Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa
File: 33312e3232302e342e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: xh6MFKaLyZ1a43mNiTys6SiCESXdieTP1kDMcyL4Kac=
Subject key identifier: 17:79:3E:EE:B4:C3:58:DE:02:E5:BE:FF:74:39:5D:22:BD:4E:B2:47
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2185B4E0C3DB712F5729F02767BC44CEBB87055A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa
Signing time: Mon 27 Jan 2025 09:45:30 +0000
ROA not before: Mon 27 Jan 2025 09:40:30 +0000
ROA not after: Mon 26 Jan 2026 09:45:30 +0000
asID: 63473
IP address blocks: 31.220.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:85:b4:e0:c3:db:71:2f:57:29:f0:27:67:bc:44:ce:bb:87:05:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:30 2025 GMT
Not After : Jan 26 09:45:30 2026 GMT
Subject: CN=17793EEEB4C358DE02E5BEFF74395D22BD4EB247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:34:fe:78:00:5f:b3:86:a6:a3:58:d5:bb:
1f:17:61:a0:20:ea:d2:27:fe:f7:fd:61:e6:5d:56:
5f:9b:bb:24:4e:5d:9f:18:83:d8:a6:23:8a:2e:87:
48:26:05:13:ca:b4:d9:a8:90:4d:77:cd:98:61:9d:
57:7f:e0:21:85:cf:c2:a2:f1:49:44:65:c1:65:ee:
40:70:7c:7f:d9:3f:4d:5a:de:a3:34:50:80:2c:a2:
49:a5:84:0a:58:bd:3d:fc:d5:0e:8d:93:06:2c:bc:
6c:48:fc:f5:d8:ba:77:5b:fa:ad:4d:3c:87:c0:73:
0d:2c:0b:51:9b:87:be:eb:81:2d:af:2d:5d:5f:b1:
1f:1e:b7:92:ab:44:67:57:60:0b:37:cf:40:b4:ea:
b0:4f:88:1e:bb:e8:51:6b:ad:72:65:2c:76:d7:a2:
6a:11:2e:12:77:f9:10:ac:20:28:48:df:f4:bc:5f:
45:8c:6e:9b:f9:0c:30:fb:a6:16:97:b9:26:d9:bd:
64:e0:03:64:0c:b6:25:4f:2e:ad:93:a3:13:87:6b:
9f:56:d2:53:01:10:c0:e4:a0:21:cf:a9:db:83:29:
fe:34:90:e3:6a:1c:38:6f:94:ad:ba:bb:e3:ee:a6:
43:eb:c8:bb:18:f5:6e:96:48:33:2d:5a:b2:e6:7f:
71:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:79:3E:EE:B4:C3:58:DE:02:E5:BE:FF:74:39:5D:22:BD:4E:B2:47
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.4.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0e:2c:9f:4f:f2:aa:33:61:87:55:40:ef:f2:02:38:62:86:
65:4a:53:00:a2:eb:28:bc:a0:ac:65:1b:60:3c:68:9d:f3:eb:
c0:ba:ae:d4:49:74:4c:6b:26:a1:ea:9f:dd:30:0f:af:e9:01:
b7:a3:eb:e2:f3:fc:d4:41:14:16:59:95:e1:ba:e0:07:cd:f0:
96:26:47:ef:3f:6f:f9:cf:dd:06:02:37:44:8c:5f:11:79:17:
74:82:9b:cc:b2:ce:b9:80:3b:84:e7:e9:92:40:77:b2:7d:19:
82:02:63:7d:8b:7e:3f:26:67:ae:d9:2c:b8:a6:e0:37:75:72:
90:1e:f1:c0:63:98:1f:04:bc:0e:28:d0:70:47:08:fb:a7:12:
0e:4c:08:a9:1f:0d:9a:70:29:81:b9:64:86:1f:71:2e:22:d0:
a1:77:c1:3b:80:10:d8:8a:7d:ef:f3:cf:6c:61:4c:10:a7:14:
44:85:37:de:67:62:e7:53:55:ed:89:53:e2:97:f8:5c:5a:97:
b6:5f:a2:89:5b:27:6b:95:85:32:40:8e:b1:95:03:81:c2:da:
21:46:b0:eb:ca:d2:fd:b2:30:3e:e8:4c:dc:aa:d9:ff:24:c6:
cc:90:a9:55:25:0c:80:6a:46:34:2c:b8:b5:03:f6:4e:97:fc:
6e:b6:33:a8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIYW04MPbcS9XKfAnZ7xEzruHBVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMzBaFw0yNjAxMjYwOTQ1MzBaMDMxMTAvBgNV
BAMTKDE3NzkzRUVFQjRDMzU4REUwMkU1QkVGRjc0Mzk1RDIyQkQ0RUIyNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQdTT+eABfs4amo1jVux8XYaAg
6tIn/vf9YeZdVl+buyROXZ8Yg9imI4ouh0gmBRPKtNmokE13zZhhnVd/4CGFz8Ki
8UlEZcFl7kBwfH/ZP01a3qM0UIAsokmlhApYvT381Q6NkwYsvGxI/PXYundb+q1N
PIfAcw0sC1Gbh77rgS2vLV1fsR8et5KrRGdXYAs3z0C06rBPiB676FFrrXJlLHbX
omoRLhJ3+RCsIChI3/S8X0WMbpv5DDD7phaXuSbZvWTgA2QMtiVPLq2ToxOHa59W
0lMBEMDkoCHPqduDKf40kONqHDhvlK26u+PupkPryLsY9W6WSDMtWrLmf3E3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUF3k+7rTDWN4C5b7/dDldIr1OskcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNDM3MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAf3AQw
DQYJKoZIhvcNAQELBQADggEBAHUOLJ9P8qozYYdVQO/yAjhihmVKUwCi6yi8oKxl
G2A8aJ3z68C6rtRJdExrJqHqn90wD6/pAbej6+Lz/NRBFBZZleG64AfN8JYmR+8/
b/nP3QYCN0SMXxF5F3SCm8yyzrmAO4Tn6ZJAd7J9GYICY32Lfj8mZ67ZLLim4Dd1
cpAe8cBjmB8EvA4o0HBHCPunEg5MCKkfDZpwKYG5ZIYfcS4i0KF3wTuAENiKfe/z
z2xhTBCnFESFN95nYudTVe2JU+KX+Fxal7ZfoolbJ2uVhTJAjrGVA4HC2iFGsOvK
0v2yMD7oTNyq2f8kxsyQqVUlDIBqRjQsuLUD9k6X/G62M6g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:01:37 2025 by rpki-client