Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: UxfRV2GJjTXpje30zwwU1SiHMV0pnTLFciZL92tV+zo=
Subject key identifier: E7:63:B4:83:91:F0:B9:EE:00:28:7F:9F:F2:CC:15:85:DC:93:68:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6440E47C71797E259B3BDE955215549384FC118D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:41 +0000
ROA not before: Fri 27 Dec 2024 19:39:41 +0000
ROA not after: Fri 26 Dec 2025 19:44:41 +0000
asID: 136787
IP address blocks: 212.97.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:40:e4:7c:71:79:7e:25:9b:3b:de:95:52:15:54:93:84:fc:11:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:41 2024 GMT
Not After : Dec 26 19:44:41 2025 GMT
Subject: CN=E763B48391F0B9EE00287F9FF2CC1585DC93687C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bb:8f:df:88:85:17:0f:89:22:1f:a6:f6:1d:
72:cb:e7:f3:66:e4:96:2b:8c:ae:00:c1:b7:70:c7:
12:eb:13:32:0f:bf:dc:c1:ea:fe:86:78:e2:56:42:
9b:d1:9d:ab:20:ac:f8:82:10:56:61:ec:82:f8:87:
c6:45:f3:cb:96:b0:fe:4a:1e:8e:0a:1d:7f:22:a9:
cb:ca:3d:d9:a3:e6:8f:38:22:c4:dc:e9:73:1f:81:
e5:13:fe:05:bb:c1:72:55:f2:bf:43:c9:a6:40:f3:
f4:31:2c:a1:29:08:c0:bf:e9:93:a6:f3:6e:19:a9:
8f:28:09:82:70:5d:39:19:b0:2e:41:ad:51:20:d0:
3c:fc:86:ee:3a:82:fb:58:da:5b:1b:f7:ef:44:80:
bb:08:89:63:92:c5:f3:a8:2a:15:52:bd:8b:b1:05:
9a:7b:25:f1:92:41:23:35:81:eb:98:a2:07:a3:04:
15:dc:4a:da:09:0a:b7:5f:06:c2:01:45:21:fb:9b:
48:97:b4:e2:ce:09:2d:d9:af:63:89:c9:3d:99:1d:
5e:f0:73:01:af:f8:7d:c8:81:96:5a:a4:9d:d1:1f:
8f:f9:69:14:1b:1a:6d:7e:cb:3d:19:8c:1a:d0:88:
84:43:ce:ac:44:8f:33:72:71:a9:d0:d4:a3:ef:4d:
c2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:63:B4:83:91:F0:B9:EE:00:28:7F:9F:F2:CC:15:85:DC:93:68:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c1:fe:00:5a:da:ee:68:4c:68:a8:67:20:ef:a3:15:eb:b8:
ff:67:b4:d6:7d:22:fc:69:23:88:d0:c0:69:ef:d5:df:ca:cc:
06:82:dc:bc:bd:04:ea:10:c8:f8:81:11:05:55:06:bd:72:5b:
cc:e6:a8:35:2c:15:46:c5:e9:1e:d0:7f:c6:0c:ff:13:6b:94:
31:6a:a0:ab:28:da:09:7b:68:76:3f:c1:9f:53:6d:ac:ec:72:
8f:e0:e7:8c:c2:74:56:0e:8a:ea:bb:f0:09:55:ab:cc:a2:cc:
dd:cd:d2:53:81:eb:c1:64:d5:c3:80:52:5d:ee:f4:c5:78:73:
58:87:45:e9:28:df:97:30:42:06:b4:30:7c:e3:e4:a3:1a:bc:
1e:ad:9d:c3:2d:00:0d:b4:58:a8:7e:ad:90:7c:b1:9a:d9:4e:
b3:e9:cb:36:9f:c6:a8:90:56:c6:71:7b:fd:91:d7:2c:60:28:
91:50:19:ee:e4:56:9c:55:bc:29:15:5f:12:a5:10:31:d3:09:
bf:d0:c2:c2:70:33:1d:18:8e:80:cc:01:05:82:83:2d:d4:1c:
3f:62:ee:f9:84:bf:9e:e2:f7:14:c6:97:94:fb:a6:6a:d4:57:
b2:55:f3:5e:81:be:85:b8:4a:e5:38:5d:63:f6:ff:10:41:e7:
20:be:ed:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZEDkfHF5fiWbO96VUhVUk4T8EY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5NDFaFw0yNTEyMjYxOTQ0NDFaMDMxMTAvBgNV
BAMTKEU3NjNCNDgzOTFGMEI5RUUwMDI4N0Y5RkYyQ0MxNTg1REM5MzY4N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3u4/fiIUXD4kiH6b2HXLL5/Nm
5JYrjK4AwbdwxxLrEzIPv9zB6v6GeOJWQpvRnasgrPiCEFZh7IL4h8ZF88uWsP5K
Ho4KHX8iqcvKPdmj5o84IsTc6XMfgeUT/gW7wXJV8r9DyaZA8/QxLKEpCMC/6ZOm
824ZqY8oCYJwXTkZsC5BrVEg0Dz8hu46gvtY2lsb9+9EgLsIiWOSxfOoKhVSvYux
BZp7JfGSQSM1geuYogejBBXcStoJCrdfBsIBRSH7m0iXtOLOCS3Zr2OJyT2ZHV7w
cwGv+H3IgZZapJ3RH4/5aRQbGm1+yz0ZjBrQiIRDzqxEjzNycanQ1KPvTcJLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU52O0g5Hwue4AKH+f8swVhdyTaHwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFAMA0GCSqGSIb3DQEBCwUAA4IBAQANwf4AWtruaExoqGcg76MV67j/Z7TWfSL8
aSOI0MBp79XfyswGgty8vQTqEMj4gREFVQa9clvM5qg1LBVGxeke0H/GDP8Ta5Qx
aqCrKNoJe2h2P8GfU22s7HKP4OeMwnRWDorqu/AJVavMoszdzdJTgevBZNXDgFJd
7vTFeHNYh0XpKN+XMEIGtDB84+SjGrwerZ3DLQANtFiofq2QfLGa2U6z6cs2n8ao
kFbGcXv9kdcsYCiRUBnu5FacVbwpFV8SpRAx0wm/0MLCcDMdGI6AzAEFgoMt1Bw/
Yu75hL+e4vcUxpeU+6Zq1FeyVfNegb6FuErlOF1j9v8QQecgvu2e
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:23 2025 by rpki-client