Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e36392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: bZuDhvU1KTg43L8tGg68nA+L3JV6P0m2UaG0zXJ8oQs=
Subject key identifier: 72:4F:6A:F9:2B:12:2E:42:C7:5E:7E:55:A9:52:BD:01:E1:82:3A:0D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2B3235E707AB528EC4AD7CEAD0B407E4472E91E6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 30 Jan 2024 19:25:40 +0000
ROA not before: Tue 30 Jan 2024 19:20:40 +0000
ROA not after: Tue 28 Jan 2025 19:25:40 +0000
asID: 136787
IP address blocks: 212.97.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:32:35:e7:07:ab:52:8e:c4:ad:7c:ea:d0:b4:07:e4:47:2e:91:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 30 19:20:40 2024 GMT
Not After : Jan 28 19:25:40 2025 GMT
Subject: CN=724F6AF92B122E42C75E7E55A952BD01E1823A0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3a:44:74:1f:28:9a:af:27:5a:7d:4a:90:3c:
f1:6a:01:d5:ea:14:29:77:39:2a:9f:91:07:67:41:
ae:cf:79:9c:70:79:31:03:ae:f2:d8:61:e9:0c:c6:
37:8a:69:38:81:f2:2a:7d:0a:10:f4:d0:53:48:af:
e7:1f:ff:8e:a1:0f:dc:d9:f9:54:b4:e2:34:dc:7f:
37:6f:e4:bd:f3:89:22:dd:db:d8:b1:54:b6:87:aa:
05:56:c3:d2:cb:8f:77:f9:fc:1b:8f:ad:9c:f8:71:
6e:08:d6:8e:a5:0b:31:0f:7b:c4:69:20:fd:30:2c:
fc:81:a8:d8:d3:2f:db:48:a0:38:40:66:35:ab:fb:
6a:f9:e0:5d:b9:c6:f9:fe:cc:00:ad:b9:8a:73:e1:
ce:bc:d2:30:68:e0:39:4e:e5:be:22:a9:05:d6:5d:
d1:f7:b8:e9:c7:c8:f9:0b:12:5b:89:be:49:c2:c0:
35:21:c6:84:0e:c0:e2:b3:99:8c:9b:c2:aa:26:c5:
74:87:7a:48:2d:98:24:3e:43:00:a9:2a:22:93:01:
1c:fa:fe:90:d3:df:88:73:9c:48:3a:52:50:a2:11:
25:28:2c:23:d1:cf:d9:a1:db:16:c2:4a:fe:92:b6:
69:81:9d:9c:18:9a:6f:f4:dc:b0:9e:ee:ee:f9:5d:
d5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4F:6A:F9:2B:12:2E:42:C7:5E:7E:55:A9:52:BD:01:E1:82:3A:0D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.69.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ca:f5:4b:75:f4:c9:d9:97:7c:73:f8:ce:15:83:eb:cf:67:
e7:83:9a:b1:90:ac:6b:4f:34:82:26:ba:cc:ad:1f:22:46:59:
bc:79:74:90:dd:48:f3:56:18:f6:77:2f:c4:16:1c:30:b8:23:
ae:17:99:fa:25:eb:01:c1:3e:09:ce:4a:f0:15:9d:7b:6c:6a:
ff:86:1c:af:32:57:f3:fb:1c:8f:61:5e:e1:f9:b3:e2:bb:7b:
2d:9b:30:ef:d0:85:dc:c0:9a:35:87:93:32:00:2a:ba:58:ae:
04:36:28:e6:c2:30:09:45:72:75:55:40:c0:b9:a7:f0:20:c4:
7f:7d:72:dc:7f:ef:ea:31:70:14:24:ad:1f:96:dd:2b:0f:cb:
3b:50:30:f2:a7:a6:12:93:69:81:12:17:a2:b6:e3:6b:5f:da:
1c:ac:b5:5a:79:f2:b2:2b:75:d4:c7:2a:fe:24:9a:02:d6:f1:
af:98:02:af:60:59:90:c1:d1:9a:ce:d1:a9:57:32:a3:a8:a6:
61:00:92:44:43:24:ae:4d:ff:52:d2:80:5f:f2:4d:46:de:d0:
62:39:d8:0f:a9:69:02:3c:dd:96:47:be:74:8e:41:31:ec:89:
ad:c3:eb:b7:9e:c5:22:0d:b0:90:52:d8:6d:de:a6:b8:51:73:
76:fd:ec:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKzI15werUo7ErXzq0LQH5EcukeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMzAxOTIwNDBaFw0yNTAxMjgxOTI1NDBaMDMxMTAvBgNV
BAMTKDcyNEY2QUY5MkIxMjJFNDJDNzVFN0U1NUE5NTJCRDAxRTE4MjNBMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChOkR0HyiarydafUqQPPFqAdXq
FCl3OSqfkQdnQa7PeZxweTEDrvLYYekMxjeKaTiB8ip9ChD00FNIr+cf/46hD9zZ
+VS04jTcfzdv5L3ziSLd29ixVLaHqgVWw9LLj3f5/BuPrZz4cW4I1o6lCzEPe8Rp
IP0wLPyBqNjTL9tIoDhAZjWr+2r54F25xvn+zACtuYpz4c680jBo4DlO5b4iqQXW
XdH3uOnHyPkLEluJvknCwDUhxoQOwOKzmYybwqomxXSHekgtmCQ+QwCpKiKTARz6
/pDT34hznEg6UlCiESUoLCPRz9mh2xbCSv6StmmBnZwYmm/03LCe7u75XdW3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUck9q+SsSLkLHXn5VqVK9AeGCOg0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFFMA0GCSqGSIb3DQEBCwUAA4IBAQBhyvVLdfTJ2Zd8c/jOFYPrz2fng5qxkKxr
TzSCJrrMrR8iRlm8eXSQ3UjzVhj2dy/EFhwwuCOuF5n6JesBwT4JzkrwFZ17bGr/
hhyvMlfz+xyPYV7h+bPiu3stmzDv0IXcwJo1h5MyACq6WK4ENijmwjAJRXJ1VUDA
uafwIMR/fXLcf+/qMXAUJK0flt0rD8s7UDDyp6YSk2mBEheituNrX9ocrLVaefKy
K3XUxyr+JJoC1vGvmAKvYFmQwdGaztGpVzKjqKZhAJJEQySuTf9S0oBf8k1G3tBi
OdgPqWkCPN2WR750jkEx7Imtw+u3nsUiDbCQUtht3qa4UXN2/exO
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:59 2024 by rpki-client on console-ams.rpki-client.org