Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e36362e302f32342d3234203d3e20313336373837.roa
File: 33312e3138372e36362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 1hFClU4fQNS1SwNXumMDoQOzqx4KVZvSP8rXDQfReoM=
Subject key identifier: A8:3C:79:A8:F2:65:F4:C5:80:17:62:B9:62:9F:73:2C:50:CE:90:82
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4557CFBDE335855E95A64D71BEAB1B3574BC1427
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e36362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:18 +0000
ROA not before: Sun 27 Oct 2024 20:00:18 +0000
ROA not after: Sun 26 Oct 2025 20:05:18 +0000
asID: 136787
IP address blocks: 31.187.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:57:cf:bd:e3:35:85:5e:95:a6:4d:71:be:ab:1b:35:74:bc:14:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:18 2024 GMT
Not After : Oct 26 20:05:18 2025 GMT
Subject: CN=A83C79A8F265F4C5801762B9629F732C50CE9082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c8:74:76:e6:26:8f:ca:60:3e:d8:40:39:9e:
64:1f:95:43:a6:31:72:37:b6:92:13:a9:45:dd:59:
c2:dd:47:27:56:95:93:ad:31:07:62:ec:af:8a:29:
8e:4e:2b:2a:eb:06:ec:2d:b5:fd:b1:e2:97:93:73:
99:10:de:c3:68:bf:aa:ca:33:38:41:6c:11:5b:8a:
fe:15:16:8b:97:56:bd:81:1f:b6:f2:06:fb:2d:ba:
aa:5a:92:3b:d8:aa:62:28:ca:e0:97:63:2b:bb:55:
98:41:64:a3:56:23:36:ba:fe:2d:ed:8f:6d:34:18:
27:60:36:27:e8:00:23:17:f5:d9:d2:ea:0f:e2:55:
e4:d6:93:4d:12:93:2d:f1:95:ae:9d:fa:e2:b0:28:
57:81:bc:28:21:e9:b3:e7:36:f5:cb:86:54:25:77:
b2:f8:c0:19:ed:51:82:1f:78:2f:9d:e4:5d:b4:06:
02:cc:6d:8e:4b:4c:2c:2d:ba:d9:91:c2:5c:38:af:
55:82:91:9c:a2:1a:83:40:a6:39:5f:ea:99:9f:6f:
db:1f:8a:7f:63:47:5c:51:9b:46:89:ef:f1:91:b9:
26:1e:ab:63:9c:18:4a:fa:ee:20:0d:0a:71:a3:99:
a1:48:8d:3e:d5:b5:01:e6:28:b5:2f:c8:ff:95:90:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3C:79:A8:F2:65:F4:C5:80:17:62:B9:62:9F:73:2C:50:CE:90:82
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e36362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.66.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f6:5a:3e:e8:1c:f1:70:b0:7d:a7:3b:78:29:bf:cc:0a:55:
d3:21:94:1a:4f:cd:fb:7f:eb:b6:9d:b5:c0:d0:68:74:70:dc:
96:ac:4d:ec:04:74:c6:36:0e:bf:9c:c7:65:8e:b3:02:d6:98:
fd:fd:e7:8c:25:24:23:17:1c:7e:dc:09:cf:2b:b7:52:36:b6:
d3:d2:64:91:c0:a5:7d:62:14:7d:d8:e6:47:b1:90:d9:48:84:
1e:f9:cd:d6:9a:6e:16:28:99:e0:00:91:7c:97:4b:5c:78:71:
d6:ee:f8:eb:8a:a9:eb:e9:eb:ed:dc:c7:0a:68:06:0c:e5:9c:
2a:84:f2:bb:b5:23:45:45:b1:11:50:dd:73:70:bc:e1:fc:2d:
cd:f6:b7:99:a5:94:7d:29:e2:dc:fa:fc:99:e4:0d:57:ce:1f:
a5:62:29:f5:d1:9f:cd:28:3e:d4:40:47:8a:e6:5c:c5:a8:a1:
c8:60:d1:7c:93:b7:5e:9d:aa:b7:1a:4e:82:94:f1:29:28:be:
a6:a8:18:56:ac:95:c5:28:88:5e:21:6a:8c:d9:e1:09:b7:84:
b3:be:26:57:45:a0:0d:b3:7f:25:02:b4:3f:40:72:c4:d2:aa:
cf:be:35:89:29:84:3b:96:af:c2:c0:bc:da:f6:4d:59:e3:3b:
92:a8:e0:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURVfPveM1hV6Vpk1xvqsbNXS8FCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMThaFw0yNTEwMjYyMDA1MThaMDMxMTAvBgNV
BAMTKEE4M0M3OUE4RjI2NUY0QzU4MDE3NjJCOTYyOUY3MzJDNTBDRTkwODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVyHR25iaPymA+2EA5nmQflUOm
MXI3tpITqUXdWcLdRydWlZOtMQdi7K+KKY5OKyrrBuwttf2x4peTc5kQ3sNov6rK
MzhBbBFbiv4VFouXVr2BH7byBvstuqpakjvYqmIoyuCXYyu7VZhBZKNWIza6/i3t
j200GCdgNifoACMX9dnS6g/iVeTWk00Sky3xla6d+uKwKFeBvCgh6bPnNvXLhlQl
d7L4wBntUYIfeC+d5F20BgLMbY5LTCwtutmRwlw4r1WCkZyiGoNApjlf6pmfb9sf
in9jR1xRm0aJ7/GRuSYeq2OcGEr67iANCnGjmaFIjT7VtQHmKLUvyP+VkL93AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqDx5qPJl9MWAF2K5Yp9zLFDOkIIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzEzODM3MmUzNjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H7tCMA0GCSqGSIb3DQEBCwUAA4IBAQCf9lo+6BzxcLB9pzt4Kb/MClXTIZQaT837
f+u2nbXA0Gh0cNyWrE3sBHTGNg6/nMdljrMC1pj9/eeMJSQjFxx+3AnPK7dSNrbT
0mSRwKV9YhR92OZHsZDZSIQe+c3Wmm4WKJngAJF8l0tceHHW7vjriqnr6evt3McK
aAYM5ZwqhPK7tSNFRbERUN1zcLzh/C3N9reZpZR9KeLc+vyZ5A1Xzh+lYin10Z/N
KD7UQEeK5lzFqKHIYNF8k7denaq3Gk6ClPEpKL6mqBhWrJXFKIheIWqM2eEJt4Sz
viZXRaANs38lArQ/QHLE0qrPvjWJKYQ7lq/CwLza9k1Z4zuSqOBd
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org