Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132302e302f32342d3234203d3e203330393637.roa
File: 3130392e3130362e3132302e302f32342d3234203d3e203330393637.roa (raw, json)
Hash identifier: TRRT6PMGgn6Boy0d1NDkX5DeOySlsfnutWR7pE0owZw=
Subject key identifier: 33:EA:C3:0F:78:1F:27:BC:2C:AD:BD:C0:69:FE:87:49:E4:C8:41:E3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E3FDF02A7D94057F7BE329B3436FB2809E405E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132302e302f32342d3234203d3e203330393637.roa
Signing time: Fri 20 Sep 2024 10:25:00 +0000
ROA not before: Fri 20 Sep 2024 10:20:00 +0000
ROA not after: Fri 19 Sep 2025 10:25:00 +0000
asID: 30967
IP address blocks: 109.106.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:3f:df:02:a7:d9:40:57:f7:be:32:9b:34:36:fb:28:09:e4:05:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 10:20:00 2024 GMT
Not After : Sep 19 10:25:00 2025 GMT
Subject: CN=33EAC30F781F27BC2CADBDC069FE8749E4C841E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:eb:52:0b:a2:8f:df:b4:75:bf:41:43:1e:48:
08:ad:eb:e9:62:f1:cd:f1:32:2a:d1:e1:cf:90:f7:
7f:6d:db:91:d4:2d:73:50:aa:3a:a4:cd:1f:d3:52:
5a:cc:49:1c:ea:1e:e9:97:d8:e1:42:47:bf:49:aa:
63:c3:cd:65:59:f0:46:b1:ca:4c:6a:47:4c:97:27:
49:10:3b:97:17:e7:13:be:ca:80:b0:38:a0:d7:cb:
aa:21:21:36:b7:60:88:2f:fb:36:8e:83:37:0e:56:
f1:62:0a:d4:d8:c4:e8:52:80:d2:a5:e3:03:84:4f:
4b:6f:e4:d0:5d:66:08:40:9b:47:79:9b:76:40:1b:
c7:68:09:af:fb:a3:32:45:25:ca:bf:2c:20:cd:d9:
1a:ee:58:00:51:20:e9:98:7c:85:e1:43:a0:6b:88:
3b:bc:33:31:c3:7c:d0:01:f1:1f:38:fe:b3:4a:88:
18:bf:3a:57:1d:a8:b8:6a:a3:c4:65:2b:8b:9e:a8:
09:3a:f0:09:f5:d2:88:01:c3:a5:22:17:37:67:0f:
dc:a5:31:f3:35:5e:82:ae:d9:a2:db:ca:28:ae:24:
6b:46:96:44:74:bb:3a:db:66:56:b2:17:e2:c2:e6:
46:25:80:23:e2:65:66:72:3d:8c:cb:8d:b2:ea:b6:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EA:C3:0F:78:1F:27:BC:2C:AD:BD:C0:69:FE:87:49:E4:C8:41:E3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132302e302f32342d3234203d3e203330393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:63:70:7b:b6:29:c4:72:d9:b7:0d:e2:5f:60:6f:03:13:8e:
0a:61:0d:5e:02:22:96:6c:2e:b4:de:d2:df:05:ae:16:86:39:
57:6f:58:2d:be:57:f1:71:62:cc:0b:a1:61:f4:30:c4:3c:f5:
22:db:0a:49:e2:a2:6c:8f:02:aa:10:ab:04:2c:dd:d5:89:29:
2b:20:ff:0a:f5:f3:a8:54:45:1b:d5:90:f9:a3:18:b6:cc:54:
d9:fb:b8:46:7c:0d:0b:ee:d8:47:41:21:41:16:ae:28:a7:1f:
9a:4b:ee:59:92:8a:09:f3:7e:44:3d:99:a5:57:dc:a5:19:51:
9d:b0:d3:cf:0c:b1:33:bd:8f:16:98:e3:cc:99:45:2f:66:cb:
24:13:ee:79:29:3b:8a:3b:6d:f4:7b:c5:f6:09:dc:7e:e1:c5:
e0:04:ec:88:10:0b:d9:fe:3a:ad:aa:7a:ae:ed:00:f9:26:c5:
e7:a7:6f:dc:be:9d:38:3b:52:d1:f3:4d:54:fb:39:9b:12:f9:
2c:b5:94:7c:e0:28:ff:09:9a:e3:61:97:b3:8e:7b:1c:b4:05:
c8:00:cb:63:e6:66:0d:95:f3:8e:68:c5:4d:00:32:c9:aa:3e:
d9:dc:40:7a:01:58:2a:06:8c:2c:3e:1b:ed:a1:1d:eb:5c:01:
ff:1e:7f:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTj/fAqfZQFf3vjKbNDb7KAnkBegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMDIwMDBaFw0yNTA5MTkxMDI1MDBaMDMxMTAvBgNV
BAMTKDMzRUFDMzBGNzgxRjI3QkMyQ0FEQkRDMDY5RkU4NzQ5RTRDODQxRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX61ILoo/ftHW/QUMeSAit6+li
8c3xMirR4c+Q939t25HULXNQqjqkzR/TUlrMSRzqHumX2OFCR79JqmPDzWVZ8Eax
ykxqR0yXJ0kQO5cX5xO+yoCwOKDXy6ohITa3YIgv+zaOgzcOVvFiCtTYxOhSgNKl
4wOET0tv5NBdZghAm0d5m3ZAG8doCa/7ozJFJcq/LCDN2RruWABRIOmYfIXhQ6Br
iDu8MzHDfNAB8R84/rNKiBi/OlcdqLhqo8RlK4ueqAk68An10ogBw6UiFzdnD9yl
MfM1XoKu2aLbyiiuJGtGlkR0uzrbZlayF+LC5kYlgCPiZWZyPYzLjbLqtr/RAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM+rDD3gfJ7wsrb3Aaf6HSeTIQeMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMx
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzAzOTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtangwDQYJKoZIhvcNAQELBQADggEBAI9jcHu2KcRy2bcN4l9gbwMTjgphDV4C
IpZsLrTe0t8FrhaGOVdvWC2+V/FxYswLoWH0MMQ89SLbCkniomyPAqoQqwQs3dWJ
KSsg/wr186hURRvVkPmjGLbMVNn7uEZ8DQvu2EdBIUEWriinH5pL7lmSignzfkQ9
maVX3KUZUZ2w088MsTO9jxaY48yZRS9myyQT7nkpO4o7bfR7xfYJ3H7hxeAE7IgQ
C9n+Oq2qeq7tAPkmxeenb9y+nTg7UtHzTVT7OZsS+Sy1lHzgKP8JmuNhl7OOexy0
BcgAy2PmZg2V845oxU0AMsmqPtncQHoBWCoGjCw+G+2hHetcAf8ef7M=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:44 2025 by rpki-client