Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e33322e302f32312d3234203d3e203437353833.roa
File: 3139342e3136332e33322e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: yUiQ7+SChiOjafVbsE4cMiPZZwF8TTseztkkK3Fj/uw=
Subject key identifier: CE:1B:62:1F:01:5B:20:DC:BC:22:6A:2A:7E:62:A7:55:C1:F1:86:97
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 09794D680804EC3F205B01F61C6EFA0F0355F35F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e33322e302f32312d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:24 +0000
ROA not before: Mon 26 Feb 2024 08:48:24 +0000
ROA not after: Mon 24 Feb 2025 08:53:24 +0000
asID: 47583
IP address blocks: 194.163.32.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:79:4d:68:08:04:ec:3f:20:5b:01:f6:1c:6e:fa:0f:03:55:f3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:24 2024 GMT
Not After : Feb 24 08:53:24 2025 GMT
Subject: CN=CE1B621F015B20DCBC226A2A7E62A755C1F18697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ba:93:a0:ab:7a:f0:c5:b8:46:f6:ec:4e:8b:
b2:9a:4a:cd:ca:83:dc:63:17:bd:aa:f9:d9:26:88:
e3:6d:36:a1:88:7e:d4:2b:fe:a3:b4:12:8c:41:d1:
f0:0b:76:fa:a8:32:58:29:c1:54:bc:b2:fc:e0:4e:
64:98:62:6f:a3:fc:9d:9b:32:3a:90:e5:73:bb:2b:
38:ef:71:43:d2:6e:13:b0:c4:b0:e8:c6:fd:1a:f3:
57:26:c6:6b:93:82:f2:96:a3:bb:71:78:05:b0:c5:
da:07:25:2c:53:06:87:76:77:92:13:03:f8:37:d7:
ab:32:28:1a:2c:5c:7d:4c:22:82:47:c5:90:cf:6b:
8d:00:69:30:ec:d1:b8:71:7f:6c:f4:3d:f2:12:10:
8d:b8:a5:33:7a:20:b7:c4:4d:fd:09:e0:55:77:17:
9f:39:9c:c1:20:ab:96:e2:ca:0d:2a:13:99:0b:8c:
d9:82:e4:11:c1:fd:a2:a6:1f:23:37:63:e7:92:85:
55:41:06:16:a5:4b:70:db:4b:89:4b:1d:ba:9c:4c:
d4:39:76:48:f0:5f:03:f4:d0:3c:db:5c:0a:d3:7d:
63:28:7e:2a:63:61:63:3c:16:ce:f1:cb:de:1f:4e:
8c:19:93:69:74:00:4c:13:47:7f:92:44:cc:3c:d3:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1B:62:1F:01:5B:20:DC:BC:22:6A:2A:7E:62:A7:55:C1:F1:86:97
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e33322e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.32.0/21
Signature Algorithm: sha256WithRSAEncryption
26:c4:dc:8d:30:f1:49:9f:1e:42:39:80:fa:69:a8:9e:e7:be:
bd:8b:28:7d:5d:d8:06:e0:ad:04:23:d3:19:f3:b6:29:f4:30:
15:00:ad:ce:c1:c4:18:41:65:24:ba:c0:df:dc:e5:51:10:21:
54:8b:6e:e1:01:9e:70:42:c8:90:8a:19:b3:d8:aa:19:74:ce:
82:2b:6f:e9:2b:a9:b4:0f:99:43:63:9e:f4:1a:97:60:91:53:
c3:80:b5:f7:57:5e:04:80:39:aa:8f:6e:43:fc:70:9a:cd:69:
32:ee:e8:c3:66:1a:5a:14:97:cd:d1:89:c8:f3:6a:bc:40:98:
1d:13:03:c9:cf:21:30:04:7d:29:df:f9:6d:52:6f:17:91:33:
76:f9:9c:e6:4a:f5:72:de:2f:94:e7:f6:dc:9b:11:2d:c8:7a:
ae:24:c6:53:7b:d6:93:39:f1:53:5f:e7:e6:c2:76:74:c8:86:
7f:7d:1b:cd:bb:9b:d5:39:d3:20:48:a7:69:fc:c0:b5:e5:b7:
7f:f4:12:86:d9:e7:9b:e2:16:4b:77:59:69:c1:db:50:e1:67:
ee:44:e5:85:e8:d3:26:fb:01:a7:d9:d4:c9:39:53:c5:ab:df:
4e:c9:d0:49:45:89:51:fe:67:40:3a:b9:8f:67:37:f1:0e:0e:
3c:b2:87:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCXlNaAgE7D8gWwH2HG76DwNV818wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjRaFw0yNTAyMjQwODUzMjRaMDMxMTAvBgNV
BAMTKENFMUI2MjFGMDE1QjIwRENCQzIyNkEyQTdFNjJBNzU1QzFGMTg2OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWupOgq3rwxbhG9uxOi7KaSs3K
g9xjF72q+dkmiONtNqGIftQr/qO0EoxB0fALdvqoMlgpwVS8svzgTmSYYm+j/J2b
MjqQ5XO7KzjvcUPSbhOwxLDoxv0a81cmxmuTgvKWo7txeAWwxdoHJSxTBod2d5IT
A/g316syKBosXH1MIoJHxZDPa40AaTDs0bhxf2z0PfISEI24pTN6ILfETf0J4FV3
F585nMEgq5biyg0qE5kLjNmC5BHB/aKmHyM3Y+eShVVBBhalS3DbS4lLHbqcTNQ5
dkjwXwP00DzbXArTfWMofipjYWM8Fs7xy94fTowZk2l0AEwTR3+SRMw801iHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzhtiHwFbINy8ImoqfmKnVcHxhpcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM2MzMyZTMz
MzIyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wqMgMA0GCSqGSIb3DQEBCwUAA4IBAQAmxNyNMPFJnx5COYD6aaie5769iyh9XdgG
4K0EI9MZ87Yp9DAVAK3OwcQYQWUkusDf3OVRECFUi27hAZ5wQsiQihmz2KoZdM6C
K2/pK6m0D5lDY570GpdgkVPDgLX3V14EgDmqj25D/HCazWky7ujDZhpaFJfN0YnI
82q8QJgdEwPJzyEwBH0p3/ltUm8XkTN2+ZzmSvVy3i+U5/bcmxEtyHquJMZTe9aT
OfFTX+fmwnZ0yIZ/fRvNu5vVOdMgSKdp/MC15bd/9BKG2eeb4hZLd1lpwdtQ4Wfu
ROWF6NMm+wGn2dTJOVPFq99OydBJRYlR/mdAOrmPZzfxDg48sof/
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org