Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kEF1CgTGvem2PYtvEp7jLdo8geyGP8h3t62A3B/2cOE=
Subject key identifier: 39:77:49:59:7D:A5:D2:56:92:0A:B4:B9:98:86:57:07:D2:64:E8:BB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 48698BB14F736229A00555351B48ED8CB9F1D25E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 31 Dec 2024 19:44:42 +0000
ROA not before: Tue 31 Dec 2024 19:39:42 +0000
ROA not after: Tue 30 Dec 2025 19:44:42 +0000
asID: 136787
IP address blocks: 212.97.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:69:8b:b1:4f:73:62:29:a0:05:55:35:1b:48:ed:8c:b9:f1:d2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 31 19:39:42 2024 GMT
Not After : Dec 30 19:44:42 2025 GMT
Subject: CN=397749597DA5D256920AB4B998865707D264E8BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:0a:2e:e0:50:8f:c7:d3:7b:f7:b1:35:ee:
5e:b8:6a:1f:9c:d3:eb:e5:b3:d5:71:22:29:80:1b:
2b:41:0b:bb:58:04:47:bd:a3:33:a9:da:0f:5c:49:
af:f8:4b:c2:d1:81:9f:b1:e5:b1:d1:e0:e1:e3:7f:
f3:3a:9d:ee:94:19:c0:b4:d6:30:18:c7:50:f6:75:
ee:b3:63:05:f7:cc:0f:2f:42:a4:46:ae:b9:d5:2c:
32:dd:5b:28:6d:1e:72:39:09:06:ed:5a:39:49:bb:
b9:5d:d8:b1:60:1b:fb:27:c3:42:93:77:3e:e4:ed:
86:95:98:50:15:1b:ca:d5:a4:86:29:a6:ba:65:1b:
ae:40:28:06:22:12:d4:f0:66:23:a7:8a:f5:58:4c:
44:25:c8:0c:f0:96:f5:02:f6:2f:63:a8:51:0f:d8:
7d:8c:91:5c:4f:dc:5a:30:13:34:51:f9:49:8f:4b:
48:c5:34:35:34:ef:57:48:70:6f:22:3c:6b:37:62:
68:9b:54:2b:81:d8:1b:08:16:98:8a:88:24:25:33:
04:a9:65:0f:c5:05:59:23:1e:77:06:06:41:cc:fa:
6d:13:03:6d:81:3e:da:e6:ca:62:d4:ca:de:c9:80:
b0:a0:69:98:84:2a:0c:4f:c3:68:90:06:09:70:88:
6a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:77:49:59:7D:A5:D2:56:92:0A:B4:B9:98:86:57:07:D2:64:E8:BB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.69.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ee:53:2f:8f:33:92:07:76:be:b7:32:66:2c:f6:c5:f7:0a:
e0:bb:15:15:19:53:40:9a:ae:be:6c:a4:bf:0b:2e:b2:c3:78:
c5:53:5d:fc:6a:0e:aa:36:64:54:15:40:4b:b8:80:e6:9c:8e:
b1:0b:ce:fb:76:8a:4a:92:cd:50:ac:fc:91:c9:6d:9c:d3:44:
25:d6:c8:95:da:ac:10:04:b9:f1:20:4b:0d:dd:a5:e6:3e:e5:
78:6e:8a:2e:76:49:8f:22:1e:27:fa:e6:0a:9b:31:5a:01:5f:
3d:82:a6:7d:f5:d4:fe:7b:2c:dd:c7:05:2b:47:f6:21:e1:0b:
7e:0c:6f:05:39:8c:81:6d:b5:3b:f9:81:9a:e6:9e:1b:e5:dc:
9a:b2:a6:f0:24:d2:c5:5d:97:d7:f6:c4:39:b7:bd:7b:89:2e:
51:3f:0e:49:c0:bc:f9:53:46:07:cb:97:13:6e:98:4b:be:2f:
b9:b5:cc:4d:72:9f:d2:09:46:ec:43:a0:e4:ff:f8:fd:5c:9a:
5a:97:33:6d:83:ed:4d:64:ce:2c:28:0c:8d:02:50:26:9b:a5:
37:1f:e3:c7:66:33:b9:53:24:1c:0e:af:85:2a:75:dc:bb:2d:
5c:29:78:79:4a:03:0b:93:64:a7:6b:bf:be:6a:73:a2:fe:0c:
ff:96:3f:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSGmLsU9zYimgBVU1G0jtjLnx0l4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMzExOTM5NDJaFw0yNTEyMzAxOTQ0NDJaMDMxMTAvBgNV
BAMTKDM5Nzc0OTU5N0RBNUQyNTY5MjBBQjRCOTk4ODY1NzA3RDI2NEU4QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvlQou4FCPx9N797E17l64ah+c
0+vls9VxIimAGytBC7tYBEe9ozOp2g9cSa/4S8LRgZ+x5bHR4OHjf/M6ne6UGcC0
1jAYx1D2de6zYwX3zA8vQqRGrrnVLDLdWyhtHnI5CQbtWjlJu7ld2LFgG/snw0KT
dz7k7YaVmFAVG8rVpIYpprplG65AKAYiEtTwZiOnivVYTEQlyAzwlvUC9i9jqFEP
2H2MkVxP3FowEzRR+UmPS0jFNDU071dIcG8iPGs3YmibVCuB2BsIFpiKiCQlMwSp
ZQ/FBVkjHncGBkHM+m0TA22BPtrmymLUyt7JgLCgaZiEKgxPw2iQBglwiGqRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOXdJWX2l0laSCrS5mIZXB9Jk6LswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFFMA0GCSqGSIb3DQEBCwUAA4IBAQAc7lMvjzOSB3a+tzJmLPbF9wrguxUVGVNA
mq6+bKS/Cy6yw3jFU138ag6qNmRUFUBLuIDmnI6xC877dopKks1QrPyRyW2c00Ql
1siV2qwQBLnxIEsN3aXmPuV4booudkmPIh4n+uYKmzFaAV89gqZ99dT+eyzdxwUr
R/Yh4Qt+DG8FOYyBbbU7+YGa5p4b5dyasqbwJNLFXZfX9sQ5t717iS5RPw5JwLz5
U0YHy5cTbphLvi+5tcxNcp/SCUbsQ6Dk//j9XJpalzNtg+1NZM4sKAyNAlAmm6U3
H+PHZjO5UyQcDq+FKnXcuy1cKXh5SgMLk2Sna7++anOi/gz/lj8B
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:14:13 2025 by rpki-client