Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
File: 33312e3232302e31312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: vbdvxLOoT4m7jS2MqP4KmVXroa5/7OssRbvwNw63FJI=
Subject key identifier: 11:15:72:C0:9E:80:3E:6D:20:82:D4:25:CE:EC:F1:F9:9B:86:4E:BB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1723D37654E33381C30D47AF8AE38318F659970E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:01:57 +0000
ROA not before: Sun 11 Jun 2023 10:56:57 +0000
ROA not after: Sun 09 Jun 2024 11:01:57 +0000
asID: 136787
IP address blocks: 31.220.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:23:d3:76:54:e3:33:81:c3:0d:47:af:8a:e3:83:18:f6:59:97:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:56:57 2023 GMT
Not After : Jun 9 11:01:57 2024 GMT
Subject: CN=111572C09E803E6D2082D425CEECF1F99B864EBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5a:aa:a8:d7:fc:a7:71:de:e9:c3:5d:84:5f:
86:a9:c6:27:ac:fb:ee:ab:af:3b:b7:0a:cb:32:cb:
7e:78:ef:d9:dd:82:2d:f0:2f:24:ae:6f:34:23:b1:
81:2b:98:b0:01:78:8c:78:00:c6:58:c8:49:60:05:
d0:c2:cd:03:ab:c7:0a:bd:9a:8f:42:55:7c:2b:fd:
a8:5b:91:6b:6c:5c:27:30:c7:e4:54:ff:f0:f7:c0:
42:20:3e:d8:3f:b8:4c:16:7b:78:0f:9a:c0:9d:01:
1e:8e:b9:a8:7e:ec:5b:aa:b1:58:38:71:4f:c1:52:
cd:fc:a3:0e:4a:ba:fc:26:e9:0f:c5:3b:1a:46:60:
ac:09:c9:85:93:0f:74:c8:d0:ab:ea:cb:7b:0b:24:
e4:32:d2:1f:1b:14:eb:31:2c:b0:b8:8a:52:89:d9:
7f:d0:c9:a4:11:8c:2d:b7:9d:1e:9c:28:19:31:1e:
07:71:c0:e3:5c:51:a5:14:d8:cb:3f:6d:cb:9e:dc:
3b:06:83:0a:cf:ae:0d:6b:b2:1e:d0:bf:f1:59:8f:
49:0c:8d:ab:8b:c4:cb:40:52:c9:81:ae:54:ad:f4:
5b:a0:a2:c6:4f:c8:5b:e7:02:37:f1:01:04:98:dc:
8f:4d:d1:0e:5d:ac:fc:e6:4c:0b:46:e3:eb:f1:64:
40:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:15:72:C0:9E:80:3E:6D:20:82:D4:25:CE:EC:F1:F9:9B:86:4E:BB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.11.0/24
Signature Algorithm: sha256WithRSAEncryption
64:bb:5e:76:0c:d7:cc:45:51:c2:eb:e4:fd:d9:de:27:f2:b7:
22:f8:00:74:de:0f:de:03:94:a8:3b:9e:4d:f7:93:a2:3a:9e:
c2:e7:c9:5a:b6:c3:44:c1:bb:d0:19:76:3a:02:a8:2b:53:61:
e8:bc:d8:89:68:5f:be:05:ea:55:49:36:e2:c9:a5:3e:8a:a5:
09:06:51:4a:17:dc:a4:c6:a3:79:c3:51:d0:ab:26:af:50:78:
ed:27:ca:22:5f:9e:3b:3a:ac:8a:92:e6:c5:64:3e:47:2e:32:
3c:d9:c8:32:a0:6e:dd:5f:e9:5f:db:82:ab:f6:c2:e4:e1:a3:
84:97:cf:05:7a:f1:a4:dc:1c:3f:f8:2c:a2:f1:65:f9:27:7c:
de:7f:5a:86:2a:e2:3b:21:6b:51:37:e0:5b:17:94:c2:82:09:
ae:0b:9c:61:55:f2:05:05:ae:03:ee:95:bf:64:75:aa:df:c4:
b1:20:41:8b:fa:49:17:45:af:a4:e9:c0:df:84:11:42:0c:a0:
a9:5d:2a:a6:37:82:99:62:39:e2:89:03:1c:ce:42:12:43:09:
03:19:94:39:71:32:44:f0:d7:0c:31:b0:cf:64:8e:d9:54:cc:
e9:2d:31:c3:96:08:76:20:b5:d4:57:d9:90:fc:9a:b3:ce:df:
4d:68:db:dc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFyPTdlTjM4HDDUeviuODGPZZlw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU2NTdaFw0yNDA2MDkxMTAxNTdaMDMxMTAvBgNV
BAMTKDExMTU3MkMwOUU4MDNFNkQyMDgyRDQyNUNFRUNGMUY5OUI4NjRFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKWqqo1/yncd7pw12EX4apxies
++6rrzu3Cssyy35479ndgi3wLySubzQjsYErmLABeIx4AMZYyElgBdDCzQOrxwq9
mo9CVXwr/ahbkWtsXCcwx+RU//D3wEIgPtg/uEwWe3gPmsCdAR6Ouah+7FuqsVg4
cU/BUs38ow5Kuvwm6Q/FOxpGYKwJyYWTD3TI0Kvqy3sLJOQy0h8bFOsxLLC4ilKJ
2X/QyaQRjC23nR6cKBkxHgdxwONcUaUU2Ms/bcue3DsGgwrPrg1rsh7Qv/FZj0kM
jauLxMtAUsmBrlSt9FugosZPyFvnAjfxAQSY3I9N0Q5drPzmTAtG4+vxZEBhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUERVywJ6APm0ggtQlzuzx+ZuGTrswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wLMA0GCSqGSIb3DQEBCwUAA4IBAQBku152DNfMRVHC6+T92d4n8rci+AB03g/e
A5SoO55N95OiOp7C58latsNEwbvQGXY6AqgrU2HovNiJaF++BepVSTbiyaU+iqUJ
BlFKF9ykxqN5w1HQqyavUHjtJ8oiX547OqyKkubFZD5HLjI82cgyoG7dX+lf24Kr
9sLk4aOEl88FevGk3Bw/+Cyi8WX5J3zef1qGKuI7IWtRN+BbF5TCggmuC5xhVfIF
Ba4D7pW/ZHWq38SxIEGL+kkXRa+k6cDfhBFCDKCpXSqmN4KZYjniiQMczkISQwkD
GZQ5cTJE8NcMMbDPZI7ZVMzpLTHDlgh2ILXUV9mQ/Jqzzt9NaNvc
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org