Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
File: 33312e3232302e31302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EwEW/iDd/Im+pQBlUKqjuerivaa73lcl+0HqxCV7LsM=
Subject key identifier: C3:77:E1:06:14:7D:52:A2:4D:35:7C:8E:25:BB:93:17:0D:3A:80:65
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F33A62D517A677471C1C4FE5B086CABF2083795
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:18 +0000
ROA not before: Sun 27 Oct 2024 20:00:18 +0000
ROA not after: Sun 26 Oct 2025 20:05:18 +0000
asID: 136787
IP address blocks: 31.220.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:33:a6:2d:51:7a:67:74:71:c1:c4:fe:5b:08:6c:ab:f2:08:37:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:18 2024 GMT
Not After : Oct 26 20:05:18 2025 GMT
Subject: CN=C377E106147D52A24D357C8E25BB93170D3A8065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:12:b1:60:3e:10:a4:2d:84:6d:92:c5:0c:1f:
29:50:b7:b3:6e:c9:31:fd:2c:b2:b4:46:a7:b0:61:
fc:4d:20:f2:51:48:15:3b:67:0d:72:16:97:c7:dd:
82:9f:dc:00:ef:74:e4:e0:11:2e:a6:72:78:7c:37:
c0:59:a7:fb:fa:7a:b3:6d:2e:d4:f7:4c:94:15:7c:
35:3b:b8:b6:75:59:d4:30:3d:51:a0:77:7b:f1:fc:
93:4d:2d:af:b4:31:6c:4e:da:a3:7b:c7:6d:24:5d:
3a:91:54:c0:6d:57:ed:9c:f9:33:2a:8a:d5:f0:8f:
97:98:fa:5e:3d:2a:b3:68:c6:fd:f1:3b:36:49:68:
1e:47:60:86:47:cf:d5:ee:14:de:14:34:07:b9:0b:
c8:c2:30:6e:ca:5a:ae:d8:fe:55:9f:83:83:0f:4f:
93:d7:51:8c:2f:87:a6:37:72:c6:1a:58:78:88:59:
9f:ce:70:d3:b6:72:b3:eb:15:d6:0e:07:ca:63:ed:
f0:ed:09:44:75:d5:c9:63:2f:85:3f:e4:2a:f0:0f:
7f:22:98:c0:95:82:01:03:19:bf:7b:29:90:67:8d:
08:9d:de:99:7f:5f:b2:56:82:64:55:6f:2f:63:d4:
95:63:3f:2d:ad:51:3f:aa:bf:fa:08:68:02:5d:e2:
62:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:77:E1:06:14:7D:52:A2:4D:35:7C:8E:25:BB:93:17:0D:3A:80:65
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.10.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:4e:86:01:7d:1d:3e:a5:b7:c4:87:70:da:5f:40:14:34:fd:
07:3c:1c:f9:49:38:78:76:1c:c8:7b:87:41:56:2f:8b:51:c9:
c5:ef:ef:23:b2:73:68:91:6a:c6:3a:08:0f:de:81:3d:7b:83:
4a:68:fa:6e:cf:aa:a7:ab:b0:bd:00:85:b3:2d:04:cf:bd:2a:
2f:1b:e2:6a:4d:88:9e:92:4d:83:c5:00:7e:7f:b2:86:a3:ca:
26:cf:7e:b4:62:bf:d6:53:5e:a3:93:91:20:da:8e:e1:ad:42:
dc:ac:9b:16:e6:10:2d:d1:00:26:ff:e2:b9:f1:c3:42:b7:7a:
ac:b5:7d:81:e6:39:a3:f3:37:cd:93:7b:d3:68:7f:e5:0f:46:
33:c4:d9:04:01:8c:9a:70:3e:50:fa:d2:94:d7:98:ff:f9:09:
b8:37:61:f9:de:82:0f:49:5f:7a:ee:81:19:ff:c6:b2:a4:61:
90:ac:5b:23:3f:af:38:d9:95:d0:a2:e6:bc:8f:93:91:ba:33:
86:cf:a2:60:d6:22:65:ce:3a:e3:1a:24:5e:32:8f:3f:39:e4:
26:97:ad:2e:33:ec:dc:0e:72:cf:fd:30:b0:c9:49:3c:c9:55:
4c:ef:a7:6e:e5:b3:73:21:cd:21:18:8a:82:07:2f:fa:63:e5:
ea:70:e7:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULzOmLVF6Z3RxwcT+Wwhsq/IIN5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMThaFw0yNTEwMjYyMDA1MThaMDMxMTAvBgNV
BAMTKEMzNzdFMTA2MTQ3RDUyQTI0RDM1N0M4RTI1QkI5MzE3MEQzQTgwNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFErFgPhCkLYRtksUMHylQt7Nu
yTH9LLK0RqewYfxNIPJRSBU7Zw1yFpfH3YKf3ADvdOTgES6mcnh8N8BZp/v6erNt
LtT3TJQVfDU7uLZ1WdQwPVGgd3vx/JNNLa+0MWxO2qN7x20kXTqRVMBtV+2c+TMq
itXwj5eY+l49KrNoxv3xOzZJaB5HYIZHz9XuFN4UNAe5C8jCMG7KWq7Y/lWfg4MP
T5PXUYwvh6Y3csYaWHiIWZ/OcNO2crPrFdYOB8pj7fDtCUR11cljL4U/5CrwD38i
mMCVggEDGb97KZBnjQid3pl/X7JWgmRVby9j1JVjPy2tUT+qv/oIaAJd4mJtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUw3fhBhR9UqJNNXyOJbuTFw06gGUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wKMA0GCSqGSIb3DQEBCwUAA4IBAQBtToYBfR0+pbfEh3DaX0AUNP0HPBz5STh4
dhzIe4dBVi+LUcnF7+8jsnNokWrGOggP3oE9e4NKaPpuz6qnq7C9AIWzLQTPvSov
G+JqTYiekk2DxQB+f7KGo8omz360Yr/WU16jk5Eg2o7hrULcrJsW5hAt0QAm/+K5
8cNCt3qstX2B5jmj8zfNk3vTaH/lD0YzxNkEAYyacD5Q+tKU15j/+Qm4N2H53oIP
SV967oEZ/8aypGGQrFsjP6842ZXQoua8j5ORujOGz6Jg1iJlzjrjGiReMo8/OeQm
l60uM+zcDnLP/TCwyUk8yVVM76du5bNzIc0hGIqCBy/6Y+XqcOf5
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org