Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: llY2Q2wfvc9OVqy4QF/lZzSDaKkHmMuy/yUBZgYvQ24=
Subject key identifier: 7B:1E:67:2D:A2:B2:71:32:D2:C2:02:B0:BF:05:89:24:3D:F7:BD:06
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6255BEAFB34CD4AD990677244CBD17B681AA6548
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:38 +0000
ROA not before: Fri 27 Dec 2024 19:39:38 +0000
ROA not after: Fri 26 Dec 2025 19:44:38 +0000
asID: 136787
IP address blocks: 212.97.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:55:be:af:b3:4c:d4:ad:99:06:77:24:4c:bd:17:b6:81:aa:65:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:38 2024 GMT
Not After : Dec 26 19:44:38 2025 GMT
Subject: CN=7B1E672DA2B27132D2C202B0BF0589243DF7BD06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:26:0f:e7:e1:9c:64:74:26:1f:09:b1:e4:
07:62:a1:60:18:fb:58:81:f3:47:2a:b5:b3:48:ba:
41:58:b5:a3:69:4d:b1:20:44:85:b7:16:fa:fc:3d:
ac:f5:45:9f:2c:bf:4f:47:b3:10:a2:4f:d3:2a:2d:
6c:f9:b1:9c:17:fc:5e:c1:25:74:64:d5:66:05:c4:
b4:85:3f:fa:3b:63:9f:a7:c0:44:30:7a:1a:5d:65:
80:8b:42:6f:5a:14:d8:04:a1:ab:be:9f:82:f9:63:
04:20:e9:7b:c5:52:4f:85:d7:e7:e4:81:0f:b7:b6:
b0:b2:9d:9f:c3:cd:7d:ea:47:41:8a:2b:0a:7a:21:
85:dc:5a:05:9b:31:b6:d7:f7:ff:ec:4f:ba:84:71:
a1:59:61:e7:6e:9f:32:19:29:26:65:fa:af:1f:1e:
30:9d:63:28:e3:96:20:7b:64:b8:7f:18:7c:43:42:
ab:4d:f9:cc:5a:d5:8c:ab:ab:67:86:b6:cd:47:69:
95:83:20:d7:21:c8:05:5a:c3:e3:1f:b4:02:87:04:
9d:8c:e9:0e:f1:42:2a:ff:d8:2f:d5:97:49:0d:07:
19:04:1e:7f:6d:a6:c6:78:97:df:78:21:b3:f8:e1:
6e:e4:d9:d7:1e:c0:60:6d:de:09:ca:fc:10:67:29:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1E:67:2D:A2:B2:71:32:D2:C2:02:B0:BF:05:89:24:3D:F7:BD:06
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.67.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c5:b9:a8:83:30:8b:90:a7:c2:d5:11:76:b2:53:51:07:29:
7b:29:e6:e3:38:25:1a:11:d6:99:66:10:85:83:3b:32:73:b6:
2b:cd:39:0c:77:66:24:24:d8:a8:b2:e1:5f:88:47:8d:14:8a:
d2:e1:eb:d5:14:76:7e:e6:d8:21:18:5f:21:57:60:6b:50:11:
6e:e6:f7:3f:d6:74:52:8d:01:41:e9:76:86:19:5c:89:5f:ab:
59:6d:76:20:0a:31:7d:d3:d3:a5:0c:a0:a7:37:96:60:e4:37:
48:22:90:ab:7e:cb:7c:d2:1c:54:0b:65:de:1c:99:f9:8a:30:
ff:62:0c:89:96:16:bf:e6:5f:50:1e:dd:b9:84:83:31:c2:56:
b0:00:aa:a4:1f:10:0d:33:0c:f0:cf:df:d6:fb:f2:5a:cf:b3:
56:07:65:7b:55:06:5f:53:bd:ef:dd:44:3f:05:e8:67:22:e9:
d1:54:af:1c:0d:19:08:c3:86:2c:e2:85:ea:f4:a3:be:ef:3f:
0b:72:3a:eb:bc:02:1c:c5:23:1a:c4:a7:1f:8a:c9:80:ef:ad:
f9:bf:f6:6a:c6:b0:60:cf:be:1c:64:8e:c0:b9:99:c5:19:12:
c4:6f:c3:fb:78:12:18:1e:1a:dd:e7:83:59:2d:38:d3:b7:e3:
e2:38:8d:d5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYlW+r7NM1K2ZBnckTL0XtoGqZUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzhaFw0yNTEyMjYxOTQ0MzhaMDMxMTAvBgNV
BAMTKDdCMUU2NzJEQTJCMjcxMzJEMkMyMDJCMEJGMDU4OTI0M0RGN0JEMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBViYP5+GcZHQmHwmx5AdioWAY
+1iB80cqtbNIukFYtaNpTbEgRIW3Fvr8Paz1RZ8sv09HsxCiT9MqLWz5sZwX/F7B
JXRk1WYFxLSFP/o7Y5+nwEQwehpdZYCLQm9aFNgEoau+n4L5YwQg6XvFUk+F1+fk
gQ+3trCynZ/DzX3qR0GKKwp6IYXcWgWbMbbX9//sT7qEcaFZYedunzIZKSZl+q8f
HjCdYyjjliB7ZLh/GHxDQqtN+cxa1Yyrq2eGts1HaZWDINchyAVaw+MftAKHBJ2M
6Q7xQir/2C/Vl0kNBxkEHn9tpsZ4l994IbP44W7k2dcewGBt3gnK/BBnKWc3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUex5nLaKycTLSwgKwvwWJJD33vQYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFDMA0GCSqGSIb3DQEBCwUAA4IBAQB0xbmogzCLkKfC1RF2slNRByl7KebjOCUa
EdaZZhCFgzsyc7YrzTkMd2YkJNiosuFfiEeNFIrS4evVFHZ+5tghGF8hV2BrUBFu
5vc/1nRSjQFB6XaGGVyJX6tZbXYgCjF909OlDKCnN5Zg5DdIIpCrfst80hxUC2Xe
HJn5ijD/YgyJlha/5l9QHt25hIMxwlawAKqkHxANMwzwz9/W+/Jaz7NWB2V7VQZf
U73v3UQ/BehnIunRVK8cDRkIw4Ys4oXq9KO+7z8LcjrrvAIcxSMaxKcfismA7635
v/ZqxrBgz74cZI7AuZnFGRLEb8P7eBIYHhrd54NZLTjTt+PiOI3V
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:15 2025 by rpki-client