Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3231203d3e203437353833.roa
File: 3231372e3139362e35362e302f32312d3231203d3e203437353833.roa (raw, json)
Hash identifier: 3fo52o5tixTnT8LgCVFof4aA7dxkWVYPJbKFP1qZ8zs=
Subject key identifier: 65:AC:67:A7:CE:66:84:43:D9:22:05:6A:89:D5:BC:5A:D2:83:D7:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4A19CD3CB708777D1B3840E4532B0661F23504E4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3231203d3e203437353833.roa
Signing time: Thu 30 Nov 2023 19:00:36 +0000
ROA not before: Thu 30 Nov 2023 18:55:36 +0000
ROA not after: Thu 28 Nov 2024 19:00:36 +0000
asID: 47583
IP address blocks: 217.196.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:19:cd:3c:b7:08:77:7d:1b:38:40:e4:53:2b:06:61:f2:35:04:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 30 18:55:36 2023 GMT
Not After : Nov 28 19:00:36 2024 GMT
Subject: CN=65AC67A7CE668443D922056A89D5BC5AD283D7EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:18:28:38:91:40:38:14:fa:16:9e:da:ae:
de:11:d9:d7:46:bf:a2:86:5d:29:32:16:09:b9:27:
41:c8:d0:6f:bf:b0:91:33:0a:57:9b:e8:09:1c:33:
36:7e:15:3d:0f:04:fa:db:7f:48:8f:62:85:9c:c1:
38:b6:b9:1d:e9:24:44:58:ce:5d:ed:ba:fe:a3:c7:
84:19:ec:55:94:c9:0f:3c:21:ab:cb:16:b9:ae:84:
21:65:13:fc:ae:c9:e8:c8:25:98:39:cd:8a:0a:d6:
a7:7d:76:62:11:05:63:ab:3d:0f:1b:b9:b9:2d:cc:
8c:09:8e:ae:8e:22:20:ac:19:00:97:97:9c:6a:07:
46:44:22:6b:1b:b3:95:2e:cf:91:09:82:6d:17:d1:
dd:87:16:e7:09:c1:d3:b0:b1:b0:c2:87:c8:fa:b5:
d3:e3:26:ea:76:5d:56:d9:30:01:a4:5e:40:f1:10:
80:a7:7a:d8:90:e6:ac:db:ee:ea:69:d8:fa:41:d7:
80:43:4d:e5:a2:ea:db:c7:fe:09:25:e9:81:cc:8e:
38:1e:39:59:12:85:7f:56:4a:a7:d6:6a:79:68:ba:
64:7f:0e:f1:a2:90:69:8e:ed:b4:c1:15:d7:ab:18:
77:70:b4:6c:64:01:58:8c:1d:e4:16:af:1c:8f:9b:
33:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AC:67:A7:CE:66:84:43:D9:22:05:6A:89:D5:BC:5A:D2:83:D7:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3231203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.56.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:7b:9d:aa:83:ac:d0:f0:6e:5b:a1:98:bc:df:ec:c6:35:77:
c0:f2:d4:a3:90:af:d6:4c:a0:d1:d7:0d:83:b6:f9:7d:64:81:
a3:c4:84:32:33:99:1b:84:f8:d0:9a:21:cc:ac:49:2f:75:23:
d5:d6:a7:9f:9d:ff:a6:a4:12:62:fe:89:0c:54:29:88:8f:85:
ee:68:5b:5d:ce:cd:4a:42:56:0b:e3:2b:0a:4d:e8:ce:a6:0e:
5a:a1:c4:c9:53:81:1e:78:7f:fa:1f:84:a6:5f:0d:58:c7:f4:
4e:f5:25:d7:4c:1e:4e:b8:53:d4:0f:c1:0d:61:4b:aa:4c:17:
52:8e:af:39:79:0c:1d:a1:3d:3b:47:aa:56:74:45:da:d9:8e:
f2:b7:e2:d6:18:b2:7f:a5:2b:6e:70:91:56:de:68:60:31:98:
9e:51:25:5c:8d:a6:2d:fa:5d:17:a2:26:02:c3:58:9f:31:86:
0c:2a:df:c4:c2:ae:7f:ac:40:a0:e9:2a:a5:8f:de:ce:2b:15:
f3:0e:c8:42:22:e6:29:a4:77:e5:de:29:67:24:7d:cf:77:20:
6c:01:28:32:d1:e5:34:8a:2a:c7:99:37:0a:ba:8e:1f:e8:b9:
1c:41:6b:38:70:7f:6b:0c:1b:e2:74:e8:24:73:0d:95:2e:a9:
cd:e0:3e:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUShnNPLcId30bOEDkUysGYfI1BOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMzAxODU1MzZaFw0yNDExMjgxOTAwMzZaMDMxMTAvBgNV
BAMTKDY1QUM2N0E3Q0U2Njg0NDNEOTIyMDU2QTg5RDVCQzVBRDI4M0Q3RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/hgoOJFAOBT6Fp7art4R2ddG
v6KGXSkyFgm5J0HI0G+/sJEzCleb6AkcMzZ+FT0PBPrbf0iPYoWcwTi2uR3pJERY
zl3tuv6jx4QZ7FWUyQ88IavLFrmuhCFlE/yuyejIJZg5zYoK1qd9dmIRBWOrPQ8b
ubktzIwJjq6OIiCsGQCXl5xqB0ZEImsbs5Uuz5EJgm0X0d2HFucJwdOwsbDCh8j6
tdPjJup2XVbZMAGkXkDxEICnetiQ5qzb7upp2PpB14BDTeWi6tvH/gkl6YHMjjge
OVkShX9WSqfWanloumR/DvGikGmO7bTBFderGHdwtGxkAViMHeQWrxyPmzPZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZaxnp85mhEPZIgVqidW8WtKD1+8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMTM5MzYyZTM1
MzYyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2cQ4MA0GCSqGSIb3DQEBCwUAA4IBAQAce52qg6zQ8G5boZi83+zGNXfA8tSjkK/W
TKDR1w2Dtvl9ZIGjxIQyM5kbhPjQmiHMrEkvdSPV1qefnf+mpBJi/okMVCmIj4Xu
aFtdzs1KQlYL4ysKTejOpg5aocTJU4EeeH/6H4SmXw1Yx/RO9SXXTB5OuFPUD8EN
YUuqTBdSjq85eQwdoT07R6pWdEXa2Y7yt+LWGLJ/pStucJFW3mhgMZieUSVcjaYt
+l0XoiYCw1ifMYYMKt/Ewq5/rECg6Sqlj97OKxXzDshCIuYppHfl3ilnJH3PdyBs
ASgy0eU0iirHmTcKuo4f6LkcQWs4cH9rDBvidOgkcw2VLqnN4D6a
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:24 2024 by rpki-client on console-ams.rpki-client.org