Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +2xc9djmyHblNAgFkEt2ohfrD9GMKuM4yM+RMEJ0is8=
Subject key identifier: 2B:7D:6F:6B:85:B7:EB:86:D3:C9:47:A1:6E:9A:3B:11:21:CB:3B:09
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F6D631CB22FA008B157CF215091930FE5802719
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:38 +0000
ROA not before: Fri 27 Dec 2024 19:39:38 +0000
ROA not after: Fri 26 Dec 2025 19:44:38 +0000
asID: 136787
IP address blocks: 212.97.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:6d:63:1c:b2:2f:a0:08:b1:57:cf:21:50:91:93:0f:e5:80:27:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:38 2024 GMT
Not After : Dec 26 19:44:38 2025 GMT
Subject: CN=2B7D6F6B85B7EB86D3C947A16E9A3B1121CB3B09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:48:f7:d4:6c:82:91:86:cd:7c:a9:36:c0:37:
30:69:5a:ad:5b:13:fa:e6:15:27:82:d0:6e:dc:84:
b1:31:15:cc:e6:79:c4:d7:6b:17:c1:09:80:69:cb:
d9:40:84:61:ab:4f:0b:d1:3a:43:4f:e5:6a:d8:37:
7c:1a:6a:40:19:46:23:ff:85:86:b1:d8:ab:70:3c:
59:c8:43:91:b0:94:45:56:2b:53:b1:b6:7d:74:2d:
bc:6d:5e:cf:27:2c:e3:8e:c5:02:20:cd:47:dc:5f:
b8:30:0f:c6:a3:e1:65:75:3c:9f:80:19:9b:e2:0d:
44:cc:b6:53:70:7a:aa:2a:d2:84:d1:c9:50:43:57:
21:b4:ae:5b:ec:b5:ee:4b:f1:bd:af:55:ac:48:65:
f0:18:f8:f9:f7:3f:3c:6e:57:ff:97:12:62:53:19:
6a:1b:cc:54:5e:74:99:f8:4c:4a:5d:cd:a9:78:06:
d6:ea:78:4d:5a:4f:35:22:09:6c:76:12:e7:66:f2:
1d:db:85:c1:bd:12:df:bb:b7:6a:b0:d0:c7:cd:83:
96:1d:87:94:00:01:b5:a1:d3:ae:da:af:62:cc:5d:
b0:57:2e:df:43:03:7e:71:f3:fe:13:09:ec:5b:70:
a7:6a:36:d8:f9:50:49:2b:26:ab:10:bc:7d:1d:11:
ee:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:7D:6F:6B:85:B7:EB:86:D3:C9:47:A1:6E:9A:3B:11:21:CB:3B:09
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.66.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f6:03:90:64:be:0e:88:bd:50:f7:f5:0a:e9:14:7e:dd:f7:
16:5d:e4:29:a9:de:c5:57:d1:db:d3:ed:65:12:17:23:ab:0e:
29:93:52:86:fb:3c:13:a7:91:55:50:c7:b8:8e:4e:9b:f1:0a:
31:03:64:b9:16:cb:e6:50:f5:16:87:26:36:56:5c:53:a3:2a:
e9:5a:64:e8:6e:1d:38:d6:90:bf:80:c2:a0:a9:d4:26:e0:bd:
91:31:92:05:33:d4:eb:19:19:d0:f7:41:b8:34:62:5f:ca:85:
8f:e5:0f:27:04:d3:9e:45:58:de:e4:44:0e:58:03:26:54:6a:
c5:9f:1c:90:87:6e:cb:ea:92:36:20:0f:8f:68:9f:df:4b:22:
d3:ff:ba:62:89:9f:35:8c:63:5f:f7:da:94:26:01:2e:36:9c:
c0:f5:14:fa:fb:ee:ff:62:93:e8:8d:17:92:64:74:6a:20:51:
6b:00:e2:dc:0e:8a:39:94:c8:dd:2f:f8:37:a8:a5:b3:5e:9c:
47:fd:0b:cd:df:e1:37:3b:b8:b7:f0:9b:68:25:fa:f4:42:f2:
b0:ec:bf:fb:9b:ea:df:6f:4c:27:09:88:64:af:ec:2a:af:9b:
cf:ac:15:70:e8:c7:3d:ab:65:93:93:4d:58:f2:3b:f4:d4:a4:
64:9c:ec:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL21jHLIvoAixV88hUJGTD+WAJxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzhaFw0yNTEyMjYxOTQ0MzhaMDMxMTAvBgNV
BAMTKDJCN0Q2RjZCODVCN0VCODZEM0M5NDdBMTZFOUEzQjExMjFDQjNCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqSPfUbIKRhs18qTbANzBpWq1b
E/rmFSeC0G7chLExFczmecTXaxfBCYBpy9lAhGGrTwvROkNP5WrYN3waakAZRiP/
hYax2KtwPFnIQ5GwlEVWK1Oxtn10LbxtXs8nLOOOxQIgzUfcX7gwD8aj4WV1PJ+A
GZviDUTMtlNweqoq0oTRyVBDVyG0rlvste5L8b2vVaxIZfAY+Pn3PzxuV/+XEmJT
GWobzFRedJn4TEpdzal4BtbqeE1aTzUiCWx2Eudm8h3bhcG9Et+7t2qw0MfNg5Yd
h5QAAbWh067ar2LMXbBXLt9DA35x8/4TCexbcKdqNtj5UEkrJqsQvH0dEe6NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUK31va4W364bTyUehbpo7ESHLOwkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFCMA0GCSqGSIb3DQEBCwUAA4IBAQBH9gOQZL4OiL1Q9/UK6RR+3fcWXeQpqd7F
V9Hb0+1lEhcjqw4pk1KG+zwTp5FVUMe4jk6b8QoxA2S5FsvmUPUWhyY2VlxToyrp
WmTobh041pC/gMKgqdQm4L2RMZIFM9TrGRnQ90G4NGJfyoWP5Q8nBNOeRVje5EQO
WAMmVGrFnxyQh27L6pI2IA+PaJ/fSyLT/7piiZ81jGNf99qUJgEuNpzA9RT6++7/
YpPojReSZHRqIFFrAOLcDoo5lMjdL/g3qKWzXpxH/QvN3+E3O7i38JtoJfr0QvKw
7L/7m+rfb0wnCYhkr+wqr5vPrBVw6Mc9q2WTk01Y8jv01KRknOwA
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:12:05 2025 by rpki-client