Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
File: 33312e3232302e38382e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: pYS3a+PDzfOfXgGUpEDguHEHV/iXglEbPK/iYH7tJOc=
Subject key identifier: 14:F6:CF:36:C2:E9:2A:83:AB:09:4C:FC:98:10:73:EB:65:6D:46:D0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4346D9D394A9FEBE276D63FFD1AB362CFE911A2B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:28 +0000
ROA not before: Mon 26 Feb 2024 08:48:28 +0000
ROA not after: Mon 24 Feb 2025 08:53:28 +0000
asID: 51167
IP address blocks: 31.220.88.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:46:d9:d3:94:a9:fe:be:27:6d:63:ff:d1:ab:36:2c:fe:91:1a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:28 2024 GMT
Not After : Feb 24 08:53:28 2025 GMT
Subject: CN=14F6CF36C2E92A83AB094CFC981073EB656D46D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:d2:b9:58:f6:14:9a:2c:93:e9:ce:56:0f:
bc:5f:de:ba:56:60:cd:c5:bf:53:10:98:1a:44:99:
1e:a6:78:46:af:eb:06:6e:02:ab:73:8a:39:9d:5f:
df:ec:92:95:04:14:8f:d4:ae:30:d6:d4:1b:43:6b:
3e:87:e4:19:54:11:76:47:00:9f:6d:f3:81:5a:05:
f6:a8:b0:5e:9d:1d:b1:00:4e:12:7d:13:41:a4:5e:
44:08:b2:97:49:b6:78:1c:00:55:73:2e:64:17:f8:
25:12:05:ad:00:0f:43:07:e3:02:de:ac:53:0c:d3:
0b:3a:cc:eb:4f:e3:73:e1:41:9c:e3:54:cc:8e:6c:
59:8a:04:de:c4:f3:e0:73:42:71:b0:0d:9a:20:19:
e7:39:85:fd:d7:4c:cb:91:0d:01:1f:04:28:ef:f8:
22:d3:28:4f:e4:9e:43:8e:d9:0d:86:18:ed:3a:a6:
c2:ae:ad:24:a5:c2:cb:99:a3:44:1c:c2:84:9f:6b:
e1:a6:4c:f2:49:09:43:36:f4:ab:e6:32:b6:69:90:
cf:3b:bd:81:be:05:08:37:02:5b:d0:af:63:e1:fb:
17:13:09:b0:e5:16:7a:48:d8:ad:75:5c:25:72:52:
57:ce:45:75:3e:15:20:25:28:18:2b:46:7d:d6:84:
dd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F6:CF:36:C2:E9:2A:83:AB:09:4C:FC:98:10:73:EB:65:6D:46:D0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.88.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:be:21:af:dc:b8:3f:aa:e2:00:91:d4:eb:92:73:3a:ab:09:
8a:1e:66:0d:34:d8:f2:27:b6:d7:48:b2:86:6e:a2:49:5c:7a:
d0:5a:3f:8f:68:aa:aa:c4:4e:83:74:81:68:b5:cb:3c:6f:f9:
9c:26:2d:02:23:cd:e9:d1:d2:45:48:75:21:d7:6f:c0:28:92:
e4:6a:36:90:7b:50:c8:82:af:b9:b4:a5:19:0d:0c:c4:d9:47:
47:ca:e7:e3:46:4d:7c:42:4c:01:24:4a:c6:b9:0c:bc:69:6e:
7c:98:f8:be:f9:e5:60:a4:d3:f8:43:60:ac:01:8e:c0:7f:dc:
e9:26:61:e7:17:5b:a4:bc:48:3d:98:e9:42:70:85:e5:9c:f1:
a3:15:f7:1f:27:6d:64:b9:b7:52:b8:ac:b4:1a:a9:c9:2f:1f:
30:79:a9:48:d4:31:d4:e6:ff:55:32:19:c2:35:b3:b1:39:e3:
9e:32:32:da:29:77:56:17:62:b6:f4:f7:52:a2:d6:95:a2:51:
c2:1e:7e:aa:6c:a9:8b:29:53:40:35:61:67:2b:c9:37:09:1b:
bc:4b:d1:2d:72:73:4a:d9:ea:8c:14:c2:16:cf:66:8a:d8:65:
ec:e3:89:e9:3f:8b:df:db:06:1a:f7:86:d0:3f:a9:3b:54:87:
bf:36:9c:2d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQ0bZ05Sp/r4nbWP/0as2LP6RGiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjhaFw0yNTAyMjQwODUzMjhaMDMxMTAvBgNV
BAMTKDE0RjZDRjM2QzJFOTJBODNBQjA5NENGQzk4MTA3M0VCNjU2RDQ2RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7sdK5WPYUmiyT6c5WD7xf3rpW
YM3Fv1MQmBpEmR6meEav6wZuAqtzijmdX9/skpUEFI/UrjDW1BtDaz6H5BlUEXZH
AJ9t84FaBfaosF6dHbEAThJ9E0GkXkQIspdJtngcAFVzLmQX+CUSBa0AD0MH4wLe
rFMM0ws6zOtP43PhQZzjVMyObFmKBN7E8+BzQnGwDZogGec5hf3XTMuRDQEfBCjv
+CLTKE/knkOO2Q2GGO06psKurSSlwsuZo0QcwoSfa+GmTPJJCUM29KvmMrZpkM87
vYG+BQg3AlvQr2Ph+xcTCbDlFnpI2K11XCVyUlfORXU+FSAlKBgrRn3WhN1bAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUFPbPNsLpKoOrCUz8mBBz62VtRtAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzODM4
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c
WDANBgkqhkiG9w0BAQsFAAOCAQEALb4hr9y4P6riAJHU65JzOqsJih5mDTTY8ie2
10iyhm6iSVx60Fo/j2iqqsROg3SBaLXLPG/5nCYtAiPN6dHSRUh1IddvwCiS5Go2
kHtQyIKvubSlGQ0MxNlHR8rn40ZNfEJMASRKxrkMvGlufJj4vvnlYKTT+ENgrAGO
wH/c6SZh5xdbpLxIPZjpQnCF5ZzxoxX3HydtZLm3UristBqpyS8fMHmpSNQx1Ob/
VTIZwjWzsTnjnjIy2il3VhditvT3UqLWlaJRwh5+qmypiylTQDVhZyvJNwkbvEvR
LXJzStnqjBTCFs9mithl7OOJ6T+L39sGGveG0D+pO1SHvzacLQ==
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org