Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: nxPcGC69MEk0qtb8ZcQg5N6J+KpGLnI+0cMM0uSa9WA=
Subject key identifier: DA:32:94:68:A7:60:10:E4:CC:C6:AD:BA:1A:7D:F2:87:5B:92:88:F0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1DF7D112725DA7225523880916AE2C7DD70AB8BD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:03:03 +0000
ROA not before: Fri 26 Jan 2024 18:58:03 +0000
ROA not after: Fri 24 Jan 2025 19:03:03 +0000
asID: 136787
IP address blocks: 212.97.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f7:d1:12:72:5d:a7:22:55:23:88:09:16:ae:2c:7d:d7:0a:b8:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:58:03 2024 GMT
Not After : Jan 24 19:03:03 2025 GMT
Subject: CN=DA329468A76010E4CCC6ADBA1A7DF2875B9288F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:8d:b2:08:7c:f2:39:93:29:92:f0:d3:45:6c:
d6:20:9f:40:4e:a0:46:c5:7f:09:6a:41:99:37:80:
55:ef:bc:54:75:f4:4e:2e:fb:f9:35:fa:21:cb:33:
14:8e:94:8f:05:41:71:84:f9:92:a2:36:44:7c:07:
9a:7f:23:c0:fb:50:23:85:84:b0:2f:91:44:1a:6d:
ab:0a:54:55:5a:b7:5c:15:48:0d:ed:65:1f:b8:a7:
c7:f5:06:9e:92:96:f9:64:09:72:a8:13:8d:0b:33:
dc:c5:8e:c1:06:88:49:5c:30:ef:04:c5:d0:9c:dc:
c0:5c:c9:0a:4d:cb:81:00:91:44:8c:b5:fb:3b:a7:
18:f8:b9:ed:cb:b2:ce:0a:0a:bf:96:88:81:07:e7:
88:a0:03:c0:45:3e:da:44:62:5c:4b:ef:87:aa:ec:
4a:b5:6b:9d:fc:13:25:00:de:79:8c:23:5d:2f:5a:
aa:83:d7:b3:30:7f:ff:53:64:90:a0:81:6c:ad:d9:
9b:c1:dc:3f:f6:d0:94:27:47:d0:8c:ae:29:39:82:
c8:ac:70:f5:97:27:09:1a:75:7c:d0:ad:c5:78:e1:
27:1c:8b:bc:20:9e:0c:2f:64:c2:f3:63:dc:a8:5e:
3e:65:25:69:d5:73:37:fa:b1:a8:cd:1c:a2:28:5a:
94:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:32:94:68:A7:60:10:E4:CC:C6:AD:BA:1A:7D:F2:87:5B:92:88:F0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.66.0/24
Signature Algorithm: sha256WithRSAEncryption
72:59:69:39:e0:75:3e:7a:b2:86:da:52:a2:bd:25:99:0c:4a:
5c:ad:25:f2:d5:7e:ee:07:da:1e:27:b1:59:c9:cc:95:0f:58:
23:5c:50:2a:aa:1f:98:c8:27:93:a4:7b:a3:f8:18:e7:50:42:
3d:1f:eb:10:b2:22:2e:ad:a8:1b:1b:17:0f:2c:c2:73:70:5c:
0a:62:8d:fa:1f:c0:1f:41:34:dd:ce:af:a0:85:22:bb:e7:64:
b5:8e:89:f1:00:a5:25:4e:96:95:58:0f:a2:b8:44:66:b6:0d:
fe:fa:57:5d:8a:7d:ea:74:44:18:a5:ac:8b:42:2c:51:a2:7c:
38:6d:aa:5b:d4:0f:61:39:4e:9c:c9:40:b8:39:69:7b:73:bc:
be:18:5f:58:cd:62:f8:1c:07:14:c6:e4:aa:40:d9:4a:18:80:
87:c9:5d:82:cf:7e:5b:ea:0b:13:a2:14:67:ed:17:40:6d:3e:
a2:e7:66:c0:0a:81:79:3d:59:ea:23:e3:87:f8:d7:73:9d:d1:
d9:d4:32:7d:00:5e:a3:2c:c1:33:5b:92:b1:9a:a1:8d:69:b2:
b4:d8:0d:ce:1e:89:e0:ba:ca:f9:38:83:ab:5f:90:29:5a:9c:
84:7c:ee:36:94:e5:c9:21:d2:51:48:70:e7:2c:a9:62:f6:ec:
b6:b8:3f:8f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHffREnJdpyJVI4gJFq4sfdcKuL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU4MDNaFw0yNTAxMjQxOTAzMDNaMDMxMTAvBgNV
BAMTKERBMzI5NDY4QTc2MDEwRTRDQ0M2QURCQTFBN0RGMjg3NUI5Mjg4RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5jbIIfPI5kymS8NNFbNYgn0BO
oEbFfwlqQZk3gFXvvFR19E4u+/k1+iHLMxSOlI8FQXGE+ZKiNkR8B5p/I8D7UCOF
hLAvkUQabasKVFVat1wVSA3tZR+4p8f1Bp6SlvlkCXKoE40LM9zFjsEGiElcMO8E
xdCc3MBcyQpNy4EAkUSMtfs7pxj4ue3Lss4KCr+WiIEH54igA8BFPtpEYlxL74eq
7Eq1a538EyUA3nmMI10vWqqD17Mwf/9TZJCggWyt2ZvB3D/20JQnR9CMrik5gsis
cPWXJwkadXzQrcV44Scci7wgngwvZMLzY9yoXj5lJWnVczf6sajNHKIoWpRRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2jKUaKdgEOTMxq26Gn3yh1uSiPAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFCMA0GCSqGSIb3DQEBCwUAA4IBAQByWWk54HU+erKG2lKivSWZDEpcrSXy1X7u
B9oeJ7FZycyVD1gjXFAqqh+YyCeTpHuj+BjnUEI9H+sQsiIuragbGxcPLMJzcFwK
Yo36H8AfQTTdzq+ghSK752S1jonxAKUlTpaVWA+iuERmtg3++lddin3qdEQYpayL
QixRonw4bapb1A9hOU6cyUC4OWl7c7y+GF9YzWL4HAcUxuSqQNlKGICHyV2Cz35b
6gsTohRn7RdAbT6i52bACoF5PVnqI+OH+NdzndHZ1DJ9AF6jLMEzW5KxmqGNabK0
2A3OHongusr5OIOrX5ApWpyEfO42lOXJIdJRSHDnLKli9uy2uD+P
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org