Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231332e3139392e33322e302f31392d3332203d3e203531313637.roa
File: 3231332e3139392e33322e302f31392d3332203d3e203531313637.roa (raw, json)
Hash identifier: OAZWsUrTWzu8+EwAPW6gj9OMwikCKKFh+cOiPBrLXdQ=
Subject key identifier: 59:0A:C7:1E:4B:67:1E:DA:2C:B8:34:6D:0E:6E:F8:2F:BB:0E:69:1E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E6D55BDFA254A716DE7F58683B9E1581FFB6240
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231332e3139392e33322e302f31392d3332203d3e203531313637.roa
Signing time: Wed 05 Feb 2025 11:45:40 +0000
ROA not before: Wed 05 Feb 2025 11:40:40 +0000
ROA not after: Wed 04 Feb 2026 11:45:40 +0000
asID: 51167
IP address blocks: 213.199.32.0/19 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:6d:55:bd:fa:25:4a:71:6d:e7:f5:86:83:b9:e1:58:1f:fb:62:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 5 11:40:40 2025 GMT
Not After : Feb 4 11:45:40 2026 GMT
Subject: CN=590AC71E4B671EDA2CB8346D0E6EF82FBB0E691E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:7e:9d:cc:12:d8:0c:e1:59:d8:5f:91:27:
24:fc:79:04:ba:54:8f:41:d8:83:35:11:23:3a:4e:
d2:01:e8:fe:c7:93:ae:74:c6:37:96:e8:b0:7e:f4:
54:88:1d:d0:89:8f:a6:2a:0c:90:59:75:b7:e5:a7:
15:82:12:1a:ad:5d:ba:4f:53:68:e3:19:02:15:cf:
d9:eb:f7:d4:63:c3:56:15:ef:2c:f6:c6:10:5c:67:
9b:d5:98:06:62:b6:8e:4a:bf:e4:2d:31:49:3d:b9:
18:a3:42:23:9f:ad:00:c8:3a:bf:e6:2e:db:55:82:
a4:44:e4:f5:32:b5:c7:6b:57:84:88:c0:ab:66:22:
8b:e2:0a:8a:83:8d:c3:34:18:09:87:48:44:b1:b0:
f4:9c:b5:cc:ea:4a:38:9a:69:ca:e2:74:2c:41:aa:
2e:6c:29:00:c4:26:a7:0b:60:18:74:7f:b9:72:90:
fa:f3:13:e6:74:85:b4:c9:65:93:4c:5f:5e:78:a5:
94:de:2e:84:02:e5:36:c8:9a:a9:c6:d4:77:82:ef:
9c:9e:79:44:0b:28:75:0b:e6:99:67:81:5e:8d:60:
2e:65:b2:d5:43:e5:c9:11:10:59:cc:24:88:ec:6e:
6f:ab:11:f8:ef:47:51:c7:09:85:b5:e8:08:90:f9:
2c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0A:C7:1E:4B:67:1E:DA:2C:B8:34:6D:0E:6E:F8:2F:BB:0E:69:1E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231332e3139392e33322e302f31392d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.199.32.0/19
Signature Algorithm: sha256WithRSAEncryption
56:df:d7:89:8f:a9:10:20:0f:5d:a7:c9:6a:a3:e8:59:1e:9f:
3b:e1:15:3e:3e:e8:88:27:40:5b:08:12:89:0f:cb:17:4f:19:
b8:f2:91:68:91:ac:60:7a:68:cf:1d:e2:51:8b:db:53:84:03:
53:1f:d0:3d:16:89:a2:62:f8:a3:60:34:42:ab:f6:b5:d8:23:
b7:14:16:5e:c6:a5:f3:ec:76:7e:f2:93:be:c0:16:ad:42:6d:
0d:db:39:c9:92:ad:62:99:7e:e1:e6:19:3e:67:9a:4d:16:76:
d4:e8:ad:fd:44:40:5a:a9:c6:5e:cd:0e:5b:65:81:2b:39:b9:
c8:02:70:8b:eb:51:d5:4a:a0:e6:fa:a7:7f:85:63:fa:0c:db:
c9:42:1c:20:e8:b9:6a:49:3e:81:26:bb:81:8f:e4:9c:89:89:
be:65:57:6d:4f:70:62:46:3b:86:10:62:d5:08:ef:55:04:b7:
17:f6:a9:63:fa:99:ee:f2:f3:b8:8f:19:7f:2a:f1:86:8f:2d:
a3:05:1e:83:04:3a:51:59:93:5e:1b:00:cd:7d:c4:76:cc:19:
09:e8:92:f8:1e:32:59:9c:b3:9c:40:13:78:f6:b3:fb:e1:86:
0f:6f:87:c8:2d:ef:77:87:9f:05:a1:57:b0:bc:1e:cb:72:b3:
8c:21:b5:8b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHm1VvfolSnFt5/WGg7nhWB/7YkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDUxMTQwNDBaFw0yNjAyMDQxMTQ1NDBaMDMxMTAvBgNV
BAMTKDU5MEFDNzFFNEI2NzFFREEyQ0I4MzQ2RDBFNkVGODJGQkIwRTY5MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGhX6dzBLYDOFZ2F+RJyT8eQS6
VI9B2IM1ESM6TtIB6P7Hk650xjeW6LB+9FSIHdCJj6YqDJBZdbflpxWCEhqtXbpP
U2jjGQIVz9nr99Rjw1YV7yz2xhBcZ5vVmAZito5Kv+QtMUk9uRijQiOfrQDIOr/m
LttVgqRE5PUytcdrV4SIwKtmIoviCoqDjcM0GAmHSESxsPSctczqSjiaacridCxB
qi5sKQDEJqcLYBh0f7lykPrzE+Z0hbTJZZNMX154pZTeLoQC5TbImqnG1HeC75ye
eUQLKHUL5plngV6NYC5lstVD5ckREFnMJIjsbm+rEfjvR1HHCYW16AiQ+Sw5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWQrHHktnHtosuDRtDm74L7sOaR4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMzMmUzMTM5MzkyZTMz
MzIyZTMwMmYzMTM5MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
1ccgMA0GCSqGSIb3DQEBCwUAA4IBAQBW39eJj6kQIA9dp8lqo+hZHp874RU+PuiI
J0BbCBKJD8sXTxm48pFokaxgemjPHeJRi9tThANTH9A9FomiYvijYDRCq/a12CO3
FBZexqXz7HZ+8pO+wBatQm0N2znJkq1imX7h5hk+Z5pNFnbU6K39REBaqcZezQ5b
ZYErObnIAnCL61HVSqDm+qd/hWP6DNvJQhwg6LlqST6BJruBj+SciYm+ZVdtT3Bi
RjuGEGLVCO9VBLcX9qlj+pnu8vO4jxl/KvGGjy2jBR6DBDpRWZNeGwDNfcR2zBkJ
6JL4HjJZnLOcQBN49rP74YYPb4fILe93h58FoVewvB7LcrOMIbWL
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:19:46 2025 by rpki-client