Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132302e302f32342d3234203d3e20323039383534.roa
File: 33312e3136392e3132302e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: vc+/QUGN4CFDuAzL25CAkE/YkzyTO75FWnIfb1OwyzU=
Subject key identifier: A6:03:E4:F8:FD:79:75:9D:B9:73:AB:AB:67:84:03:A8:91:D8:A7:85
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 33AB7EE8008E76B768A9FC0D22036B10730D7919
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132302e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 30 Jul 2024 14:04:27 +0000
ROA not before: Tue 30 Jul 2024 13:59:27 +0000
ROA not after: Tue 29 Jul 2025 14:04:27 +0000
asID: 209854
IP address blocks: 31.169.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ab:7e:e8:00:8e:76:b7:68:a9:fc:0d:22:03:6b:10:73:0d:79:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jul 30 13:59:27 2024 GMT
Not After : Jul 29 14:04:27 2025 GMT
Subject: CN=A603E4F8FD79759DB973ABAB678403A891D8A785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:38:9a:62:2d:4d:15:ce:c1:89:bd:d7:0c:bf:
11:12:43:59:97:1b:6f:42:e8:a1:f5:95:5a:9d:c7:
0b:09:b1:18:f7:36:c4:40:dd:aa:3e:83:e5:b1:d6:
c8:12:87:4c:8f:c8:ed:46:ab:69:27:60:05:d9:57:
11:b1:3a:80:9e:66:2d:47:00:d7:37:2c:31:f4:7f:
11:e8:af:1a:db:42:43:1e:2d:89:88:df:45:d0:fd:
55:7d:f7:4a:81:be:47:c3:e9:14:91:04:28:95:b1:
cd:ff:68:21:43:61:f0:09:2f:0b:f2:b1:e1:f7:59:
13:01:ac:51:c3:1c:7f:d6:44:3a:eb:ff:61:5e:d8:
10:f9:ff:6a:85:bf:c5:5f:f4:14:e9:2b:0d:af:b6:
86:9b:bd:6d:cc:c1:b0:4a:3e:a8:51:d6:85:80:c6:
ce:7f:d4:eb:d6:e5:ba:14:78:4e:cd:e0:48:23:d8:
02:92:d5:97:8a:35:dd:09:57:8c:71:98:d1:fe:93:
85:03:26:a6:c3:7b:8a:71:27:d4:6e:08:d9:b9:6a:
40:c0:ba:6f:b3:f1:7e:e4:0f:6f:53:7e:a0:1c:a4:
1d:57:e8:80:ac:f5:4f:e8:79:54:16:07:00:65:87:
0e:fe:23:7f:76:6d:1a:c0:4d:f3:15:e0:0f:14:26:
a3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:03:E4:F8:FD:79:75:9D:B9:73:AB:AB:67:84:03:A8:91:D8:A7:85
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/33312e3136392e3132302e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.120.0/24
Signature Algorithm: sha256WithRSAEncryption
50:84:41:72:97:f2:15:66:de:32:f8:b4:e2:2f:a3:1f:19:46:
4c:1e:2b:08:5f:e0:18:80:84:57:31:aa:e7:2c:cb:9f:42:41:
f4:fa:f0:e3:22:4f:7c:48:3d:ab:ae:4e:fe:88:f1:75:06:b4:
76:81:4c:6c:18:9d:fb:de:af:07:71:b1:a2:25:22:fd:58:8c:
67:10:66:cf:27:49:9c:5c:01:56:df:fe:cb:2e:74:f5:75:02:
9a:77:25:8a:44:3b:2a:63:64:00:2f:7c:18:af:54:52:6d:34:
41:cf:d3:e4:08:f0:49:a5:2d:af:84:aa:0a:61:4a:54:a9:8d:
d3:1b:8f:6d:53:79:ed:92:61:1f:fd:06:97:6b:1c:1f:89:79:
e0:2a:b3:4a:54:95:d7:93:66:d9:dd:24:3f:1e:47:fa:c1:a8:
8d:9f:d4:a3:31:a6:d5:37:dd:84:d1:be:f9:0f:99:8c:ba:e6:
ae:ea:99:de:df:5a:c5:76:74:9b:4b:b0:02:b4:17:94:d4:0b:
4e:23:57:92:64:27:2e:c3:d0:ce:3c:15:5c:86:7b:86:f4:8a:
0d:5e:5a:8d:d5:72:37:dd:43:da:75:12:50:d0:f5:db:13:32:
20:8e:70:d0:a7:32:6c:07:e3:fc:3f:d6:fd:29:44:57:38:01:
32:b5:f1:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM6t+6ACOdrdoqfwNIgNrEHMNeRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA3MzAxMzU5MjdaFw0yNTA3MjkxNDA0MjdaMDMxMTAvBgNV
BAMTKEE2MDNFNEY4RkQ3OTc1OURCOTczQUJBQjY3ODQwM0E4OTFEOEE3ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFOJpiLU0VzsGJvdcMvxESQ1mX
G29C6KH1lVqdxwsJsRj3NsRA3ao+g+Wx1sgSh0yPyO1Gq2knYAXZVxGxOoCeZi1H
ANc3LDH0fxHorxrbQkMeLYmI30XQ/VV990qBvkfD6RSRBCiVsc3/aCFDYfAJLwvy
seH3WRMBrFHDHH/WRDrr/2Fe2BD5/2qFv8Vf9BTpKw2vtoabvW3MwbBKPqhR1oWA
xs5/1OvW5boUeE7N4Egj2AKS1ZeKNd0JV4xxmNH+k4UDJqbDe4pxJ9RuCNm5akDA
um+z8X7kD29TfqAcpB1X6ICs9U/oeVQWBwBlhw7+I392bRrATfMV4A8UJqNdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpgPk+P15dZ25c6urZ4QDqJHYp4UwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzMzMTJlMzEzNjM5MmUzMTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzODM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAfqXgwDQYJKoZIhvcNAQELBQADggEBAFCEQXKX8hVm3jL4tOIvox8ZRkweKwhf
4BiAhFcxqucsy59CQfT68OMiT3xIPauuTv6I8XUGtHaBTGwYnfverwdxsaIlIv1Y
jGcQZs8nSZxcAVbf/ssudPV1App3JYpEOypjZAAvfBivVFJtNEHP0+QI8EmlLa+E
qgphSlSpjdMbj21Tee2SYR/9BpdrHB+JeeAqs0pUldeTZtndJD8eR/rBqI2f1KMx
ptU33YTRvvkPmYy65q7qmd7fWsV2dJtLsAK0F5TUC04jV5JkJy7D0M48FVyGe4b0
ig1eWo3VcjfdQ9p1ElDQ9dsTMiCOcNCnMmwH4/w/1v0pRFc4ATK18QE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org