Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: WIkJJVIzO6o7jA/45Berp6bIMPvXVm69dShKZxD7lt0=
Subject key identifier: 2E:AC:E7:BA:8F:06:2C:B2:5C:C5:F8:F8:EF:54:D7:0C:39:1E:64:A1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6BC54AD0D09F29E32441ADA597F67874ABA51CA1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 31 Dec 2024 19:44:42 +0000
ROA not before: Tue 31 Dec 2024 19:39:42 +0000
ROA not after: Tue 30 Dec 2025 19:44:42 +0000
asID: 136787
IP address blocks: 212.97.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:c5:4a:d0:d0:9f:29:e3:24:41:ad:a5:97:f6:78:74:ab:a5:1c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 31 19:39:42 2024 GMT
Not After : Dec 30 19:44:42 2025 GMT
Subject: CN=2EACE7BA8F062CB25CC5F8F8EF54D70C391E64A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:39:28:ad:8e:0f:9a:91:60:09:85:f5:5b:
f6:e3:08:1e:e0:f8:3f:ef:dc:13:33:bc:1f:92:7a:
95:b9:fc:9a:55:26:13:84:55:94:1b:f0:26:86:23:
6c:dc:03:5b:d7:30:fe:dc:54:92:cc:20:94:bc:79:
77:8d:a7:e2:52:fa:bf:ac:53:d1:46:29:22:ea:3d:
44:f8:5d:52:de:35:78:57:7c:24:c2:9c:23:9b:59:
ea:1d:ab:e1:25:17:f4:3d:53:73:23:e5:3e:f6:3a:
c6:7b:18:08:f0:26:4f:89:d8:58:f2:c0:2a:a4:10:
ba:a7:f2:68:5e:ce:c3:7a:68:37:81:4c:69:c3:42:
1f:0b:d3:b2:84:c4:8a:16:88:08:5c:92:e6:fb:a3:
a0:6a:6a:52:51:17:c4:d0:cb:b9:9d:86:e1:b5:1f:
5e:73:9a:7d:4c:bf:6a:f7:d3:32:71:8c:f4:d8:86:
2a:e9:b6:78:0d:30:96:16:3a:9b:ba:ff:fd:da:05:
ed:e4:9b:01:8e:a2:29:64:7e:bc:04:15:55:b0:84:
80:a2:7b:c6:74:67:21:eb:39:c2:77:00:c7:03:5d:
32:19:bc:2d:90:9f:c5:f0:7e:72:da:40:72:66:c3:
ba:74:7e:b8:97:e6:68:62:52:f5:91:3a:a1:26:de:
db:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AC:E7:BA:8F:06:2C:B2:5C:C5:F8:F8:EF:54:D7:0C:39:1E:64:A1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.70.0/24
Signature Algorithm: sha256WithRSAEncryption
30:a2:36:fa:3d:1f:b9:2c:87:80:8c:11:90:b8:da:d4:67:68:
ad:ab:28:c8:b4:58:8b:88:17:7d:c9:a3:14:e1:46:98:20:a6:
23:9d:75:cb:fc:59:a5:cd:1e:a6:ee:62:49:f7:f5:aa:7f:ec:
b2:94:aa:d3:26:8d:9f:2e:66:08:19:2c:70:cb:ea:9f:5d:88:
a5:49:55:5d:ce:3d:f8:74:54:2d:9b:dd:43:11:53:af:79:25:
51:11:c4:56:d5:03:62:92:b5:f0:7d:fb:6a:8e:17:e0:ef:38:
3c:2a:8b:19:42:e6:52:8c:15:94:07:6a:b4:f3:55:54:7f:b8:
62:bd:e6:72:9f:1f:18:e0:57:33:49:3f:eb:2a:cd:e6:66:41:
07:be:e6:57:fd:1b:64:b8:9e:04:c8:58:b9:fb:56:4c:1f:68:
f7:44:0f:07:a8:df:6f:fa:f6:99:c3:72:7d:dc:e9:f6:09:b0:
b3:a6:bd:aa:71:d6:ec:fb:fb:02:f1:60:d3:52:a6:85:b0:7c:
35:b5:ad:10:d1:8f:29:f6:b0:8a:14:9f:82:93:b3:0b:f3:14:
f6:7d:64:aa:95:57:4e:55:22:28:89:38:3e:e0:60:80:94:5e:
fa:68:ef:f3:bf:12:5a:7f:31:18:51:83:3d:f1:3a:38:1b:f7:
8f:56:38:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa8VK0NCfKeMkQa2ll/Z4dKulHKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMzExOTM5NDJaFw0yNTEyMzAxOTQ0NDJaMDMxMTAvBgNV
BAMTKDJFQUNFN0JBOEYwNjJDQjI1Q0M1RjhGOEVGNTRENzBDMzkxRTY0QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WzkorY4PmpFgCYX1W/bjCB7g
+D/v3BMzvB+SepW5/JpVJhOEVZQb8CaGI2zcA1vXMP7cVJLMIJS8eXeNp+JS+r+s
U9FGKSLqPUT4XVLeNXhXfCTCnCObWeodq+ElF/Q9U3Mj5T72OsZ7GAjwJk+J2Fjy
wCqkELqn8mhezsN6aDeBTGnDQh8L07KExIoWiAhckub7o6BqalJRF8TQy7mdhuG1
H15zmn1Mv2r30zJxjPTYhirptngNMJYWOpu6//3aBe3kmwGOoilkfrwEFVWwhICi
e8Z0ZyHrOcJ3AMcDXTIZvC2Qn8XwfnLaQHJmw7p0friX5mhiUvWROqEm3tuZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULqznuo8GLLJcxfj471TXDDkeZKEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFGMA0GCSqGSIb3DQEBCwUAA4IBAQAwojb6PR+5LIeAjBGQuNrUZ2itqyjItFiL
iBd9yaMU4UaYIKYjnXXL/FmlzR6m7mJJ9/Wqf+yylKrTJo2fLmYIGSxwy+qfXYil
SVVdzj34dFQtm91DEVOveSVREcRW1QNikrXwfftqjhfg7zg8KosZQuZSjBWUB2q0
81VUf7hiveZynx8Y4FczST/rKs3mZkEHvuZX/RtkuJ4EyFi5+1ZMH2j3RA8HqN9v
+vaZw3J93On2CbCzpr2qcdbs+/sC8WDTUqaFsHw1ta0Q0Y8p9rCKFJ+Ck7ML8xT2
fWSqlVdOVSIoiTg+4GCAlF76aO/zvxJafzEYUYM98To4G/ePVjg9
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:12:26 2025 by rpki-client