Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: 4n/u8jQRnpMDOgI/ZZ7mGwzqpUj4HUvfbi4IVOnF7pU=
Subject key identifier: 90:FB:B8:8B:6E:63:F3:B1:38:E9:FF:73:F6:18:BC:C9:05:3A:29:2F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1AA65AEE95CDAB5DC657A38999094B5070775147
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
Signing time: Mon 11 Sep 2023 16:08:19 +0000
ROA not before: Mon 11 Sep 2023 16:03:19 +0000
ROA not after: Mon 09 Sep 2024 16:08:19 +0000
asID: 47583
IP address blocks: 193.203.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a6:5a:ee:95:cd:ab:5d:c6:57:a3:89:99:09:4b:50:70:77:51:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 11 16:03:19 2023 GMT
Not After : Sep 9 16:08:19 2024 GMT
Subject: CN=90FBB88B6E63F3B138E9FF73F618BCC9053A292F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:18:23:c0:26:98:94:bf:f1:b5:8c:e9:75:21:
43:37:50:6d:76:0a:9b:da:a5:a0:ff:1f:6d:94:08:
02:13:c9:a9:5f:72:2e:9f:ef:10:b1:4a:44:bc:ee:
c4:0a:12:e8:ff:25:54:be:40:a9:3c:07:fc:f5:e0:
ad:26:75:f7:cb:18:68:17:9f:ea:19:10:f9:ff:9a:
24:a3:c3:0c:9e:03:c0:63:a9:46:15:3e:94:9f:05:
58:f3:57:a6:14:be:e3:7f:28:31:2d:18:14:ed:92:
dc:ff:20:e4:26:e8:0a:1e:c6:26:f4:d4:3e:ab:ad:
49:f1:a7:85:93:5a:60:af:ef:30:1b:c6:61:e6:ad:
7a:bd:83:3e:08:1a:89:b6:cf:b8:c2:a9:d5:e1:b9:
4d:54:49:d0:d3:ec:62:31:7b:ba:d9:6a:a0:7d:46:
29:72:a8:63:17:79:01:74:94:99:9d:93:f4:38:c1:
5c:40:80:89:da:a1:d3:a4:f3:48:00:77:e7:7b:6c:
7a:c5:1e:54:24:8b:67:fd:ab:aa:f6:ed:be:92:1d:
a4:a8:3f:66:71:d0:13:01:35:8b:47:b5:3d:a9:c6:
25:c8:fb:b2:bb:78:7f:ac:fe:02:3d:78:1d:a6:7b:
a9:21:9a:a7:08:e4:9d:47:ad:bd:d3:88:72:49:4e:
2e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FB:B8:8B:6E:63:F3:B1:38:E9:FF:73:F6:18:BC:C9:05:3A:29:2F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.180.0/22
Signature Algorithm: sha256WithRSAEncryption
08:d4:58:96:21:bd:a9:2a:f6:19:8c:44:03:d0:63:2d:9a:88:
5b:ce:5d:30:f6:ff:8a:11:b9:e7:b2:d7:e1:69:cd:96:f7:83:
cc:63:ed:a1:2e:20:fa:84:3c:8e:4e:68:bb:2e:69:42:11:cb:
92:ff:c1:ad:9a:9f:22:35:54:f4:e9:80:3e:27:20:70:c5:78:
c3:08:52:c0:21:61:ae:00:55:c3:8c:de:6e:df:af:6f:03:32:
e0:55:e8:78:a1:e0:3f:73:05:1c:7a:91:ef:ce:ce:81:b7:f8:
67:f0:40:8f:00:84:3b:fd:8f:d2:ec:ce:0a:e8:67:29:08:a3:
21:32:fb:a3:d0:98:cf:eb:ad:ed:39:7e:90:d4:35:d7:91:a6:
4f:25:73:a4:08:06:5f:8b:e2:64:2f:49:7e:a6:ba:1a:4c:ff:
a8:30:1c:a4:a1:d9:b8:d1:4d:e4:7b:03:01:26:5e:cf:e2:a6:
fd:5f:6c:f3:2d:83:4e:93:60:d4:49:21:da:81:cb:02:52:94:
9a:3f:36:1c:b0:c9:98:a2:2b:ac:de:7a:1b:61:c8:00:13:03:
8a:e7:c2:dc:c2:fd:96:28:d1:c7:07:ca:9a:08:5d:cf:bd:1c:
15:73:ac:5a:ad:75:59:54:f5:06:31:88:84:6c:1f:07:f3:6b:
89:a1:cf:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGqZa7pXNq13GV6OJmQlLUHB3UUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MTExNjAzMTlaFw0yNDA5MDkxNjA4MTlaMDMxMTAvBgNV
BAMTKDkwRkJCODhCNkU2M0YzQjEzOEU5RkY3M0Y2MThCQ0M5MDUzQTI5MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhGCPAJpiUv/G1jOl1IUM3UG12
CpvapaD/H22UCAITyalfci6f7xCxSkS87sQKEuj/JVS+QKk8B/z14K0mdffLGGgX
n+oZEPn/miSjwwyeA8BjqUYVPpSfBVjzV6YUvuN/KDEtGBTtktz/IOQm6Aoexib0
1D6rrUnxp4WTWmCv7zAbxmHmrXq9gz4IGom2z7jCqdXhuU1USdDT7GIxe7rZaqB9
RilyqGMXeQF0lJmdk/Q4wVxAgInaodOk80gAd+d7bHrFHlQki2f9q6r27b6SHaSo
P2Zx0BMBNYtHtT2pxiXI+7K7eH+s/gI9eB2me6khmqcI5J1Hrb3TiHJJTi5BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkPu4i25j87E46f9z9hi8yQU6KS8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzgzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy7QwDQYJKoZIhvcNAQELBQADggEBAAjUWJYhvakq9hmMRAPQYy2aiFvOXTD2
/4oRueey1+FpzZb3g8xj7aEuIPqEPI5OaLsuaUIRy5L/wa2anyI1VPTpgD4nIHDF
eMMIUsAhYa4AVcOM3m7fr28DMuBV6Hih4D9zBRx6ke/OzoG3+GfwQI8AhDv9j9Ls
zgroZykIoyEy+6PQmM/rre05fpDUNdeRpk8lc6QIBl+L4mQvSX6muhpM/6gwHKSh
2bjRTeR7AwEmXs/ipv1fbPMtg06TYNRJIdqBywJSlJo/NhywyZiiK6zeehthyAAT
A4rnwtzC/ZYo0ccHypoIXc+9HBVzrFqtdVlU9QYxiIRsHwfza4mhz0Q=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:47 2024 by rpki-client on console-fra.rpki-client.org