Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: BAJFDRrxEzCnN+f+3usemdqayybzQr71laWsO0bp6k8=
Subject key identifier: 3C:81:46:2C:82:45:B3:B8:74:90:CD:E2:16:0E:C6:8A:31:3B:0B:45
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4EFA04E1A016CC8AF88C1898E688AEC40BC48F78
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:03:00 +0000
ROA not before: Fri 26 Jan 2024 18:58:00 +0000
ROA not after: Fri 24 Jan 2025 19:03:00 +0000
asID: 136787
IP address blocks: 212.97.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:fa:04:e1:a0:16:cc:8a:f8:8c:18:98:e6:88:ae:c4:0b:c4:8f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:58:00 2024 GMT
Not After : Jan 24 19:03:00 2025 GMT
Subject: CN=3C81462C8245B3B87490CDE2160EC68A313B0B45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c8:a3:81:df:10:6b:96:eb:cc:b4:d0:fc:f0:
5f:ce:72:47:15:4c:c2:74:df:34:40:ef:29:bc:16:
af:ea:84:2f:7e:76:42:14:56:08:c3:b8:f4:89:4f:
76:7b:0d:bc:f3:08:6c:9d:35:88:65:56:a5:e1:68:
d9:67:64:52:30:3b:02:44:66:27:3a:5f:a3:65:a9:
49:1c:f0:34:f9:c4:b6:6f:fa:40:f9:ba:72:11:58:
a8:7f:8a:8a:4c:c0:f1:73:b8:2a:60:11:21:1e:55:
15:23:fe:d6:63:d5:78:e1:1d:21:c3:5a:06:79:c8:
c9:f5:a9:3b:a5:8f:d4:65:15:3e:4a:29:88:3b:b8:
a3:77:3a:0d:13:79:fc:6d:55:4c:8c:c7:78:15:72:
51:30:2a:a8:d9:7c:9a:2e:d8:14:a3:f8:0b:6e:9d:
6b:5b:d4:98:ca:90:6c:99:3f:82:f2:78:d3:1c:d5:
80:aa:80:d2:b3:ab:12:ac:5e:17:9c:3d:37:85:ba:
08:af:f1:2d:86:b6:e6:98:b1:a0:cd:2c:7a:7d:65:
fe:aa:a4:7d:46:ec:33:b4:7f:fd:d1:2f:11:91:3a:
f3:bf:e7:39:b2:3d:07:ab:75:69:fd:be:4b:9c:4f:
4e:0a:51:7d:0d:45:9c:23:ba:79:2f:17:64:2d:88:
a0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:81:46:2C:82:45:B3:B8:74:90:CD:E2:16:0E:C6:8A:31:3B:0B:45
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.64.0/24
Signature Algorithm: sha256WithRSAEncryption
86:fc:2e:f7:d5:2c:1e:38:d7:90:29:68:e9:dc:d6:21:17:ba:
27:2d:17:db:1c:1b:4d:47:e1:56:6c:7c:83:72:bf:54:5b:38:
8c:6d:29:32:02:0e:42:ac:c4:03:24:ab:a8:7a:8d:9b:fd:17:
11:c1:0f:fe:5c:a9:b5:3c:5f:88:48:7a:d9:81:12:02:f6:cb:
95:9f:2b:f8:ff:0c:74:6a:3b:82:4a:5b:8b:f6:d0:54:46:22:
2a:d0:f3:77:84:fd:f2:71:ce:07:70:ee:39:9a:53:cb:e7:02:
2b:7f:b2:87:1d:97:7f:d1:98:ee:fc:82:0d:2c:63:cd:e8:16:
21:52:80:3c:58:b9:14:d8:af:b7:c5:bb:b7:1d:5a:f6:07:fd:
e9:64:86:6f:e9:3c:0c:5e:3e:c4:f5:e3:e9:3e:6d:9f:93:7c:
1f:33:5d:7a:92:d1:c4:09:b8:aa:7c:90:ed:9e:be:57:34:65:
8e:22:5c:b1:da:be:a5:fe:cd:94:12:02:a8:f7:fa:5a:6c:d1:
0c:8f:52:b5:c2:78:9d:e2:6d:91:75:a0:ff:82:3f:66:5c:b9:
f4:30:24:8f:4f:72:83:ea:8e:57:9d:c9:34:f4:0c:61:4e:44:
f3:b4:03:08:a6:26:c7:c6:91:07:e5:68:2f:9a:b7:1d:ef:50:
c1:dc:ea:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTvoE4aAWzIr4jBiY5oiuxAvEj3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU4MDBaFw0yNTAxMjQxOTAzMDBaMDMxMTAvBgNV
BAMTKDNDODE0NjJDODI0NUIzQjg3NDkwQ0RFMjE2MEVDNjhBMzEzQjBCNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTyKOB3xBrluvMtND88F/OckcV
TMJ03zRA7ym8Fq/qhC9+dkIUVgjDuPSJT3Z7DbzzCGydNYhlVqXhaNlnZFIwOwJE
Zic6X6NlqUkc8DT5xLZv+kD5unIRWKh/iopMwPFzuCpgESEeVRUj/tZj1XjhHSHD
WgZ5yMn1qTulj9RlFT5KKYg7uKN3Og0TefxtVUyMx3gVclEwKqjZfJou2BSj+Atu
nWtb1JjKkGyZP4LyeNMc1YCqgNKzqxKsXhecPTeFugiv8S2GtuaYsaDNLHp9Zf6q
pH1G7DO0f/3RLxGROvO/5zmyPQerdWn9vkucT04KUX0NRZwjunkvF2QtiKD7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPIFGLIJFs7h0kM3iFg7GijE7C0UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFAMA0GCSqGSIb3DQEBCwUAA4IBAQCG/C731SweONeQKWjp3NYhF7onLRfbHBtN
R+FWbHyDcr9UWziMbSkyAg5CrMQDJKuoeo2b/RcRwQ/+XKm1PF+ISHrZgRIC9suV
nyv4/wx0ajuCSluL9tBURiIq0PN3hP3ycc4HcO45mlPL5wIrf7KHHZd/0Zju/IIN
LGPN6BYhUoA8WLkU2K+3xbu3HVr2B/3pZIZv6TwMXj7E9ePpPm2fk3wfM116ktHE
CbiqfJDtnr5XNGWOIlyx2r6l/s2UEgKo9/pabNEMj1K1wnid4m2RdaD/gj9mXLn0
MCSPT3KD6o5Xnck09AxhTkTztAMIpibHxpEH5Wgvmrcd71DB3OqR
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org