Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
File: 3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa (raw, json)
Hash identifier: b+tlg81pr4vEUXnrFzjyhDEft6cnol7+vk3GJmrw1aw=
Subject key identifier: B9:A8:EF:BD:42:25:F1:17:15:12:95:F3:D5:C5:6B:ED:FC:3F:48:82
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3029F4CB3167D47381A551C90E73AB9830567765
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
Signing time: Thu 04 Apr 2024 20:35:40 +0000
ROA not before: Thu 04 Apr 2024 20:30:40 +0000
ROA not after: Thu 03 Apr 2025 20:35:40 +0000
asID: 141995
IP address blocks: 217.15.160.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:29:f4:cb:31:67:d4:73:81:a5:51:c9:0e:73:ab:98:30:56:77:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 4 20:30:40 2024 GMT
Not After : Apr 3 20:35:40 2025 GMT
Subject: CN=B9A8EFBD4225F117151295F3D5C56BEDFC3F4882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:38:08:58:18:30:8f:2c:a1:b9:74:bf:95:62:
87:d2:6c:76:d9:17:53:f5:f5:77:24:ed:d1:f5:c4:
50:e0:64:a0:d3:9d:29:ed:8d:c4:48:9e:de:31:8c:
ce:01:d1:33:06:de:98:c0:1d:3f:d9:18:06:01:03:
3c:d2:9f:da:38:64:67:44:9c:d3:51:38:66:14:13:
11:51:69:cc:7c:26:e4:be:65:b9:6b:81:bb:51:4a:
b3:53:f0:56:c0:b0:83:97:bd:4c:f6:86:a1:38:2a:
64:50:b9:d2:56:a7:b4:10:0a:62:d1:3a:b0:e4:60:
9d:78:29:f4:8b:a8:b8:3a:23:2d:53:30:e5:53:f1:
17:ca:a7:1f:cf:4e:5e:a6:42:39:6c:f1:a6:64:f4:
d5:77:5a:fb:cd:35:ba:77:41:4d:64:21:32:12:3b:
21:8d:12:a4:a9:bb:fc:f1:81:ca:f6:f0:e6:ae:00:
bd:c7:4b:bb:71:9b:b6:ef:fd:e9:46:4a:f5:7a:42:
90:1f:f9:f4:1b:00:a6:8b:14:38:1c:4a:e7:66:21:
ce:eb:bf:ab:b4:7f:3f:6d:32:b4:e6:ec:87:4d:f4:
1c:8b:03:e2:0e:16:32:54:65:5f:f9:8b:50:25:b1:
1b:da:4e:ff:38:57:4e:e7:60:e6:c2:d4:24:b6:7b:
02:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A8:EF:BD:42:25:F1:17:15:12:95:F3:D5:C5:6B:ED:FC:3F:48:82
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.15.160.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:fc:2c:b6:fb:b1:25:72:82:84:7c:81:e9:95:19:68:5e:c1:
60:d9:da:5b:14:40:87:3b:34:7c:6e:cf:8e:ff:98:dd:ef:23:
89:7d:82:fd:5e:ca:fa:88:1f:ee:f3:70:4d:69:1e:2b:bb:0a:
92:90:1f:e6:57:ab:9e:7c:b2:d3:54:dd:93:7c:b9:28:c4:c3:
54:1f:04:37:6d:36:03:d0:93:39:d4:f7:0a:f4:e7:f1:cc:eb:
e8:d5:96:bb:3e:83:5f:48:90:de:f7:71:60:aa:82:b6:0c:8d:
37:c3:36:80:07:36:f4:9e:89:31:0d:6e:e4:7d:13:7f:f1:c3:
5a:b9:10:d2:1c:9e:a7:c4:bb:cb:0c:80:32:cf:e4:92:3b:ee:
27:df:e6:3e:24:b1:9e:b9:01:72:2f:ad:e6:1d:25:e9:d4:de:
8a:0e:47:67:77:f8:cc:68:7d:ec:51:7e:7b:d4:1f:c0:82:71:
de:af:84:78:36:17:cf:91:a2:6f:f4:78:e3:2a:58:6b:03:fc:
69:b3:36:bf:53:ac:6b:2a:f4:d5:4a:0a:cf:05:de:b8:e7:b4:
e6:ac:03:ef:cf:58:09:eb:b9:aa:5a:d1:22:e3:9e:da:0d:64:
e5:bb:a3:83:2c:36:5d:2d:8d:c4:59:1b:7f:22:66:cc:ab:b2:
41:e3:d6:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMCn0yzFn1HOBpVHJDnOrmDBWd2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDQyMDMwNDBaFw0yNTA0MDMyMDM1NDBaMDMxMTAvBgNV
BAMTKEI5QThFRkJENDIyNUYxMTcxNTEyOTVGM0Q1QzU2QkVERkMzRjQ4ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDOAhYGDCPLKG5dL+VYofSbHbZ
F1P19Xck7dH1xFDgZKDTnSntjcRInt4xjM4B0TMG3pjAHT/ZGAYBAzzSn9o4ZGdE
nNNROGYUExFRacx8JuS+ZblrgbtRSrNT8FbAsIOXvUz2hqE4KmRQudJWp7QQCmLR
OrDkYJ14KfSLqLg6Iy1TMOVT8RfKpx/PTl6mQjls8aZk9NV3WvvNNbp3QU1kITIS
OyGNEqSpu/zxgcr28OauAL3HS7txm7bv/elGSvV6QpAf+fQbAKaLFDgcSudmIc7r
v6u0fz9tMrTm7IdN9ByLA+IOFjJUZV/5i1AlsRvaTv84V07nYObC1CS2ewIzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuajvvUIl8RcVEpXz1cVr7fw/SIIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMTM1MmUzMTM2
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZD6AwDQYJKoZIhvcNAQELBQADggEBAAv8LLb7sSVygoR8gemVGWhewWDZ2lsU
QIc7NHxuz47/mN3vI4l9gv1eyvqIH+7zcE1pHiu7CpKQH+ZXq558stNU3ZN8uSjE
w1QfBDdtNgPQkznU9wr05/HM6+jVlrs+g19IkN73cWCqgrYMjTfDNoAHNvSeiTEN
buR9E3/xw1q5ENIcnqfEu8sMgDLP5JI77iff5j4ksZ65AXIvreYdJenU3ooOR2d3
+MxofexRfnvUH8CCcd6vhHg2F8+Rom/0eOMqWGsD/GmzNr9TrGsq9NVKCs8F3rjn
tOasA+/PWAnruapa0SLjntoNZOW7o4MsNl0tjcRZG38iZsyrskHj1qI=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org