyOTQ4OUU2QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7eOQ9/kT9jRxRa/Pizjo2LzQA
+thSabVbOiStPPFjwd5tO/OGWsoKt8tOdJ739jJ9CvyoqDkLtoKYy4tO0l7xjJdl
SIUI9Bwb3zBGfQ4otLryFtP04c11adBXd0+96kG3BpWTbvjSGpiy1GuSG4TDq3PX
nu6bL4lfag7BrCh4XGbem+KLiJ+x1nl3+1xTiH7n+qHvbfFVMX16rpBHbjCKmmHW
dmBIQq7eBtehAj4khOJpVYaPLZYxi5VWu4hsQwFyFQbskPLqYBWMUWp16FobpyF4
yPnVE4ukw4x6jKaMFxqC1nnP9kTGCLBC9PNpf0MhTeFVbTlBl8omx1/SuY6FAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqvIaHhGuiKdVxu3KY0wTopSJ5q4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDM2
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H9wuMA0GCSqGSIb3DQEBCwUAA4IBAQBLh1Ga8r7HTGKUq/Q6WVAJCdrs+Lm57AOV
4+r3T3zl4uOlIJTsRgnvhWLe3NlODt+3ASaf0MSZ1SKBADOYGcEhWRDTgWIxUYAn
FhbobDvN1TsLR4eWLVKZKzeKOTOS893ES0JH0s90c5EXi8NAMWqKCFdfZd4uYP/e
K90wVNy409j8MVE98wO6WdJj7sDc20R8Nn6qWCKAsOCNE6NW2iAOFu7zZgPe2xfp
Gv5sN85IgmfBzImglv3Edoxi2AJueMf4wdUxI12AfgJ9jMQRU7Dw/VDRLAk2t8HO
lE+CM1McMR49PrXXaG5ATfst2EpLUF99FlK7Z52zQq7oa9idM1jW
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:47 2024 by rpki-client on console-fra.rpki-client.org