Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38352e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e38352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EJHJIPdssxAY6jGO9yDPPN/BUtmjEDtO3ldjofDtNjs=
Subject key identifier: F1:F0:69:49:5B:BE:84:CF:89:19:09:0A:B0:9A:E7:76:4D:16:83:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F43A859D2F2B4AF5615EA8347F11497DDECBE60
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38352e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:36:53 +0000
ROA not before: Thu 14 Nov 2024 15:31:53 +0000
ROA not after: Thu 13 Nov 2025 15:36:53 +0000
asID: 136787
IP address blocks: 212.32.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:43:a8:59:d2:f2:b4:af:56:15:ea:83:47:f1:14:97:dd:ec:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:31:53 2024 GMT
Not After : Nov 13 15:36:53 2025 GMT
Subject: CN=F1F069495BBE84CF8919090AB09AE7764D1683B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8c:ab:80:e2:fd:f3:b2:17:18:38:5b:f3:76:
bd:31:8b:8c:67:b8:b3:44:c5:58:37:a4:94:16:28:
b5:e2:ce:53:09:69:e6:0c:45:3e:fb:e0:62:8d:f6:
9c:ef:bc:53:93:71:1a:37:64:46:09:36:d0:9f:0e:
37:bb:c9:34:21:68:33:56:a0:bb:f2:b0:7e:62:0c:
8f:5c:f7:60:30:14:8b:e2:df:fb:88:45:18:b0:00:
ba:46:c9:4f:38:2d:00:fa:8a:49:45:6d:e7:6a:98:
15:49:d8:97:63:4e:ed:8e:b9:81:9a:43:27:36:4f:
58:f7:f0:dd:88:ad:2a:52:0e:80:30:17:c1:74:0e:
c2:34:ab:8e:49:fd:3d:07:3d:05:8d:b8:90:4a:33:
2d:59:45:f9:53:b8:b2:77:8f:57:e5:83:7a:de:5e:
0a:10:28:09:33:5d:92:82:34:a5:ab:ae:f8:77:ad:
7b:c4:a3:f7:0f:ad:1a:3e:7f:df:60:15:2b:4a:1d:
14:ee:23:50:f5:b5:b4:95:3a:30:6f:79:ca:5f:1c:
d5:e5:66:4e:3e:ee:6f:f2:ff:c6:10:54:41:be:dd:
b9:a5:56:2d:9b:8a:5e:80:58:e9:67:0c:b6:48:a7:
24:96:d8:59:af:9b:b5:d7:67:eb:b6:50:64:cb:ea:
23:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F0:69:49:5B:BE:84:CF:89:19:09:0A:B0:9A:E7:76:4D:16:83:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.85.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:66:1b:d5:f2:03:82:ca:db:e3:06:d1:50:06:f3:e3:fd:3c:
8f:a0:4e:49:c6:3b:80:b0:d6:fa:03:e4:ed:d5:be:00:da:dc:
49:07:d5:c7:b8:61:2a:89:98:63:fc:f6:cc:a3:53:7b:ee:96:
6a:d2:68:a9:a1:1b:d6:1a:be:1d:2b:23:76:a7:75:14:ab:03:
af:82:94:a9:43:62:9e:40:b3:d6:25:25:c7:89:fe:19:c7:9e:
58:23:58:1d:1a:87:51:0a:a0:75:4a:dd:ac:3a:41:b0:a2:01:
46:8d:02:a2:1c:9c:b3:ea:40:b0:1d:dd:36:b4:65:61:0c:69:
e6:77:0d:9a:3c:03:bf:0c:c2:67:c6:ad:42:97:60:b7:9b:55:
c3:9d:75:e3:39:e8:14:b6:bf:41:9a:a7:e7:38:a2:2d:e9:e0:
42:46:6f:5e:cd:16:21:9b:40:f2:47:51:a7:84:df:2e:a0:40:
18:e8:6d:a5:12:1b:1b:ff:ec:f1:54:50:e9:57:22:e2:d0:09:
62:90:5e:54:d8:d7:52:a0:29:83:12:ac:10:c0:4f:6f:2a:08:
b0:7c:06:be:ec:90:37:f2:7c:ac:36:bd:12:bb:6f:18:55:bd:
47:01:47:1d:d7:21:a0:d0:f8:13:73:e1:57:71:b6:56:e1:0c:
42:4c:2d:46
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP0OoWdLytK9WFeqDR/EUl93svmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMxNTNaFw0yNTExMTMxNTM2NTNaMDMxMTAvBgNV
BAMTKEYxRjA2OTQ5NUJCRTg0Q0Y4OTE5MDkwQUIwOUFFNzc2NEQxNjgzQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqjKuA4v3zshcYOFvzdr0xi4xn
uLNExVg3pJQWKLXizlMJaeYMRT774GKN9pzvvFOTcRo3ZEYJNtCfDje7yTQhaDNW
oLvysH5iDI9c92AwFIvi3/uIRRiwALpGyU84LQD6iklFbedqmBVJ2JdjTu2OuYGa
Qyc2T1j38N2IrSpSDoAwF8F0DsI0q45J/T0HPQWNuJBKMy1ZRflTuLJ3j1flg3re
XgoQKAkzXZKCNKWrrvh3rXvEo/cPrRo+f99gFStKHRTuI1D1tbSVOjBvecpfHNXl
Zk4+7m/y/8YQVEG+3bmlVi2bil6AWOlnDLZIpySW2Fmvm7XXZ+u2UGTL6iMBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8fBpSVu+hM+JGQkKsJrndk0Wg7IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBVMA0GCSqGSIb3DQEBCwUAA4IBAQAeZhvV8gOCytvjBtFQBvPj/TyPoE5JxjuA
sNb6A+Tt1b4A2txJB9XHuGEqiZhj/PbMo1N77pZq0mipoRvWGr4dKyN2p3UUqwOv
gpSpQ2KeQLPWJSXHif4Zx55YI1gdGodRCqB1St2sOkGwogFGjQKiHJyz6kCwHd02
tGVhDGnmdw2aPAO/DMJnxq1Cl2C3m1XDnXXjOegUtr9BmqfnOKIt6eBCRm9ezRYh
m0DyR1GnhN8uoEAY6G2lEhsb/+zxVFDpVyLi0AlikF5U2NdSoCmDEqwQwE9vKgiw
fAa+7JA38nysNr0Su28YVb1HAUcd1yGg0PgTc+FXcbZW4QxCTC1G
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org