Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38392e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e38392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FkPsuzkSRi0JqM+PlaAHpyDkRaxXzo9w24nzoslniUU=
Subject key identifier: 9D:AB:7E:A2:1A:19:23:5F:59:58:F1:C0:60:70:17:89:91:EE:C9:A3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 63682B3A6ABEEDD42D8050D0C4F2499264275316
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38392e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:36:58 +0000
ROA not before: Thu 14 Nov 2024 15:31:58 +0000
ROA not after: Thu 13 Nov 2025 15:36:58 +0000
asID: 136787
IP address blocks: 212.32.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:68:2b:3a:6a:be:ed:d4:2d:80:50:d0:c4:f2:49:92:64:27:53:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:31:58 2024 GMT
Not After : Nov 13 15:36:58 2025 GMT
Subject: CN=9DAB7EA21A19235F5958F1C06070178991EEC9A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:ab:f7:98:a7:a8:40:99:93:39:a3:d3:d4:
44:fc:7f:fa:74:2b:8d:f0:43:c9:dd:3d:bf:b1:37:
b7:f9:26:1d:6f:56:8e:0e:d8:65:b2:97:94:04:e7:
fa:8f:24:00:74:cc:0e:d1:2f:26:b7:cc:76:d9:fb:
d9:0c:66:af:39:ae:2d:b2:50:8a:7a:5c:a7:9f:ad:
9d:f5:0d:7e:aa:d5:91:a0:86:64:6a:39:78:8f:33:
d7:23:fa:46:78:2a:d4:c3:71:88:63:b3:18:a8:98:
48:62:23:95:94:75:c3:92:0b:d5:9a:02:70:50:dc:
35:c5:3d:99:ce:c2:17:b1:56:ae:0b:84:86:c8:8c:
79:e1:f3:ec:be:b9:56:ab:53:dd:2d:83:4f:a0:55:
d3:52:89:88:5f:50:5a:c0:14:3a:fb:11:76:19:24:
10:f3:8a:42:30:9d:3e:6e:3f:99:61:b6:1e:e4:bb:
ed:d8:fe:76:df:f5:2e:00:d2:fd:6c:72:25:f4:d3:
29:e5:ca:72:fa:28:55:0d:fb:b3:90:ff:2f:23:0e:
ec:16:9c:fa:b8:f7:8b:56:86:d4:15:8c:f5:a3:b2:
89:08:e6:61:b6:38:6f:23:82:8b:10:22:f0:d8:a9:
d3:0e:bf:5c:8d:9c:a9:c2:28:95:7e:38:87:9c:ca:
57:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:7E:A2:1A:19:23:5F:59:58:F1:C0:60:70:17:89:91:EE:C9:A3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.89.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:cf:e7:e1:55:3d:cb:0e:be:c0:fc:22:8b:12:ee:dc:48:94:
26:45:a9:79:37:88:31:29:47:3d:d0:c8:65:19:b4:4e:67:3b:
c9:92:03:f7:7d:c0:4f:29:fb:88:12:6b:e3:09:b2:d1:0c:0b:
aa:14:19:44:09:2b:75:bd:f4:45:2e:7e:0e:a1:99:42:90:fa:
11:26:2c:74:e2:ca:52:56:67:c6:6f:ba:ed:82:c0:e4:8d:2c:
e6:ea:c0:5b:b1:30:eb:0c:b5:48:df:5e:1f:49:7b:e5:8b:e3:
20:93:9d:e9:23:6d:e8:88:f8:58:d3:1a:0b:f0:59:af:3f:84:
98:66:33:ff:b2:66:c1:53:45:8f:2d:75:34:96:dd:3b:3d:9c:
df:40:bf:63:44:83:61:1e:15:02:83:b8:17:ff:3f:27:f3:3d:
51:63:e9:8b:5c:72:bb:f1:c4:59:0e:3b:1c:ed:40:a0:70:f0:
e7:82:96:1f:b9:05:0f:ef:0f:2b:b3:d4:64:33:9f:e6:a3:40:
44:13:33:2b:3a:e8:26:b0:23:08:e8:2c:3e:6b:67:55:48:b3:
b8:49:40:5a:9f:bb:45:91:8e:97:94:40:e0:de:0c:19:72:ec:
ab:5c:e5:dd:4a:6a:1a:7f:49:8b:82:58:07:c1:48:44:4a:e8:
2d:4e:e3:be
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUY2grOmq+7dQtgFDQxPJJkmQnUxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMxNThaFw0yNTExMTMxNTM2NThaMDMxMTAvBgNV
BAMTKDlEQUI3RUEyMUExOTIzNUY1OTU4RjFDMDYwNzAxNzg5OTFFRUM5QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfav3mKeoQJmTOaPT1ET8f/p0
K43wQ8ndPb+xN7f5Jh1vVo4O2GWyl5QE5/qPJAB0zA7RLya3zHbZ+9kMZq85ri2y
UIp6XKefrZ31DX6q1ZGghmRqOXiPM9cj+kZ4KtTDcYhjsxiomEhiI5WUdcOSC9Wa
AnBQ3DXFPZnOwhexVq4LhIbIjHnh8+y+uVarU90tg0+gVdNSiYhfUFrAFDr7EXYZ
JBDzikIwnT5uP5lhth7ku+3Y/nbf9S4A0v1sciX00ynlynL6KFUN+7OQ/y8jDuwW
nPq494tWhtQVjPWjsokI5mG2OG8jgosQIvDYqdMOv1yNnKnCKJV+OIecylcnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnat+ohoZI19ZWPHAYHAXiZHuyaMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBZMA0GCSqGSIb3DQEBCwUAA4IBAQAqz+fhVT3LDr7A/CKLEu7cSJQmRal5N4gx
KUc90MhlGbROZzvJkgP3fcBPKfuIEmvjCbLRDAuqFBlECSt1vfRFLn4OoZlCkPoR
Jix04spSVmfGb7rtgsDkjSzm6sBbsTDrDLVI314fSXvli+Mgk53pI23oiPhY0xoL
8FmvP4SYZjP/smbBU0WPLXU0lt07PZzfQL9jRINhHhUCg7gX/z8n8z1RY+mLXHK7
8cRZDjsc7UCgcPDngpYfuQUP7w8rs9RkM5/mo0BEEzMrOugmsCMI6Cw+a2dVSLO4
SUBan7tFkY6XlEDg3gwZcuyrXOXdSmoaf0mLglgHwUhESugtTuO+
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org