Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3135362e302f32322d3234203d3e203437353833.roa
File: 3134352e31342e3135362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: yoxoIN5bF67kZ5emvf5IyEw3Q4U8fL3WEEVhnG5h9hg=
Subject key identifier: 98:C9:29:4D:70:1D:BE:3B:E9:E3:97:3E:2F:16:79:C0:30:02:8A:62
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7321D04FC8AF3890330A2D5807C76667BD19FFEA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3135362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:25 +0000
ROA not before: Mon 26 Feb 2024 08:48:25 +0000
ROA not after: Mon 24 Feb 2025 08:53:25 +0000
asID: 47583
IP address blocks: 145.14.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:21:d0:4f:c8:af:38:90:33:0a:2d:58:07:c7:66:67:bd:19:ff:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:25 2024 GMT
Not After : Feb 24 08:53:25 2025 GMT
Subject: CN=98C9294D701DBE3BE9E3973E2F1679C030028A62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:8c:cc:ea:3b:e9:de:bc:d0:49:42:63:24:
96:a2:5a:92:5d:62:a7:7f:5e:55:ca:7e:a4:be:7e:
2a:ba:15:f8:93:63:98:78:da:1d:f6:78:61:8f:57:
37:93:6a:e9:45:48:95:3f:c8:93:ac:51:3d:b5:97:
55:79:07:46:59:fe:ab:b4:e3:87:46:d7:2c:91:68:
4d:29:09:8b:19:4e:1c:61:32:31:ce:66:81:42:d4:
bb:45:cc:06:2d:a5:71:50:f5:69:46:e1:51:36:0c:
06:0f:93:7e:1b:0b:2e:a7:f8:13:0b:bc:ac:bb:9e:
92:00:f9:53:c5:a8:51:05:76:0b:d9:a0:c1:5c:5c:
22:7c:e3:87:f4:8b:ed:44:1b:47:8c:bb:3a:16:ca:
68:78:95:cc:eb:a0:ed:01:28:1b:5b:2e:ae:8a:e6:
3a:dc:54:51:54:a7:1a:bb:db:6d:b2:16:a8:17:24:
39:1a:ef:4f:9c:e8:fb:97:60:b0:d3:21:be:57:3a:
31:9e:66:2d:3d:85:9d:31:02:ae:f2:a5:ff:3c:01:
0d:5d:87:13:ca:8b:58:3b:22:79:9b:86:52:28:6a:
29:eb:67:15:74:84:2b:0d:71:e0:bf:ce:ea:06:96:
74:91:c0:83:8a:bd:80:84:f7:da:8b:23:c7:0c:80:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C9:29:4D:70:1D:BE:3B:E9:E3:97:3E:2F:16:79:C0:30:02:8A:62
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3135362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.156.0/22
Signature Algorithm: sha256WithRSAEncryption
04:12:ca:a5:4e:9f:36:82:a0:d4:de:36:2f:1a:1f:78:b7:69:
fe:57:0c:38:66:12:0e:d0:56:22:51:53:b9:7e:65:42:f4:57:
13:bd:ac:a1:9c:96:81:b4:bf:24:7a:0a:fc:c3:b8:ab:81:ab:
a2:ad:62:d7:0a:37:1f:17:f5:9f:19:cc:d6:c8:1f:66:b2:08:
27:aa:6b:b7:2a:c1:c7:2f:2d:35:80:52:e6:c9:00:7a:75:13:
b3:f9:0e:98:6a:0e:0a:cc:f0:f2:a0:82:1d:d3:0a:d9:ae:fd:
11:f8:93:12:fc:3a:26:2a:5e:ab:9f:eb:1a:ee:bc:5b:36:45:
76:ee:11:c6:e4:69:98:2f:87:78:8d:da:8f:e5:d4:49:6a:ea:
8f:53:57:f7:91:9c:5d:99:49:eb:29:3c:47:84:de:d0:2b:26:
8b:2b:5c:59:08:f4:df:34:79:2c:c7:55:e7:36:52:03:85:66:
06:34:e4:99:63:b8:34:5d:77:72:c7:ea:09:2b:cf:4c:a9:ea:
ad:ce:f3:fb:eb:46:17:f8:1a:8f:84:11:c3:87:74:d2:bc:71:
41:b8:3a:24:e6:c7:2d:4f:a5:b9:fd:49:d0:fb:5d:58:38:46:
33:cd:1e:37:cc:fd:4b:d6:b7:c2:4b:48:5c:a3:ca:20:35:b2:
a4:88:d1:ea
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcyHQT8ivOJAzCi1YB8dmZ70Z/+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjVaFw0yNTAyMjQwODUzMjVaMDMxMTAvBgNV
BAMTKDk4QzkyOTRENzAxREJFM0JFOUUzOTczRTJGMTY3OUMwMzAwMjhBNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQAozM6jvp3rzQSUJjJJaiWpJd
Yqd/XlXKfqS+fiq6FfiTY5h42h32eGGPVzeTaulFSJU/yJOsUT21l1V5B0ZZ/qu0
44dG1yyRaE0pCYsZThxhMjHOZoFC1LtFzAYtpXFQ9WlG4VE2DAYPk34bCy6n+BML
vKy7npIA+VPFqFEFdgvZoMFcXCJ844f0i+1EG0eMuzoWymh4lczroO0BKBtbLq6K
5jrcVFFUpxq7222yFqgXJDka70+c6PuXYLDTIb5XOjGeZi09hZ0xAq7ypf88AQ1d
hxPKi1g7InmbhlIoainrZxV0hCsNceC/zuoGlnSRwIOKvYCE99qLI8cMgGWjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmMkpTXAdvjvp45c+LxZ5wDACimIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzMTM0MmUzMTM1
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
kQ6cMA0GCSqGSIb3DQEBCwUAA4IBAQAEEsqlTp82gqDU3jYvGh94t2n+Vww4ZhIO
0FYiUVO5fmVC9FcTvayhnJaBtL8kegr8w7irgauirWLXCjcfF/WfGczWyB9msggn
qmu3KsHHLy01gFLmyQB6dROz+Q6Yag4KzPDyoIId0wrZrv0R+JMS/DomKl6rn+sa
7rxbNkV27hHG5GmYL4d4jdqP5dRJauqPU1f3kZxdmUnrKTxHhN7QKyaLK1xZCPTf
NHksx1XnNlIDhWYGNOSZY7g0XXdyx+oJK89MqeqtzvP760YX+BqPhBHDh3TSvHFB
uDok5sctT6W5/UnQ+11YOEYzzR43zP1L1rfCS0hco8ogNbKkiNHq
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:46 2024 by rpki-client on console-fra.rpki-client.org