Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e2039303039.roa
File: 33312e3231372e3235302e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: 31n49IcPWLCpVzjQZIBX1nR5jHR6sN2ym+AS2vhAPkA=
Subject key identifier: 1E:78:01:1F:44:2A:02:44:AF:11:2F:E7:63:B9:B7:95:82:7E:EB:1F
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 243F8D521D2AD20F25FDEB97871DC5CA41C9DAA0
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e2039303039.roa
Signing time: Tue 06 Feb 2024 11:52:38 +0000
ROA not before: Tue 06 Feb 2024 11:47:38 +0000
ROA not after: Tue 04 Feb 2025 11:52:38 +0000
asID: 9009
IP address blocks: 31.217.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:3f:8d:52:1d:2a:d2:0f:25:fd:eb:97:87:1d:c5:ca:41:c9:da:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Feb 6 11:47:38 2024 GMT
Not After : Feb 4 11:52:38 2025 GMT
Subject: CN=1E78011F442A0244AF112FE763B9B795827EEB1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:7c:c2:9a:a4:e5:b0:cc:10:65:4a:ef:87:
cb:67:9b:2b:08:8e:ef:d3:1f:5f:cd:7a:c8:d0:10:
51:be:3f:66:01:ef:ee:3c:69:90:eb:41:0f:75:9b:
d9:a2:a1:bc:97:0a:2b:ba:c3:36:c3:c0:f2:51:52:
11:aa:12:ac:3b:f8:77:fc:c8:2c:e1:d0:a2:b3:a0:
91:1a:da:0a:2d:67:d4:56:1f:2a:7c:d5:ab:3c:75:
29:b3:5d:d2:29:35:60:c3:b0:09:c4:70:57:bd:9c:
f6:17:ab:0e:17:0e:cc:f1:2c:6c:c0:57:8d:25:a9:
80:4a:17:98:65:be:fb:16:ca:4f:c7:58:51:02:0e:
db:ed:e7:8c:43:f5:5c:5c:dd:16:dd:53:ea:01:98:
07:54:e0:20:7c:94:7d:41:b3:dc:00:c9:9c:88:af:
ae:08:b7:99:d2:50:76:6c:4f:48:14:5c:be:89:2a:
4f:db:63:54:1a:ee:f8:ad:d8:dc:f2:0d:a2:a5:36:
bb:5b:fa:6f:d2:73:9a:56:45:59:39:b1:b2:f3:ef:
58:8c:44:89:40:14:3e:7f:96:bb:92:b2:e0:08:92:
a3:c4:d3:cd:eb:73:48:53:01:f1:c3:3a:4c:75:08:
39:09:f2:e6:b2:5d:bf:a4:84:e7:66:f7:5d:aa:75:
11:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:78:01:1F:44:2A:02:44:AF:11:2F:E7:63:B9:B7:95:82:7E:EB:1F
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.250.0/24
Signature Algorithm: sha256WithRSAEncryption
28:df:30:31:8e:42:50:d0:62:6b:b4:d2:a1:eb:52:cf:fd:b3:
7d:27:9c:88:1f:27:07:1e:eb:cf:dd:2b:75:e2:3d:f8:c0:69:
73:e8:83:c7:1c:4d:69:76:e4:0c:19:a6:26:1e:1f:09:df:20:
2c:ea:56:fa:f1:51:64:1d:35:ed:75:fb:01:56:6d:93:64:01:
82:fd:e6:fc:18:6f:10:a6:95:b3:7f:fa:22:94:6b:f6:4a:d5:
1f:53:03:97:50:b7:27:93:38:fd:80:90:8f:8b:ec:5b:9d:9b:
16:68:10:09:58:51:ee:90:a0:7a:cc:e3:6e:a6:32:01:ea:74:
f0:fc:16:30:79:7f:a1:8d:5d:9c:9a:d6:37:8e:c0:3e:4a:5d:
e8:f3:0d:22:03:19:27:ed:83:a3:01:4a:cf:41:8b:9f:b2:81:
0f:49:59:82:24:21:0a:b5:6f:f8:23:7e:94:f1:ff:71:fa:d3:
df:bb:02:63:59:2a:3d:da:0d:76:f4:ae:73:a0:86:cd:40:16:
94:79:b4:00:36:e1:7d:5b:df:c4:5e:4f:6d:2a:7b:56:34:83:
c3:4d:2f:3e:c5:c1:26:d4:6c:57:e9:e1:e2:2d:12:dc:ab:ed:
ae:82:df:99:d8:b9:bf:11:56:fe:4d:21:5a:13:de:5f:c6:23:
6a:7a:39:42
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJD+NUh0q0g8l/euXhx3FykHJ2qAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDAyMDYxMTQ3MzhaFw0yNTAyMDQxMTUyMzhaMDMxMTAvBgNV
BAMTKDFFNzgwMTFGNDQyQTAyNDRBRjExMkZFNzYzQjlCNzk1ODI3RUVCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzgnzCmqTlsMwQZUrvh8tnmysI
ju/TH1/NesjQEFG+P2YB7+48aZDrQQ91m9miobyXCiu6wzbDwPJRUhGqEqw7+Hf8
yCzh0KKzoJEa2gotZ9RWHyp81as8dSmzXdIpNWDDsAnEcFe9nPYXqw4XDszxLGzA
V40lqYBKF5hlvvsWyk/HWFECDtvt54xD9Vxc3RbdU+oBmAdU4CB8lH1Bs9wAyZyI
r64It5nSUHZsT0gUXL6JKk/bY1Qa7vit2NzyDaKlNrtb+m/Sc5pWRVk5sbLz71iM
RIlAFD5/lruSsuAIkqPE083rc0hTAfHDOkx1CDkJ8uayXb+khOdm912qdRG/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUHngBH0QqAkSvES/nY7m3lYJ+6x8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzMzMTJlMzIzMTM3MmUzMjM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/Z
+jANBgkqhkiG9w0BAQsFAAOCAQEAKN8wMY5CUNBia7TSoetSz/2zfSeciB8nBx7r
z90rdeI9+MBpc+iDxxxNaXbkDBmmJh4fCd8gLOpW+vFRZB017XX7AVZtk2QBgv3m
/BhvEKaVs3/6IpRr9krVH1MDl1C3J5M4/YCQj4vsW52bFmgQCVhR7pCgeszjbqYy
Aep08PwWMHl/oY1dnJrWN47APkpd6PMNIgMZJ+2DowFKz0GLn7KBD0lZgiQhCrVv
+CN+lPH/cfrT37sCY1kqPdoNdvSuc6CGzUAWlHm0ADbhfVvfxF5PbSp7VjSDw00v
PsXBJtRsV+nh4i0S3KvtroLfmdi5vxFW/k0hWhPeX8Yjano5Qg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org