Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38372e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 9TbFX2Hppl+0RfagZUSutkSCqclno21k2+VD7Cpqjw0=
Subject key identifier: CB:8C:15:C0:E8:EA:07:76:40:51:C1:CC:AE:5E:09:2B:45:12:A3:77
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 616065FF7074A0F8016A6FEBEB1B3C24557B0899
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:36:56 +0000
ROA not before: Thu 14 Nov 2024 15:31:56 +0000
ROA not after: Thu 13 Nov 2025 15:36:56 +0000
asID: 136787
IP address blocks: 212.32.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:60:65:ff:70:74:a0:f8:01:6a:6f:eb:eb:1b:3c:24:55:7b:08:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:31:56 2024 GMT
Not After : Nov 13 15:36:56 2025 GMT
Subject: CN=CB8C15C0E8EA07764051C1CCAE5E092B4512A377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:de:b0:39:e5:0b:21:73:b0:bc:68:92:c1:c2:
e6:e1:c3:fb:4a:3b:18:27:3a:2b:9d:05:f8:e4:65:
d8:d3:3f:72:ee:6a:5e:f8:0b:aa:83:5c:25:54:f9:
d5:b2:e4:40:43:3a:07:8b:e2:83:9e:ac:e2:3d:62:
fe:a3:f3:b0:2f:86:0c:6a:4d:1a:24:64:3b:eb:c3:
a2:ce:99:c3:20:89:cd:aa:9a:56:d4:5b:12:1a:8b:
e9:90:2d:aa:01:09:59:10:ab:4f:08:fb:d7:43:c1:
64:df:54:db:2e:f5:59:4e:4c:86:b4:9f:24:c9:d4:
11:ba:0c:4b:eb:b9:16:bf:d2:91:c6:42:36:4b:40:
43:dc:c0:56:ac:31:3a:50:ff:66:24:b4:b6:95:eb:
6f:d2:7a:d7:06:f5:73:80:b6:ad:9d:23:53:e0:ef:
4a:d8:51:db:57:12:a3:81:b2:f5:f9:32:67:3d:23:
6f:c9:fe:f4:9c:cc:ba:29:ad:19:29:9b:ae:71:79:
ea:7e:84:ec:6f:f3:6e:87:02:cd:51:50:ef:bf:7a:
89:c6:e1:92:7e:47:55:fe:84:34:47:33:d5:cf:35:
f2:8f:99:d3:3d:5b:9f:b0:fc:11:a7:96:6e:7b:48:
3a:4c:96:f1:ac:23:28:f2:e6:57:41:a7:62:3d:4f:
79:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8C:15:C0:E8:EA:07:76:40:51:C1:CC:AE:5E:09:2B:45:12:A3:77
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.87.0/24
Signature Algorithm: sha256WithRSAEncryption
10:0e:bd:85:28:ee:40:38:14:23:aa:62:5c:4e:1a:c9:56:5b:
a1:2b:91:f5:0b:bb:51:37:86:3b:e4:1b:55:16:75:7d:ab:7f:
bd:4a:77:4d:d2:45:00:99:d0:d3:74:03:03:ab:45:29:8f:fb:
2b:44:48:48:b7:90:05:76:92:5c:f5:8e:4c:d6:db:fb:27:52:
ed:b5:45:6f:58:1c:de:c6:9a:73:4c:9d:2b:50:4e:ac:10:32:
3b:d7:29:88:da:0e:6d:2c:7d:a6:4e:d9:41:44:63:7a:43:a2:
89:ed:ad:96:16:bc:7c:0a:73:cd:13:bb:81:44:e4:2e:f5:d0:
70:66:fa:2c:bd:79:37:89:d3:30:67:87:6a:da:ab:01:5b:e3:
8b:ef:bd:d3:03:69:83:94:eb:43:83:93:f1:28:e0:33:c1:3c:
18:76:b5:4c:2d:21:63:95:09:ce:fd:5e:7b:48:bf:e0:25:1e:
1f:63:be:99:b8:a2:8b:10:75:14:ac:07:0f:9f:5d:f4:8a:83:
bb:f1:25:8e:df:a9:92:6c:78:25:3e:d6:4c:71:d5:36:dc:2b:
a6:5d:65:36:2e:46:e0:36:d3:de:56:ae:8c:5e:e4:a2:b4:bf:
90:3b:56:ac:0d:a7:62:18:41:10:bd:25:92:8b:c1:67:52:03:
09:43:db:55
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYWBl/3B0oPgBam/r6xs8JFV7CJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMxNTZaFw0yNTExMTMxNTM2NTZaMDMxMTAvBgNV
BAMTKENCOEMxNUMwRThFQTA3NzY0MDUxQzFDQ0FFNUUwOTJCNDUxMkEzNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj3rA55Qshc7C8aJLBwubhw/tK
OxgnOiudBfjkZdjTP3Lual74C6qDXCVU+dWy5EBDOgeL4oOerOI9Yv6j87Avhgxq
TRokZDvrw6LOmcMgic2qmlbUWxIai+mQLaoBCVkQq08I+9dDwWTfVNsu9VlOTIa0
nyTJ1BG6DEvruRa/0pHGQjZLQEPcwFasMTpQ/2YktLaV62/SetcG9XOAtq2dI1Pg
70rYUdtXEqOBsvX5Mmc9I2/J/vSczLoprRkpm65xeep+hOxv826HAs1RUO+/eonG
4ZJ+R1X+hDRHM9XPNfKPmdM9W5+w/BGnlm57SDpMlvGsIyjy5ldBp2I9T3kLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUy4wVwOjqB3ZAUcHMrl4JK0USo3cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBXMA0GCSqGSIb3DQEBCwUAA4IBAQAQDr2FKO5AOBQjqmJcThrJVluhK5H1C7tR
N4Y75BtVFnV9q3+9SndN0kUAmdDTdAMDq0Upj/srREhIt5AFdpJc9Y5M1tv7J1Lt
tUVvWBzexppzTJ0rUE6sEDI71ymI2g5tLH2mTtlBRGN6Q6KJ7a2WFrx8CnPNE7uB
ROQu9dBwZvosvXk3idMwZ4dq2qsBW+OL773TA2mDlOtDg5PxKOAzwTwYdrVMLSFj
lQnO/V57SL/gJR4fY76ZuKKLEHUUrAcPn130ioO78SWO36mSbHglPtZMcdU23Cum
XWU2LkbgNtPeVq6MXuSitL+QO1asDadiGEEQvSWSi8FnUgMJQ9tV
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org