Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39322e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e39322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: mWmDy+8qC0PU5B6qeE775U83UlM31pNK83EuoCCPABk=
Subject key identifier: EC:8F:C4:EF:51:3A:7A:24:AC:36:B4:54:01:60:68:41:60:10:3F:68
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 058457114CCCC04A2825EDC9DC5986DAFD03D9B4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39322e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:37:03 +0000
ROA not before: Thu 14 Nov 2024 15:32:03 +0000
ROA not after: Thu 13 Nov 2025 15:37:03 +0000
asID: 136787
IP address blocks: 212.32.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:84:57:11:4c:cc:c0:4a:28:25:ed:c9:dc:59:86:da:fd:03:d9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:32:03 2024 GMT
Not After : Nov 13 15:37:03 2025 GMT
Subject: CN=EC8FC4EF513A7A24AC36B4540160684160103F68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fc:3c:86:ce:e4:4c:60:32:8b:af:62:0a:3d:
3c:4f:7c:23:da:3f:46:a7:24:c2:ab:89:6f:3a:d9:
54:ea:f9:8f:5e:1e:d0:60:39:44:af:b3:23:59:3c:
43:8e:92:46:e6:11:92:a3:b6:fe:90:2f:18:5d:0c:
da:f1:ce:6e:f5:34:2e:00:87:d4:74:a5:49:48:a6:
46:d5:17:82:3c:f9:5f:22:bb:80:d1:cd:84:40:ad:
cd:ed:d4:e9:37:30:a5:dc:39:e6:e5:24:de:3b:b1:
4e:11:8c:0b:96:9c:d5:18:de:ff:78:c8:bd:f0:06:
6a:59:bc:3e:0f:f3:3a:04:e2:95:52:de:4a:69:4a:
03:22:63:40:7b:6c:2c:a6:5a:38:32:68:96:91:9e:
18:65:91:6e:5e:53:cd:a8:e9:dc:2d:af:a1:b9:5a:
21:02:12:79:c5:ac:3b:4c:cd:d6:f2:f9:f2:1e:e6:
2c:92:5f:9e:cd:df:b2:db:54:71:70:05:63:d1:78:
67:c8:8a:9b:d0:24:19:76:91:6e:f2:28:16:17:38:
7f:55:b2:1b:39:3c:34:c1:9f:e0:c5:e0:05:6d:8c:
e2:ae:a3:dd:92:26:da:5e:9f:d8:ec:ef:ac:2f:c8:
0f:79:da:9c:c3:7a:ee:2c:a0:77:32:46:60:f0:fe:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8F:C4:EF:51:3A:7A:24:AC:36:B4:54:01:60:68:41:60:10:3F:68
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.92.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2b:60:c1:73:e9:bf:c5:b2:be:98:ca:bc:54:3a:d0:8c:31:
c9:32:9a:97:22:73:be:ee:de:65:c2:a7:83:b5:8d:02:af:df:
5e:02:9f:8f:7f:c2:28:1c:d4:59:7f:67:9c:25:3e:fc:46:2f:
c3:ce:49:d8:2c:7c:eb:f9:ed:c4:24:e8:88:9c:55:5a:3e:75:
db:a1:b8:80:50:5a:ed:e7:d2:a4:bf:06:84:2e:d2:26:4e:f5:
0d:68:81:d9:55:68:58:be:2c:26:74:a3:86:b4:42:ff:10:a1:
e1:c9:5e:94:d4:6b:72:89:7d:a0:b5:3b:b2:47:23:6c:6a:d8:
c8:f4:d1:5e:b5:34:07:26:69:ca:d5:c2:24:c8:42:ff:fb:6e:
a8:81:6d:bb:fb:66:24:98:41:c7:18:d8:81:c3:8c:1e:37:a9:
67:11:ed:cd:d5:fd:96:4d:c7:da:ec:04:8f:e8:0a:49:6b:8c:
2b:bd:c4:87:9a:49:0b:06:e2:3f:0f:4c:89:56:a3:d1:3f:4f:
5a:ba:00:a7:ab:cd:1f:09:11:f3:e1:5e:e5:c8:3b:35:df:65:
e0:90:46:26:2e:7c:a9:92:fa:82:bd:28:b1:a3:10:7d:47:92:
3f:1e:8f:83:49:0e:40:2a:5c:4d:54:a4:91:c2:f4:7c:db:36:
07:08:10:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBYRXEUzMwEooJe3J3FmG2v0D2bQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMyMDNaFw0yNTExMTMxNTM3MDNaMDMxMTAvBgNV
BAMTKEVDOEZDNEVGNTEzQTdBMjRBQzM2QjQ1NDAxNjA2ODQxNjAxMDNGNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3/DyGzuRMYDKLr2IKPTxPfCPa
P0anJMKriW862VTq+Y9eHtBgOUSvsyNZPEOOkkbmEZKjtv6QLxhdDNrxzm71NC4A
h9R0pUlIpkbVF4I8+V8iu4DRzYRArc3t1Ok3MKXcOeblJN47sU4RjAuWnNUY3v94
yL3wBmpZvD4P8zoE4pVS3kppSgMiY0B7bCymWjgyaJaRnhhlkW5eU82o6dwtr6G5
WiECEnnFrDtMzdby+fIe5iySX57N37LbVHFwBWPReGfIipvQJBl2kW7yKBYXOH9V
shs5PDTBn+DF4AVtjOKuo92SJtpen9js76wvyA952pzDeu4soHcyRmDw/lJ9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7I/E71E6eiSsNrRUAWBoQWAQP2gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzOTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBcMA0GCSqGSIb3DQEBCwUAA4IBAQCMK2DBc+m/xbK+mMq8VDrQjDHJMpqXInO+
7t5lwqeDtY0Cr99eAp+Pf8IoHNRZf2ecJT78Ri/DzknYLHzr+e3EJOiInFVaPnXb
obiAUFrt59KkvwaELtImTvUNaIHZVWhYviwmdKOGtEL/EKHhyV6U1GtyiX2gtTuy
RyNsatjI9NFetTQHJmnK1cIkyEL/+26ogW27+2YkmEHHGNiBw4weN6lnEe3N1f2W
Tcfa7ASP6ApJa4wrvcSHmkkLBuI/D0yJVqPRP09augCnq80fCRHz4V7lyDs132Xg
kEYmLnypkvqCvSixoxB9R5I/Ho+DSQ5AKlxNVKSRwvR82zYHCBAB
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org