Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e372e302f32342d3234203d3e203633343733.roa
File: 33312e3232302e372e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: aK09k99KyDTxLOeKhT5LmkPWUcws+wrTgESEx8w0ZII=
Subject key identifier: EE:9D:83:23:2A:FC:94:5E:F0:B9:6B:92:BA:6B:01:42:DB:53:60:FE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E436320012543134BE8D87A7E3ED074E8D8E0C3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e372e302f32342d3234203d3e203633343733.roa
Signing time: Sun 21 Jul 2024 08:04:18 +0000
ROA not before: Sun 21 Jul 2024 07:59:18 +0000
ROA not after: Sun 20 Jul 2025 08:04:18 +0000
asID: 63473
IP address blocks: 31.220.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:43:63:20:01:25:43:13:4b:e8:d8:7a:7e:3e:d0:74:e8:d8:e0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:59:18 2024 GMT
Not After : Jul 20 08:04:18 2025 GMT
Subject: CN=EE9D83232AFC945EF0B96B92BA6B0142DB5360FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:89:78:ee:7d:0b:04:64:06:c1:de:99:6f:e2:
da:1f:f8:8b:6b:9f:dc:a6:74:85:02:df:33:28:38:
2b:70:58:ff:8f:35:e4:f3:fb:7d:50:00:5d:ae:41:
ee:b0:af:6d:ec:fe:7f:b5:d2:bc:84:18:84:c3:2c:
9a:a2:a3:c8:82:f8:32:5d:ca:f5:8d:ed:0e:88:f2:
40:af:85:96:fc:0e:b4:15:d1:ec:1b:63:77:c3:a1:
87:b6:3d:5b:19:d2:e8:6f:90:f3:b3:7d:e4:45:59:
92:b3:4f:3c:e3:34:dd:63:87:e8:52:9e:26:d0:80:
86:ee:fa:a1:e9:b4:a7:25:e8:80:63:71:80:07:34:
83:8f:de:74:58:85:b6:b1:fa:ee:16:0d:6c:7d:31:
7b:4c:5e:1b:81:96:02:59:7b:6d:d7:c8:23:96:b0:
a3:17:0f:75:75:b0:af:79:98:ce:6f:92:f0:37:f8:
01:5a:4e:01:0b:0e:6f:c5:bd:0d:d9:2c:dc:d4:fd:
71:7f:d7:d1:00:1b:81:65:6c:01:5d:92:84:e0:c5:
51:7a:73:b2:e9:b5:78:a9:6d:1d:37:ab:90:07:d9:
20:b3:d3:8d:28:7b:8b:df:32:19:a8:8b:73:42:6d:
59:24:71:fa:68:3d:9d:05:a8:66:c5:d6:72:b4:6e:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9D:83:23:2A:FC:94:5E:F0:B9:6B:92:BA:6B:01:42:DB:53:60:FE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e372e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.7.0/24
Signature Algorithm: sha256WithRSAEncryption
26:07:ff:09:dc:b5:b7:72:d6:a7:4e:49:67:4f:4d:4e:89:9e:
c8:d2:53:5a:39:a1:a9:f8:45:41:35:3c:cf:82:93:cb:c2:ff:
0f:17:14:03:6d:8a:80:9d:10:08:27:8a:74:8b:48:2c:58:ad:
58:3a:22:01:15:4f:c6:a0:f5:96:0d:36:e9:c4:a5:32:ea:ed:
d2:78:25:08:ea:e4:69:ac:7b:b4:80:91:fc:87:7d:b4:82:62:
87:a6:e1:02:d1:5c:14:95:cd:05:4f:6e:18:2a:e0:78:20:12:
9b:05:02:2d:a4:bc:bc:11:f2:4e:74:1a:bc:b5:53:9b:ed:4f:
f6:96:4b:bc:64:88:48:ae:92:b3:47:e7:f1:7a:a5:84:cd:f3:
23:e9:01:ec:b7:ae:30:0a:ce:5a:c8:06:cf:ab:cb:9c:39:dd:
81:72:75:84:c3:e3:79:e8:c1:d8:58:90:5d:38:df:4f:fd:23:
67:e2:d8:0c:9f:6d:20:5c:61:98:bc:0d:d6:bb:07:e8:b6:1a:
64:72:22:3c:71:11:68:1c:f8:a1:cf:ac:33:38:da:56:48:f0:
73:65:a7:07:ee:35:2d:9f:eb:17:d7:3b:6b:4a:4e:df:a6:79:
a9:b0:ce:a0:dd:4d:54:2e:ab:aa:b5:9f:41:8b:63:d1:56:7a:
84:35:c8:ab
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDkNjIAElQxNL6Nh6fj7QdOjY4MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MjEwNzU5MThaFw0yNTA3MjAwODA0MThaMDMxMTAvBgNV
BAMTKEVFOUQ4MzIzMkFGQzk0NUVGMEI5NkI5MkJBNkIwMTQyREI1MzYwRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEiXjufQsEZAbB3plv4tof+Itr
n9ymdIUC3zMoOCtwWP+PNeTz+31QAF2uQe6wr23s/n+10ryEGITDLJqio8iC+DJd
yvWN7Q6I8kCvhZb8DrQV0ewbY3fDoYe2PVsZ0uhvkPOzfeRFWZKzTzzjNN1jh+hS
nibQgIbu+qHptKcl6IBjcYAHNIOP3nRYhbax+u4WDWx9MXtMXhuBlgJZe23XyCOW
sKMXD3V1sK95mM5vkvA3+AFaTgELDm/FvQ3ZLNzU/XF/19EAG4FlbAFdkoTgxVF6
c7LptXipbR03q5AH2SCz040oe4vfMhmoi3NCbVkkcfpoPZ0FqGbF1nK0btfNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU7p2DIyr8lF7wuWuSumsBQttTYP4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNDM3MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAf3Acw
DQYJKoZIhvcNAQELBQADggEBACYH/wnctbdy1qdOSWdPTU6JnsjSU1o5oan4RUE1
PM+Ck8vC/w8XFANtioCdEAgninSLSCxYrVg6IgEVT8ag9ZYNNunEpTLq7dJ4JQjq
5Gmse7SAkfyHfbSCYoem4QLRXBSVzQVPbhgq4HggEpsFAi2kvLwR8k50Gry1U5vt
T/aWS7xkiEiukrNH5/F6pYTN8yPpAey3rjAKzlrIBs+ry5w53YFydYTD43nowdhY
kF0430/9I2fi2AyfbSBcYZi8Dda7B+i2GmRyIjxxEWgc+KHPrDM42lZI8HNlpwfu
NS2f6xfXO2tKTt+meamwzqDdTVQuq6q1n0GLY9FWeoQ1yKs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org