Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
File: 33312e3232302e32382e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: auUMjOpuPAR7xH7yEBm0V8l2nnHAllMVJT9SrE5Z3v0=
Subject key identifier: 72:04:1F:0D:68:F6:5D:E9:0C:75:6B:28:1D:D1:8C:87:53:A9:14:BC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 75D780B01F9DB6986525A31DDBBDFD89B916A73B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:11 +0000
ROA not before: Mon 26 Feb 2024 08:48:11 +0000
ROA not after: Mon 24 Feb 2025 08:53:11 +0000
asID: 201341
IP address blocks: 31.220.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:d7:80:b0:1f:9d:b6:98:65:25:a3:1d:db:bd:fd:89:b9:16:a7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:11 2024 GMT
Not After : Feb 24 08:53:11 2025 GMT
Subject: CN=72041F0D68F65DE90C756B281DD18C8753A914BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:67:6d:54:e1:bf:97:44:0c:4b:5a:3d:bf:83:
45:65:e9:4f:35:33:27:ff:b1:d9:c0:2d:52:09:73:
c4:bd:b0:20:69:d8:3b:ff:a5:66:9a:86:46:b4:7a:
d0:66:1a:20:f7:b3:fc:64:3e:bc:bf:cb:d8:e7:b1:
e1:3d:f6:a9:4c:0a:5d:62:4d:7c:89:4b:ac:58:9a:
cd:be:f8:e2:bd:34:cc:0b:4b:fc:7d:d8:02:03:08:
0f:e2:06:87:a7:1a:b5:6a:ce:bd:5d:be:c1:8c:6a:
6d:39:16:75:a6:b1:81:ab:7a:9d:5f:63:3a:8e:da:
ce:e6:d8:4a:d4:d1:0a:71:31:70:93:c6:12:08:96:
e0:23:12:bc:7b:ff:f7:75:3a:3a:5e:2d:be:0b:ee:
91:f5:45:98:41:ae:ed:7d:78:b9:53:3c:0b:3d:64:
40:1e:2e:29:04:8b:b4:64:dd:bc:3e:44:ee:06:c4:
d5:c7:1a:0b:a5:bd:5c:70:43:c2:64:9f:c6:ee:a7:
68:1c:40:7b:48:eb:a6:69:54:ba:d0:f7:d5:63:05:
a6:86:7a:e9:3e:c8:1d:93:b7:75:1d:b3:a6:79:9c:
10:e3:b2:6e:dd:8f:cb:b0:8b:24:2a:54:b5:8a:d4:
88:31:71:8f:df:9a:19:85:eb:c2:9b:a8:03:c9:de:
01:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:04:1F:0D:68:F6:5D:E9:0C:75:6B:28:1D:D1:8C:87:53:A9:14:BC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.28.0/24
Signature Algorithm: sha256WithRSAEncryption
13:5a:eb:d4:8f:2b:9a:bb:15:8c:04:94:c2:04:6f:9a:02:09:
b6:66:c9:e0:18:34:c0:e0:ff:b8:09:f7:7a:93:6e:bb:d5:aa:
92:93:a7:45:a3:c4:ac:32:bf:44:a6:08:e6:9d:c8:c4:f9:01:
bf:bb:04:c4:e2:91:3a:36:3b:ab:e6:5d:1a:c5:36:ba:18:a4:
55:c7:4c:ef:c0:ae:c6:11:d7:76:9d:4f:28:d4:67:55:3c:4c:
e6:3e:fe:85:44:72:08:eb:d3:15:b9:f7:30:7e:c9:f3:56:0c:
76:38:53:dc:56:be:d7:83:f8:e8:46:46:16:02:82:73:e1:44:
96:0e:c4:94:92:0a:36:0d:45:e2:22:3f:f3:aa:c6:2e:f8:d5:
49:36:ea:a5:f6:71:8e:5e:bd:e6:a4:fe:30:d9:10:ef:24:9d:
4a:7d:72:49:42:8e:25:05:30:a8:21:ae:f4:ae:5c:0c:ca:ed:
f8:bc:84:7c:f3:37:dc:e4:39:6f:fb:1d:02:22:4c:b0:c5:af:
38:ce:81:8e:a7:fe:cf:2f:5c:54:18:6e:f5:c0:2e:1c:98:a4:
6b:dd:17:02:64:aa:fd:41:c5:33:d6:6a:a7:83:d6:c2:e0:bb:
34:cc:e9:55:11:80:ba:eb:c8:e0:1f:0b:63:78:95:f9:1f:65:
f0:6d:c9:35
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUddeAsB+dtphlJaMd2739ibkWpzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTFaFw0yNTAyMjQwODUzMTFaMDMxMTAvBgNV
BAMTKDcyMDQxRjBENjhGNjVERTkwQzc1NkIyODFERDE4Qzg3NTNBOTE0QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyZ21U4b+XRAxLWj2/g0Vl6U81
Myf/sdnALVIJc8S9sCBp2Dv/pWaahka0etBmGiD3s/xkPry/y9jnseE99qlMCl1i
TXyJS6xYms2++OK9NMwLS/x92AIDCA/iBoenGrVqzr1dvsGMam05FnWmsYGrep1f
YzqO2s7m2ErU0QpxMXCTxhIIluAjErx7//d1OjpeLb4L7pH1RZhBru19eLlTPAs9
ZEAeLikEi7Rk3bw+RO4GxNXHGgulvVxwQ8Jkn8bup2gcQHtI66ZpVLrQ99VjBaaG
euk+yB2Tt3Uds6Z5nBDjsm7dj8uwiyQqVLWK1IgxcY/fmhmF68KbqAPJ3gG3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcgQfDWj2XekMdWsoHdGMh1OpFLwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wcMA0GCSqGSIb3DQEBCwUAA4IBAQATWuvUjyuauxWMBJTCBG+aAgm2ZsngGDTA
4P+4Cfd6k2671aqSk6dFo8SsMr9EpgjmncjE+QG/uwTE4pE6Njur5l0axTa6GKRV
x0zvwK7GEdd2nU8o1GdVPEzmPv6FRHII69MVufcwfsnzVgx2OFPcVr7Xg/joRkYW
AoJz4USWDsSUkgo2DUXiIj/zqsYu+NVJNuql9nGOXr3mpP4w2RDvJJ1KfXJJQo4l
BTCoIa70rlwMyu34vIR88zfc5Dlv+x0CIkywxa84zoGOp/7PL1xUGG71wC4cmKRr
3RcCZKr9QcUz1mqng9bC4Ls0zOlVEYC668jgHwtjeJX5H2Xwbck1
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:26 2024 by rpki-client on console-ams.rpki-client.org