Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: UeVwVaCjH4Hd0zSPwwAQIx2qfPYm0qNcogyHDvTCO1E=
Subject key identifier: 38:78:8B:DA:E8:EA:25:07:0A:3E:85:71:3C:53:68:B8:00:4D:2D:A1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5811260335AE1B91A6975A6DC0F6D92988635FC6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:03:05 +0000
ROA not before: Fri 26 Jan 2024 18:58:05 +0000
ROA not after: Fri 24 Jan 2025 19:03:05 +0000
asID: 136787
IP address blocks: 212.97.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:11:26:03:35:ae:1b:91:a6:97:5a:6d:c0:f6:d9:29:88:63:5f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:58:05 2024 GMT
Not After : Jan 24 19:03:05 2025 GMT
Subject: CN=38788BDAE8EA25070A3E85713C5368B8004D2DA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1d:da:09:e2:d1:c8:65:6c:75:79:e6:27:c1:
09:15:f8:37:46:ad:cc:da:16:7b:52:63:c1:fa:94:
d0:c1:3e:20:5a:df:0d:10:17:a8:9d:29:05:2b:d2:
ee:26:c3:62:96:97:6e:6c:e6:52:a4:59:a1:74:77:
ad:53:d9:74:bf:f1:f1:0a:e4:52:af:44:de:01:5f:
f4:8c:f4:26:ed:40:41:bb:de:03:c4:e5:2c:4b:2e:
e0:f5:6e:01:8b:b3:c6:a9:10:5f:26:ca:86:8d:cf:
63:4f:79:44:22:18:dc:34:e2:4e:ef:9b:72:18:2a:
4b:53:56:77:b0:f8:32:3e:e9:5d:6c:af:c2:b8:10:
fe:74:93:fb:31:03:60:6f:5f:60:91:96:b2:f7:83:
c3:f8:3d:54:6e:fc:fd:72:fd:8d:70:d9:29:99:84:
ae:fd:c5:06:5a:e0:49:4e:de:2b:c0:5f:13:0f:86:
97:e4:8f:f1:08:1a:9e:e1:2c:f0:57:4a:0c:91:2d:
3f:ed:be:b8:ac:ca:53:9d:5f:89:65:22:52:8a:9d:
15:01:74:6d:0d:dd:61:20:2a:0b:64:b4:31:93:78:
39:68:56:71:19:5d:62:7f:4b:ed:fd:43:f7:82:7f:
6e:8e:a3:d7:16:4c:fe:c8:a4:7b:21:a9:d4:3e:d6:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:78:8B:DA:E8:EA:25:07:0A:3E:85:71:3C:53:68:B8:00:4D:2D:A1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.67.0/24
Signature Algorithm: sha256WithRSAEncryption
52:1e:e2:e5:9d:6e:2e:9f:53:8b:1a:e5:ee:37:f3:6d:de:46:
21:ba:aa:4b:11:64:96:5f:8d:5e:1d:63:76:f1:ca:ee:c0:c6:
fd:3e:cf:81:54:75:cf:dc:d6:26:b5:c6:76:83:b0:8d:ba:a4:
b4:74:36:79:97:e9:e6:ba:b9:41:9d:44:dc:3f:4b:d8:63:47:
9d:74:7c:c7:f7:be:ad:37:10:72:90:c5:b0:2c:66:bd:e7:81:
a1:8e:89:af:5e:bc:41:1b:44:f7:7e:c9:5f:ba:c5:a1:91:53:
d8:2e:cd:ba:21:00:27:1f:e7:f5:b9:7c:52:7c:23:0f:c6:e9:
75:60:38:cc:bf:5b:b0:74:cb:21:e9:95:83:f7:5a:90:ca:36:
ce:d0:eb:fb:34:ea:af:3c:8d:67:98:f4:8f:38:25:8e:1a:dc:
20:cf:d7:26:e3:b6:86:37:52:de:a0:47:81:d7:29:1f:9b:13:
20:ff:bb:17:c3:c8:7d:4c:f9:16:dc:02:5c:12:23:87:e5:6e:
30:34:11:9b:51:7b:69:d7:b8:27:1b:95:3d:f1:46:ce:8f:11:
f9:57:37:a5:37:bc:ea:52:ce:47:e7:44:d2:01:44:59:89:19:
d1:59:02:3c:18:88:ae:23:58:7c:01:33:6b:42:63:fe:45:b1:
00:10:b1:54
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWBEmAzWuG5Gml1ptwPbZKYhjX8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU4MDVaFw0yNTAxMjQxOTAzMDVaMDMxMTAvBgNV
BAMTKDM4Nzg4QkRBRThFQTI1MDcwQTNFODU3MTNDNTM2OEI4MDA0RDJEQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrHdoJ4tHIZWx1eeYnwQkV+DdG
rczaFntSY8H6lNDBPiBa3w0QF6idKQUr0u4mw2KWl25s5lKkWaF0d61T2XS/8fEK
5FKvRN4BX/SM9CbtQEG73gPE5SxLLuD1bgGLs8apEF8myoaNz2NPeUQiGNw04k7v
m3IYKktTVnew+DI+6V1sr8K4EP50k/sxA2BvX2CRlrL3g8P4PVRu/P1y/Y1w2SmZ
hK79xQZa4ElO3ivAXxMPhpfkj/EIGp7hLPBXSgyRLT/tvrisylOdX4llIlKKnRUB
dG0N3WEgKgtktDGTeDloVnEZXWJ/S+39Q/eCf26Oo9cWTP7IpHshqdQ+1u63AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOHiL2ujqJQcKPoVxPFNouABNLaEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFDMA0GCSqGSIb3DQEBCwUAA4IBAQBSHuLlnW4un1OLGuXuN/Nt3kYhuqpLEWSW
X41eHWN28cruwMb9Ps+BVHXP3NYmtcZ2g7CNuqS0dDZ5l+nmurlBnUTcP0vYY0ed
dHzH976tNxBykMWwLGa954GhjomvXrxBG0T3fslfusWhkVPYLs26IQAnH+f1uXxS
fCMPxul1YDjMv1uwdMsh6ZWD91qQyjbO0Ov7NOqvPI1nmPSPOCWOGtwgz9cm47aG
N1LeoEeB1ykfmxMg/7sXw8h9TPkW3AJcEiOH5W4wNBGbUXtp17gnG5U98UbOjxH5
VzelN7zqUs5H50TSAURZiRnRWQI8GIiuI1h8ATNrQmP+RbEAELFU
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org