Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e37322e302f32342d3234203d3e203437353833.roa
File: 33312e3138372e37322e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: muF8mN4amPE/gzLAAKpKD3kSJnWSmkSIV8fUddR+JNI=
Subject key identifier: 57:0A:D7:DB:5D:65:1A:6E:57:51:98:F2:C6:06:3A:B6:B3:B7:E1:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D348D876361B3A7DF4627038F66321FB4DE93C1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e37322e302f32342d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:44:56 +0000
ROA not before: Mon 27 Jan 2025 09:39:56 +0000
ROA not after: Mon 26 Jan 2026 09:44:56 +0000
asID: 47583
IP address blocks: 31.187.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:34:8d:87:63:61:b3:a7:df:46:27:03:8f:66:32:1f:b4:de:93:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:56 2025 GMT
Not After : Jan 26 09:44:56 2026 GMT
Subject: CN=570AD7DB5D651A6E575198F2C6063AB6B3B7E117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:39:1e:54:a8:ba:5b:77:e1:99:e8:fa:95:d4:
37:66:6e:9b:1d:ee:8c:1c:18:2c:2f:86:81:8a:e8:
8f:31:dd:11:b2:64:33:38:16:72:59:a1:92:b1:09:
dc:aa:58:52:76:28:4f:26:18:ce:ea:6c:78:d1:db:
ad:62:f0:42:c6:63:ef:1f:75:e7:32:a1:ad:6b:5c:
3d:3a:1f:45:7c:f9:3d:7f:57:46:ff:7c:1c:2d:56:
2d:01:a5:f9:42:e9:cb:23:d2:df:ef:77:a1:7e:fc:
e8:5b:9f:b4:5c:f7:f4:ff:3d:aa:a3:fb:15:17:1f:
69:81:53:52:62:39:68:db:6e:3f:fe:b3:e1:8f:a7:
75:52:91:c6:dd:1e:e4:63:72:2e:7d:25:0e:f2:5d:
09:4d:7e:96:36:9a:f8:3b:2f:1c:a0:c4:dc:f1:7c:
98:0c:24:0b:bf:c5:0d:86:d6:8a:f1:c2:fb:aa:b1:
e8:af:74:83:d5:0d:ef:6d:c5:71:a1:cf:e5:d5:88:
b4:00:1a:d8:ed:03:77:8f:01:79:50:b9:70:12:9b:
e4:bb:23:c0:aa:63:ed:c6:6b:a9:a5:83:b9:35:bf:
b9:07:47:23:3f:f4:76:d7:78:62:24:cd:bb:b2:48:
a2:7e:76:56:27:ad:9f:fe:d0:06:f2:7b:10:88:9c:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:0A:D7:DB:5D:65:1A:6E:57:51:98:F2:C6:06:3A:B6:B3:B7:E1:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3138372e37322e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.72.0/24
Signature Algorithm: sha256WithRSAEncryption
53:90:b0:72:f1:b8:76:64:71:59:9b:de:61:23:19:64:9c:41:
e2:8d:0e:2d:3f:98:f6:14:87:1d:cb:e5:b8:44:b7:46:fa:78:
6c:7d:35:97:3b:9c:55:ee:21:04:29:2f:1a:97:4d:60:a6:9d:
cd:da:87:9b:6d:f6:c9:b3:15:9a:9d:df:fb:68:08:e5:94:5f:
2d:2a:10:e0:83:46:1a:54:d1:77:e3:85:30:02:f1:7a:49:e9:
07:89:fc:56:d5:a2:f1:aa:1b:17:53:9e:94:50:5d:e4:4c:1e:
45:cf:54:4a:e1:57:a5:48:4c:4c:e0:18:50:25:d5:a0:5d:0a:
f6:96:31:b5:1d:3d:b7:6d:51:91:c8:2c:a2:94:c1:58:7f:ee:
89:5d:bf:a5:79:28:06:4c:cd:83:80:8b:1e:07:6c:c7:7c:4d:
cb:bc:4d:61:bf:2d:cb:15:cc:8d:1e:d5:59:24:fa:c3:cc:68:
0e:d6:84:f1:ee:7c:ee:fa:9a:c8:9a:16:67:fa:18:c0:16:ad:
6b:06:91:60:db:fb:f5:38:4d:92:85:16:6d:b0:11:02:b5:db:
14:c3:1b:e4:51:2b:d0:30:1a:a0:55:25:20:c7:6a:0d:a2:87:
e8:88:17:c7:dd:4f:a0:f2:be:e2:e1:e0:7c:8d:69:6e:67:4d:
94:14:b4:eb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTTSNh2Nhs6ffRicDj2YyH7Tek8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTZaFw0yNjAxMjYwOTQ0NTZaMDMxMTAvBgNV
BAMTKDU3MEFEN0RCNUQ2NTFBNkU1NzUxOThGMkM2MDYzQUI2QjNCN0UxMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIOR5UqLpbd+GZ6PqV1Ddmbpsd
7owcGCwvhoGK6I8x3RGyZDM4FnJZoZKxCdyqWFJ2KE8mGM7qbHjR261i8ELGY+8f
decyoa1rXD06H0V8+T1/V0b/fBwtVi0BpflC6csj0t/vd6F+/Ohbn7Rc9/T/Paqj
+xUXH2mBU1JiOWjbbj/+s+GPp3VSkcbdHuRjci59JQ7yXQlNfpY2mvg7LxygxNzx
fJgMJAu/xQ2G1orxwvuqseivdIPVDe9txXGhz+XViLQAGtjtA3ePAXlQuXASm+S7
I8CqY+3Ga6mlg7k1v7kHRyM/9HbXeGIkzbuySKJ+dlYnrZ/+0AbyexCInPA7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUVwrX211lGm5XUZjyxgY6trO34RcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzEzODM3MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB+7
SDANBgkqhkiG9w0BAQsFAAOCAQEAU5CwcvG4dmRxWZveYSMZZJxB4o0OLT+Y9hSH
HcvluES3Rvp4bH01lzucVe4hBCkvGpdNYKadzdqHm232ybMVmp3f+2gI5ZRfLSoQ
4INGGlTRd+OFMALxeknpB4n8VtWi8aobF1OelFBd5EweRc9USuFXpUhMTOAYUCXV
oF0K9pYxtR09t21RkcgsopTBWH/uiV2/pXkoBkzNg4CLHgdsx3xNy7xNYb8tyxXM
jR7VWST6w8xoDtaE8e587vqayJoWZ/oYwBatawaRYNv79ThNkoUWbbARArXbFMMb
5FEr0DAaoFUlIMdqDaKH6IgXx91PoPK+4uHgfI1pbmdNlBS06w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:01:50 2025 by rpki-client