Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132322e302f32342d3234203d3e203330393637.roa
File: 3130392e3130362e3132322e302f32342d3234203d3e203330393637.roa (raw, json)
Hash identifier: k2LskNiAJDRMZ1TtC0utB6TACi2ZIth8p5jWDGAZ8M4=
Subject key identifier: 75:32:E8:0B:4A:5B:34:5E:C7:34:D2:0B:FB:67:04:D5:50:52:44:FD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 70224B690BC745B8E1CAF56BE837F60F375A268E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132322e302f32342d3234203d3e203330393637.roa
Signing time: Fri 20 Sep 2024 10:25:16 +0000
ROA not before: Fri 20 Sep 2024 10:20:16 +0000
ROA not after: Fri 19 Sep 2025 10:25:16 +0000
asID: 30967
IP address blocks: 109.106.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:22:4b:69:0b:c7:45:b8:e1:ca:f5:6b:e8:37:f6:0f:37:5a:26:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 10:20:16 2024 GMT
Not After : Sep 19 10:25:16 2025 GMT
Subject: CN=7532E80B4A5B345EC734D20BFB6704D5505244FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ae:31:8a:43:87:88:3c:ef:5d:9c:e0:40:6c:
05:4c:99:83:ba:72:8e:9a:81:c4:a8:55:52:e9:36:
80:54:15:55:dc:c5:8e:ee:dd:32:6a:9a:1e:01:d3:
b6:00:88:12:38:76:f6:92:d2:eb:0f:3b:fa:a4:f3:
cc:6d:43:16:e6:b5:e6:8c:99:86:3c:53:cb:3a:c0:
75:e4:89:05:12:e0:97:78:94:dd:75:6b:fe:f3:da:
17:ac:b7:e3:10:a8:20:3a:6f:5e:84:97:da:d6:98:
81:ad:a8:ba:af:ff:fe:44:9d:2b:8d:52:97:0e:e3:
ae:25:a8:b0:0a:aa:fa:0a:91:a2:cf:c3:84:59:bc:
26:ad:eb:0f:67:46:31:97:4f:95:73:7f:ee:e2:1f:
cf:90:7f:b5:8a:d6:47:fe:6c:b2:e6:51:04:4a:6a:
a7:57:bd:85:3c:21:b0:67:51:98:51:23:3f:6c:12:
e1:eb:b7:9c:9b:07:58:fb:2e:f1:08:aa:ab:83:0c:
0f:c2:de:be:43:d5:95:3e:6f:08:42:6b:8d:1e:79:
38:64:80:56:7c:6b:3f:6b:6c:ea:d2:f4:ed:4c:46:
b4:bb:9f:67:d3:15:53:67:c1:51:8a:ec:56:18:46:
6b:79:9f:dc:7a:68:57:f9:51:3e:8c:e9:f8:63:90:
67:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:32:E8:0B:4A:5B:34:5E:C7:34:D2:0B:FB:67:04:D5:50:52:44:FD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132322e302f32342d3234203d3e203330393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.122.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0e:79:31:d9:24:9d:32:9c:6b:ff:2b:8a:6d:2a:36:ed:7c:
6b:e3:92:8f:f4:69:0e:75:54:4a:28:c0:73:3b:f3:4b:85:c2:
db:f3:54:1f:24:2c:b2:37:95:b2:c6:fd:c6:1d:2b:b7:61:b1:
00:23:16:96:cc:30:e2:bc:01:37:0b:94:07:7a:bb:36:34:e1:
a2:2a:62:cb:33:5b:a1:ca:08:77:43:9e:bc:75:37:58:3e:f4:
98:a6:a3:9a:cf:42:8f:fb:25:bb:f7:59:ba:ee:44:48:cb:73:
b8:f4:a9:80:53:4c:6a:49:2b:09:c0:8b:a2:df:dc:5f:18:5c:
e1:a4:e8:32:98:c2:65:b9:83:96:52:d2:91:4a:59:9f:31:66:
85:a4:45:4c:24:f5:f7:db:27:4e:c2:18:cf:18:68:64:b6:00:
11:16:31:1f:62:cf:da:5c:5f:b5:fb:ba:a9:f2:2a:9b:40:f7:
1e:83:1d:f0:76:e8:a4:f3:a0:24:3a:54:41:42:39:d8:e8:77:
fb:84:31:05:fd:03:18:11:1d:0c:f2:28:88:8c:68:58:6f:f8:
68:29:3f:d6:d2:a9:3c:be:7d:04:d8:e0:7f:c1:bd:f6:e3:e5:
a6:2d:f6:be:71:25:0c:ab:36:65:f7:d1:30:4d:da:35:b3:77:
cb:4d:65:0f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcCJLaQvHRbjhyvVr6Df2DzdaJo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMDIwMTZaFw0yNTA5MTkxMDI1MTZaMDMxMTAvBgNV
BAMTKDc1MzJFODBCNEE1QjM0NUVDNzM0RDIwQkZCNjcwNEQ1NTA1MjQ0RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6rjGKQ4eIPO9dnOBAbAVMmYO6
co6agcSoVVLpNoBUFVXcxY7u3TJqmh4B07YAiBI4dvaS0usPO/qk88xtQxbmteaM
mYY8U8s6wHXkiQUS4Jd4lN11a/7z2hest+MQqCA6b16El9rWmIGtqLqv//5EnSuN
UpcO464lqLAKqvoKkaLPw4RZvCat6w9nRjGXT5Vzf+7iH8+Qf7WK1kf+bLLmUQRK
aqdXvYU8IbBnUZhRIz9sEuHrt5ybB1j7LvEIqquDDA/C3r5D1ZU+bwhCa40eeThk
gFZ8az9rbOrS9O1MRrS7n2fTFVNnwVGK7FYYRmt5n9x6aFf5UT6M6fhjkGdrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdTLoC0pbNF7HNNIL+2cE1VBSRP0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMx
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzAzOTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtanowDQYJKoZIhvcNAQELBQADggEBAIQOeTHZJJ0ynGv/K4ptKjbtfGvjko/0
aQ51VEoowHM780uFwtvzVB8kLLI3lbLG/cYdK7dhsQAjFpbMMOK8ATcLlAd6uzY0
4aIqYsszW6HKCHdDnrx1N1g+9Jimo5rPQo/7Jbv3WbruREjLc7j0qYBTTGpJKwnA
i6Lf3F8YXOGk6DKYwmW5g5ZS0pFKWZ8xZoWkRUwk9ffbJ07CGM8YaGS2ABEWMR9i
z9pcX7X7uqnyKptA9x6DHfB26KTzoCQ6VEFCOdjod/uEMQX9AxgRHQzyKIiMaFhv
+GgpP9bSqTy+fQTY4H/Bvfbj5aYt9r5xJQyrNmX30TBN2jWzd8tNZQ8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org