Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e3130322e3130322e302f32342d3234203d3e20383334.roa
File: 3231322e3130322e3130322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: NFQxX4Fv/TrAgRQ2RoUL8xuhJBpeHtUJueKHIeWiUpk=
Subject key identifier: 03:FF:84:D8:35:07:5F:45:83:A4:5F:82:AA:13:66:59:73:37:6E:E4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 18DFA1AF09AF74C1F753C059A2C86B7DCFF290BD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e3130322e3130322e302f32342d3234203d3e20383334.roa
Signing time: Thu 14 Sep 2023 07:53:22 +0000
ROA not before: Thu 14 Sep 2023 07:48:22 +0000
ROA not after: Thu 12 Sep 2024 07:53:22 +0000
asID: 834
IP address blocks: 212.102.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:df:a1:af:09:af:74:c1:f7:53:c0:59:a2:c8:6b:7d:cf:f2:90:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 14 07:48:22 2023 GMT
Not After : Sep 12 07:53:22 2024 GMT
Subject: CN=03FF84D835075F4583A45F82AA13665973376EE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:94:11:8a:4e:bf:97:e5:dd:aa:7e:4a:9a:e9:
2a:dd:c7:36:d1:93:02:22:38:d8:04:9a:f1:fe:c6:
f2:0c:fc:41:f1:d4:84:4c:d0:4a:2a:90:e7:4c:d0:
38:86:b6:3c:d8:c3:ac:8c:d1:c6:f9:10:60:76:7b:
5c:ba:d7:b2:8d:85:d9:1a:08:f8:80:66:41:f7:de:
a1:bf:6f:8b:a9:aa:b3:f0:09:9f:eb:5a:de:9c:48:
d6:b0:b3:74:ed:10:e2:44:d1:9e:2e:91:76:7d:08:
56:00:e5:07:db:00:cc:46:ba:66:69:22:da:34:45:
82:6d:16:6a:a9:3a:6b:99:80:43:f9:49:c0:af:d2:
f2:8d:1c:6b:7e:33:9f:e5:23:95:0d:58:5b:b9:82:
ea:82:db:62:1a:44:53:5b:15:a6:8e:88:98:86:f2:
1a:84:3f:65:e6:21:0c:47:64:4f:8d:bc:d6:ce:d8:
82:81:a0:26:b6:fc:c8:ad:58:09:8a:57:29:78:5e:
26:1d:3a:1d:87:a5:21:a0:0f:9b:97:10:6d:d4:ad:
19:40:3a:3d:fa:a8:08:35:d3:ff:1d:04:67:4d:94:
98:e9:55:aa:ce:15:17:23:fa:1b:da:29:c8:bd:ba:
7f:69:21:3a:91:6a:71:5c:81:b0:b9:4f:b4:70:3a:
2b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:84:D8:35:07:5F:45:83:A4:5F:82:AA:13:66:59:73:37:6E:E4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e3130322e3130322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.102.102.0/24
Signature Algorithm: sha256WithRSAEncryption
46:36:9b:3f:7d:cd:81:f4:3d:7a:74:5a:68:ff:23:24:e7:6b:
7c:ce:f6:ac:9a:f2:37:1f:47:6d:7b:0a:b2:53:36:1d:b7:06:
da:38:c6:39:d5:2e:9e:fb:24:ba:d4:8a:52:33:c7:f9:3f:45:
4a:0f:b4:a6:f0:84:32:30:d3:35:44:7c:e2:f1:e6:1b:2d:de:
65:1d:5b:3d:fc:dd:18:4a:32:72:55:c6:24:89:fc:14:14:f2:
26:60:54:ee:d6:98:5e:5d:55:cc:f2:cc:38:25:73:ea:31:9c:
7a:e0:5d:1a:d2:09:74:c6:2c:24:8c:77:1b:71:9a:22:1f:a1:
79:6e:04:b4:c8:68:ff:7b:70:82:9b:7c:c8:b4:b3:64:92:f9:
45:f2:15:95:e7:e5:27:b0:c2:63:e4:ce:2c:8a:0f:ba:ad:13:
7b:bf:52:5b:56:4f:86:d3:df:87:6e:8a:89:c0:95:df:0a:5d:
b7:6f:23:02:5c:5f:83:90:71:4c:5c:2f:99:ef:85:86:c7:e8:
df:cc:7d:16:46:9b:01:67:f6:b1:83:55:96:59:87:71:9c:c0:
be:c3:ed:56:6a:af:76:23:88:6e:39:0f:82:06:aa:36:f1:21:
9b:73:00:8c:64:8a:cd:fe:6f:11:05:bb:87:79:3a:0d:bd:fe:
1c:0b:72:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGN+hrwmvdMH3U8BZoshrfc/ykL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MTQwNzQ4MjJaFw0yNDA5MTIwNzUzMjJaMDMxMTAvBgNV
BAMTKDAzRkY4NEQ4MzUwNzVGNDU4M0E0NUY4MkFBMTM2NjU5NzMzNzZFRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRlBGKTr+X5d2qfkqa6SrdxzbR
kwIiONgEmvH+xvIM/EHx1IRM0EoqkOdM0DiGtjzYw6yM0cb5EGB2e1y617KNhdka
CPiAZkH33qG/b4upqrPwCZ/rWt6cSNaws3TtEOJE0Z4ukXZ9CFYA5QfbAMxGumZp
Ito0RYJtFmqpOmuZgEP5ScCv0vKNHGt+M5/lI5UNWFu5guqC22IaRFNbFaaOiJiG
8hqEP2XmIQxHZE+NvNbO2IKBoCa2/MitWAmKVyl4XiYdOh2HpSGgD5uXEG3UrRlA
Oj36qAg10/8dBGdNlJjpVarOFRcj+hvaKci9un9pITqRanFcgbC5T7RwOisLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUA/+E2DUHX0WDpF+CqhNmWXM3buQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMTMwMzIyZTMx
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRm
ZjANBgkqhkiG9w0BAQsFAAOCAQEARjabP33NgfQ9enRaaP8jJOdrfM72rJryNx9H
bXsKslM2HbcG2jjGOdUunvskutSKUjPH+T9FSg+0pvCEMjDTNUR84vHmGy3eZR1b
PfzdGEoyclXGJIn8FBTyJmBU7taYXl1VzPLMOCVz6jGceuBdGtIJdMYsJIx3G3Ga
Ih+heW4EtMho/3twgpt8yLSzZJL5RfIVleflJ7DCY+TOLIoPuq0Te79SW1ZPhtPf
h26KicCV3wpdt28jAlxfg5BxTFwvme+Fhsfo38x9FkabAWf2sYNVllmHcZzAvsPt
VmqvdiOIbjkPggaqNvEhm3MAjGSKzf5vEQW7h3k6Db3+HAtyOg==
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:45 2024 by rpki-client on console-fra.rpki-client.org