Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e39332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: oNkz72eZa1bmMGrrCq5g8j/L8Loy6ztnSbWfsvSNjlk=
Subject key identifier: 34:76:C0:C3:1F:1B:B6:B0:7F:7A:EE:6D:3D:DC:35:DA:13:75:34:CF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E051DA9F6229711FDE2A5C366E75A918A5C94A3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:37:05 +0000
ROA not before: Thu 14 Nov 2024 15:32:05 +0000
ROA not after: Thu 13 Nov 2025 15:37:05 +0000
asID: 136787
IP address blocks: 212.32.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:05:1d:a9:f6:22:97:11:fd:e2:a5:c3:66:e7:5a:91:8a:5c:94:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:32:05 2024 GMT
Not After : Nov 13 15:37:05 2025 GMT
Subject: CN=3476C0C31F1BB6B07F7AEE6D3DDC35DA137534CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:5c:d8:1f:c0:60:e6:c1:91:41:68:33:b4:
0e:10:28:b0:f1:af:34:5e:04:ba:21:13:e8:8e:a1:
83:77:b1:d9:72:6d:4d:44:06:2f:3b:f9:76:b7:ba:
12:4d:fb:ea:68:09:a2:d7:20:4c:8e:ee:40:ee:7c:
b8:2e:68:7c:8f:d5:89:33:7a:e5:51:dd:07:6b:7f:
7d:b6:e8:8e:f9:33:ca:29:2f:66:dc:32:f6:7f:02:
d1:4e:1c:41:c3:6e:6f:9f:dc:0e:64:f1:b5:30:10:
62:01:34:18:2a:be:a1:f6:32:96:63:c6:24:95:1a:
fb:de:cf:4c:e1:0c:31:ed:d7:10:96:f8:6b:5a:b3:
f6:b1:8b:e8:62:b6:79:8c:a2:c3:2b:e1:de:22:63:
28:80:e5:52:6b:42:ce:af:10:39:04:9e:9f:c7:16:
a4:ba:09:e3:45:9b:ae:f7:17:fe:b7:f9:4f:21:83:
7e:62:34:c1:e1:59:4a:c3:d2:bf:b4:91:48:31:57:
2d:93:0d:d8:fc:60:4d:9a:66:25:81:64:52:97:1b:
f8:e8:99:e6:a4:60:4a:fa:1b:61:1b:2b:71:fa:bf:
cc:4b:2c:9d:60:ee:b4:47:d5:ff:ad:42:33:7f:f5:
6c:35:bd:6c:23:00:72:a6:52:59:13:f3:9d:05:12:
46:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:76:C0:C3:1F:1B:B6:B0:7F:7A:EE:6D:3D:DC:35:DA:13:75:34:CF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.93.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6b:3e:2a:b2:cb:3a:75:22:7c:cf:03:1e:6d:12:da:1e:73:
41:d6:12:55:83:d1:a8:13:bd:b2:33:f8:bd:54:02:79:d4:0f:
04:a8:c8:74:b2:f1:d2:fe:0f:18:4e:0e:32:53:ba:ae:fa:4f:
c2:b6:c1:b4:32:70:b8:9f:b0:47:f8:c9:37:3f:94:0c:2b:68:
26:22:a3:f6:7e:a5:50:ec:e3:76:c1:07:52:30:ef:b1:dc:4d:
b1:eb:5e:c2:8e:ae:ec:a9:f1:f8:45:ff:e7:06:42:19:8b:52:
52:a7:e6:74:c3:ff:0b:e5:69:a3:12:24:ac:69:46:14:b9:bf:
c7:6b:a3:2b:5d:cd:b7:49:95:61:6c:4a:dd:89:d1:ea:f5:13:
9e:fd:d9:89:96:50:a5:7f:b7:27:dc:c7:23:f3:19:0d:08:60:
1a:1c:eb:f0:57:c2:b6:e8:59:af:86:70:9a:99:0c:68:86:ba:
1c:fc:05:88:6e:af:8b:c0:f3:d7:60:e3:a5:d5:58:ef:de:7a:
87:64:8e:34:da:20:c4:47:28:95:e1:d9:df:88:4d:7b:89:c8:
67:1b:4e:d4:c9:41:ee:e5:b9:5c:16:53:50:c1:20:ee:46:ef:
31:d8:16:16:22:fb:36:4e:58:06:37:40:b2:89:38:70:4d:4b:
f7:61:ff:ae
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDgUdqfYilxH94qXDZudakYpclKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMyMDVaFw0yNTExMTMxNTM3MDVaMDMxMTAvBgNV
BAMTKDM0NzZDMEMzMUYxQkI2QjA3RjdBRUU2RDNEREMzNURBMTM3NTM0Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx6lzYH8Bg5sGRQWgztA4QKLDx
rzReBLohE+iOoYN3sdlybU1EBi87+Xa3uhJN++poCaLXIEyO7kDufLguaHyP1Ykz
euVR3Qdrf3226I75M8opL2bcMvZ/AtFOHEHDbm+f3A5k8bUwEGIBNBgqvqH2MpZj
xiSVGvvez0zhDDHt1xCW+Gtas/axi+hitnmMosMr4d4iYyiA5VJrQs6vEDkEnp/H
FqS6CeNFm673F/63+U8hg35iNMHhWUrD0r+0kUgxVy2TDdj8YE2aZiWBZFKXG/jo
meakYEr6G2EbK3H6v8xLLJ1g7rRH1f+tQjN/9Ww1vWwjAHKmUlkT850FEkbrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNHbAwx8btrB/eu5tPdw12hN1NM8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzOTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBdMA0GCSqGSIb3DQEBCwUAA4IBAQA9az4qsss6dSJ8zwMebRLaHnNB1hJVg9Go
E72yM/i9VAJ51A8EqMh0svHS/g8YTg4yU7qu+k/CtsG0MnC4n7BH+Mk3P5QMK2gm
IqP2fqVQ7ON2wQdSMO+x3E2x617Cjq7sqfH4Rf/nBkIZi1JSp+Z0w/8L5WmjEiSs
aUYUub/Ha6MrXc23SZVhbErdidHq9ROe/dmJllClf7cn3Mcj8xkNCGAaHOvwV8K2
6FmvhnCamQxohroc/AWIbq+LwPPXYOOl1Vjv3nqHZI402iDERyiV4dnfiE17ichn
G07UyUHu5blcFlNQwSDuRu8x2BYWIvs2TlgGN0CyiThwTUv3Yf+u
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org