Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
File: 3231322e39372e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: UX+vNEBydoxWzmwG2YYJEcHfClnnxpap3BhtduljWfo=
Subject key identifier: A4:43:37:0B:97:83:F8:F3:26:21:8E:69:FB:CC:6D:C2:28:A9:34:4E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 05DD1B68288FAE4B79288032FC24112BF3488D1C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 30 Jan 2024 19:25:41 +0000
ROA not before: Tue 30 Jan 2024 19:20:41 +0000
ROA not after: Tue 28 Jan 2025 19:25:41 +0000
asID: 136787
IP address blocks: 212.97.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:dd:1b:68:28:8f:ae:4b:79:28:80:32:fc:24:11:2b:f3:48:8d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 30 19:20:41 2024 GMT
Not After : Jan 28 19:25:41 2025 GMT
Subject: CN=A443370B9783F8F326218E69FBCC6DC228A9344E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0b:1e:d4:f9:e5:94:ca:2d:97:c9:9f:d1:44:
52:44:92:2d:09:21:27:cc:24:bf:2f:bc:b2:ef:c7:
c9:cf:bf:dc:42:5f:6a:f0:9f:3d:a3:bd:40:3a:82:
c0:a2:78:b0:28:de:92:1a:b0:69:a0:8d:cf:bc:37:
4d:c0:38:a4:65:c8:f9:60:e1:ad:2f:47:f2:7a:6a:
24:ff:04:07:62:13:5c:cc:1b:a2:5a:e5:b9:8f:4c:
02:22:2e:e7:1e:07:ff:4d:f2:a2:63:c7:74:6b:ae:
e4:8a:0f:8a:ae:ab:62:c0:82:54:78:f7:57:ab:56:
6d:b3:0e:ab:1b:d1:7a:18:81:1d:58:e2:90:03:eb:
42:44:da:4b:4e:8d:f8:ce:6f:f1:42:5b:33:a2:92:
69:6d:33:21:1a:66:4c:b4:8b:c2:60:89:9e:7c:f6:
d5:54:72:f3:ff:30:35:4b:9d:d4:fe:e3:fc:12:b2:
88:c1:6c:57:6c:f4:61:95:24:a8:6b:c0:5e:7c:a4:
e9:85:f8:ec:5c:69:8d:62:7e:b6:7c:77:e2:0d:46:
a2:8f:88:29:5a:e4:75:ac:c8:34:e8:12:04:59:e7:
2e:77:54:db:72:67:79:4a:7c:68:2b:9f:ee:c8:3b:
a6:4d:5c:e8:0f:fe:bc:7f:05:85:07:68:23:93:8b:
a1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:43:37:0B:97:83:F8:F3:26:21:8E:69:FB:CC:6D:C2:28:A9:34:4E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.70.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ac:db:ea:c9:c2:74:9a:19:1e:1b:cb:cd:20:38:34:c7:f7:
d9:30:84:bb:5e:29:ef:a2:c9:22:ad:2f:84:7f:1e:75:2c:09:
18:7c:b2:48:06:a2:fe:84:99:c3:19:e9:a7:e6:46:11:9f:78:
5a:87:e2:76:fb:7f:06:f1:43:6a:54:25:0a:c6:9d:78:e3:19:
19:e3:37:58:f6:47:9a:51:f7:45:00:53:7b:a3:45:4a:40:43:
5e:c5:74:4e:07:47:7a:02:36:1a:f9:e4:49:f7:5d:c7:d2:09:
15:ba:8b:d2:91:04:db:14:e9:c9:f6:4b:ca:55:a5:19:eb:c4:
3c:98:c9:a5:b0:4b:3c:fa:55:53:bc:5b:b1:4c:97:7c:05:cb:
e8:d0:aa:4f:d4:84:bd:91:8e:61:7b:f8:5c:44:58:c0:37:1d:
e0:67:a2:fa:db:c1:6f:6d:9a:da:53:a7:17:ae:ac:1a:f9:78:
e7:37:db:da:d7:11:5f:1b:66:52:dc:85:5e:b3:dd:be:c8:ea:
cd:e0:c5:e8:97:a6:66:85:9b:71:3a:10:ee:f3:fa:85:08:6e:
ea:14:a7:13:ff:f0:b5:03:8c:30:82:39:fb:f2:6c:dc:81:c1:
6c:20:e7:65:4a:c8:8f:7b:03:22:a9:26:e5:18:fd:b3:30:fc:
be:c0:05:54
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBd0baCiPrkt5KIAy/CQRK/NIjRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMzAxOTIwNDFaFw0yNTAxMjgxOTI1NDFaMDMxMTAvBgNV
BAMTKEE0NDMzNzBCOTc4M0Y4RjMyNjIxOEU2OUZCQ0M2REMyMjhBOTM0NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHCx7U+eWUyi2XyZ/RRFJEki0J
ISfMJL8vvLLvx8nPv9xCX2rwnz2jvUA6gsCieLAo3pIasGmgjc+8N03AOKRlyPlg
4a0vR/J6aiT/BAdiE1zMG6Ja5bmPTAIiLuceB/9N8qJjx3RrruSKD4quq2LAglR4
91erVm2zDqsb0XoYgR1Y4pAD60JE2ktOjfjOb/FCWzOikmltMyEaZky0i8JgiZ58
9tVUcvP/MDVLndT+4/wSsojBbFds9GGVJKhrwF58pOmF+OxcaY1ifrZ8d+INRqKP
iCla5HWsyDToEgRZ5y53VNtyZ3lKfGgrn+7IO6ZNXOgP/rx/BYUHaCOTi6FjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpEM3C5eD+PMmIY5p+8xtwiipNE4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFGMA0GCSqGSIb3DQEBCwUAA4IBAQCCrNvqycJ0mhkeG8vNIDg0x/fZMIS7Xinv
oskirS+Efx51LAkYfLJIBqL+hJnDGemn5kYRn3hah+J2+38G8UNqVCUKxp144xkZ
4zdY9keaUfdFAFN7o0VKQENexXROB0d6AjYa+eRJ913H0gkVuovSkQTbFOnJ9kvK
VaUZ68Q8mMmlsEs8+lVTvFuxTJd8Bcvo0KpP1IS9kY5he/hcRFjANx3gZ6L628Fv
bZraU6cXrqwa+XjnN9va1xFfG2ZS3IVes92+yOrN4MXol6ZmhZtxOhDu8/qFCG7q
FKcT//C1A4wwgjn78mzcgcFsIOdlSsiPewMiqSblGP2zMPy+wAVU
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org