Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
File: 33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 2k0Z8refgJuQGraEgU6im2zeNj5AvbWAjNuQjUAJUQU=
Subject key identifier: FA:BC:CF:D4:FE:C6:F8:4A:FE:9A:CF:D3:DF:DB:D6:AC:C6:ED:00:08
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5A6AD908C45272BF046676AF68D3BEB7EE8FCBC8
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Mar 2024 09:17:06 +0000
ROA not before: Thu 21 Mar 2024 09:12:06 +0000
ROA not after: Thu 20 Mar 2025 09:17:06 +0000
asID: 136787
IP address blocks: 31.222.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6a:d9:08:c4:52:72:bf:04:66:76:af:68:d3:be:b7:ee:8f:cb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 21 09:12:06 2024 GMT
Not After : Mar 20 09:17:06 2025 GMT
Subject: CN=FABCCFD4FEC6F84AFE9ACFD3DFDBD6ACC6ED0008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:82:f4:5d:2d:d1:c9:f1:7a:21:fb:1d:90:20:
6a:ed:61:d9:2d:c1:2f:86:d8:3a:6d:ff:0a:ac:af:
65:d5:ae:f1:4c:3f:5b:4b:92:30:72:ea:03:e5:41:
8b:96:ae:14:32:26:8e:23:d6:18:ab:0c:bb:3e:53:
13:0e:e7:bc:72:03:d8:6c:e2:37:3f:2c:29:46:c3:
d9:4c:bd:88:90:75:9d:5a:21:fe:51:5b:f5:fb:2b:
73:a1:17:6c:b9:52:74:8b:b2:49:b6:af:b9:11:7e:
06:09:10:b1:33:b6:7b:85:02:c5:87:4a:b9:bc:8e:
00:34:4c:d4:f3:51:17:2b:73:ed:ac:71:15:10:2d:
6e:d2:12:5c:9f:c9:89:3c:b1:af:c6:f5:34:29:ed:
3f:8b:58:06:f9:a3:96:30:86:89:1c:4b:17:4c:58:
e3:c2:34:b1:17:4b:15:9a:92:8a:d4:95:d6:85:17:
56:2c:76:63:4f:71:83:e4:9b:2a:41:36:2e:67:c4:
57:ea:ea:e9:ec:98:53:3d:ff:d3:cb:a0:be:67:16:
cc:b6:d4:45:7c:1b:6b:4c:e7:3e:21:a4:5a:51:2e:
2f:f7:bc:b0:a8:99:97:08:e3:ff:50:e6:98:de:02:
51:1b:1a:9e:f7:e6:c1:00:98:3d:45:67:fd:90:9e:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BC:CF:D4:FE:C6:F8:4A:FE:9A:CF:D3:DF:DB:D6:AC:C6:ED:00:08
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:8f:82:40:d5:58:49:29:50:a5:0a:ca:c5:42:ea:10:ef:f4:
0f:0d:04:24:dc:39:c5:b9:86:f7:b6:33:9c:f1:7b:e8:85:51:
6c:69:de:6f:89:6d:36:f3:f9:d5:30:2d:4e:15:9a:49:c1:4e:
21:68:5d:16:93:db:aa:f8:0d:69:fa:02:dc:74:5f:48:a7:bd:
56:00:e8:3d:f2:27:27:91:b9:4b:eb:09:41:c4:8e:32:cf:f9:
44:7c:99:66:0b:74:e9:3e:14:9d:88:cc:12:f5:45:05:a1:8c:
e0:d2:b6:fd:86:38:7c:9a:22:d5:51:e0:e3:c3:1a:2c:2e:f2:
22:a6:b3:cc:93:b9:4e:b1:52:f0:9d:fc:71:ad:23:04:92:40:
3f:88:7e:2d:67:b4:9f:a3:5e:c1:1e:06:92:6e:7a:27:25:9a:
5e:97:b3:17:d4:29:4c:b2:b6:6b:0d:d3:4f:e9:a3:83:06:e2:
a8:2f:72:10:1f:22:09:01:c3:17:90:66:61:a6:03:5e:61:b9:
0e:5b:b0:d2:02:ea:5c:b6:cd:89:f0:f5:d9:1a:75:41:23:25:
15:5e:8a:6b:0a:f7:c2:14:37:b6:7a:f7:a5:1e:b4:86:cf:44:
42:42:b0:9a:4a:84:27:a7:8f:b3:24:65:51:59:cd:11:5d:40:
5c:d0:2e:57
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWmrZCMRScr8EZnavaNO+t+6Py8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAzMjEwOTEyMDZaFw0yNTAzMjAwOTE3MDZaMDMxMTAvBgNV
BAMTKEZBQkNDRkQ0RkVDNkY4NEFGRTlBQ0ZEM0RGREJENkFDQzZFRDAwMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdgvRdLdHJ8Xoh+x2QIGrtYdkt
wS+G2Dpt/wqsr2XVrvFMP1tLkjBy6gPlQYuWrhQyJo4j1hirDLs+UxMO57xyA9hs
4jc/LClGw9lMvYiQdZ1aIf5RW/X7K3OhF2y5UnSLskm2r7kRfgYJELEztnuFAsWH
Srm8jgA0TNTzURcrc+2scRUQLW7SElyfyYk8sa/G9TQp7T+LWAb5o5YwhokcSxdM
WOPCNLEXSxWakorUldaFF1YsdmNPcYPkmypBNi5nxFfq6unsmFM9/9PLoL5nFsy2
1EV8G2tM5z4hpFpRLi/3vLComZcI4/9Q5pjeAlEbGp735sEAmD1FZ/2QnsZ7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU+rzP1P7G+Er+ms/T39vWrMbtAAgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzMjMyMzIy
ZTMyMzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAB/e5zANBgkqhkiG9w0BAQsFAAOCAQEAW4+CQNVYSSlQpQrKxULqEO/0
Dw0EJNw5xbmG97YznPF76IVRbGneb4ltNvP51TAtThWaScFOIWhdFpPbqvgNafoC
3HRfSKe9VgDoPfInJ5G5S+sJQcSOMs/5RHyZZgt06T4UnYjMEvVFBaGM4NK2/YY4
fJoi1VHg48MaLC7yIqazzJO5TrFS8J38ca0jBJJAP4h+LWe0n6NewR4Gkm56JyWa
XpezF9QpTLK2aw3TT+mjgwbiqC9yEB8iCQHDF5BmYaYDXmG5Dluw0gLqXLbNifD1
2Rp1QSMlFV6Kawr3whQ3tnr3pR60hs9EQkKwmkqEJ6ePsyRlUVnNEV1AXNAuVw==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org