Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38302e302f32322d3234203d3e20323034313730.roa
File: 3139342e3139352e38302e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: aNHaklDF+eIcKy3SAeMBUD4udxkwrlVc2Z7pImPj1Jg=
Subject key identifier: BB:8D:9A:78:27:FD:45:41:13:D9:13:D5:03:07:D6:4D:41:2A:81:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 17529E9B29EBDB3292B5C4C5FF727E3C80AD0328
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38302e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:26 +0000
ROA not before: Mon 26 Feb 2024 08:48:26 +0000
ROA not after: Mon 24 Feb 2025 08:53:26 +0000
asID: 204170
IP address blocks: 194.195.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:52:9e:9b:29:eb:db:32:92:b5:c4:c5:ff:72:7e:3c:80:ad:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:26 2024 GMT
Not After : Feb 24 08:53:26 2025 GMT
Subject: CN=BB8D9A7827FD454113D913D50307D64D412A817E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:82:ee:fb:ca:10:4e:7c:0e:db:10:a3:4c:
54:a1:35:b4:f0:8e:55:51:e9:38:7c:e6:d3:19:d3:
e2:63:5f:29:94:27:34:fe:e0:2a:5c:e2:d7:9b:87:
78:01:a0:93:e8:f4:3e:a4:19:1a:1e:e9:4a:18:38:
c2:9e:14:8f:b1:83:c7:63:f3:35:8b:9b:ac:61:77:
8a:2c:31:53:80:eb:61:9a:67:71:51:b2:97:da:30:
63:23:8f:61:dc:33:68:15:c3:db:02:08:7e:37:41:
c1:1b:aa:e4:14:73:4e:c2:f0:aa:cb:cb:04:37:1b:
8e:e5:b2:38:b9:9d:d7:55:5c:32:c5:98:a5:8e:74:
30:64:b2:0d:f6:f6:f0:94:98:ca:89:e5:c7:88:41:
52:66:a6:c6:0f:55:42:3a:61:ea:ac:b7:a5:be:4b:
2f:f9:54:5d:21:0e:71:b8:10:ab:6a:4e:4c:52:e8:
05:61:dc:fc:55:d8:6f:0d:82:3d:61:1b:67:04:e6:
03:02:eb:79:ec:22:a7:e5:40:77:79:ef:9b:55:78:
b2:bd:9e:ba:fa:bd:53:4a:0c:c2:c5:29:be:ae:28:
0d:ca:d7:49:bd:36:6e:a4:62:93:6d:0b:24:47:85:
46:62:be:53:1e:51:1a:1b:e7:8e:28:b2:4c:59:f6:
eb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8D:9A:78:27:FD:45:41:13:D9:13:D5:03:07:D6:4D:41:2A:81:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38302e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.80.0/22
Signature Algorithm: sha256WithRSAEncryption
87:e1:e7:c5:4d:95:a1:71:7d:27:fe:d8:09:cf:a9:81:9d:cc:
74:50:6c:74:5b:cc:7e:50:01:5e:28:1b:f8:1e:77:a2:2c:9f:
71:2b:92:fc:8a:1a:12:47:22:51:b3:d6:c5:29:db:0b:b9:1e:
37:a6:87:19:f8:5a:d6:37:74:92:c1:9b:8a:8a:0c:fe:cd:c9:
71:ee:65:52:f4:00:10:29:23:aa:3b:ac:7c:d1:c9:c0:eb:32:
08:a4:3f:ff:6d:35:9f:94:87:ed:b5:e8:80:a8:d0:47:bf:e7:
fd:49:b1:83:d3:9f:6b:e5:e6:fd:aa:c5:53:d3:39:9c:fc:df:
70:16:04:50:22:91:81:59:4c:ae:31:61:11:bf:ba:d8:2a:4f:
1a:83:6e:19:58:bd:b5:57:c8:aa:36:6e:fd:c7:1f:96:26:44:
2c:83:0c:88:d4:8c:89:31:2e:25:d6:34:d5:60:9c:4c:ff:66:
b1:f6:73:bd:34:90:2c:9a:27:e3:42:92:98:b1:68:c7:d8:83:
f3:6a:f9:91:da:31:cb:60:59:01:fc:e7:d1:8d:88:db:f0:54:
1a:5c:62:11:79:b1:69:9a:be:5d:1c:f2:66:e9:c6:66:43:b9:
b6:bf:7f:9f:a7:5e:60:38:3d:db:7f:ca:16:16:4c:66:84:d3:
9f:45:34:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF1Kemynr2zKStcTF/3J+PICtAygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjZaFw0yNTAyMjQwODUzMjZaMDMxMTAvBgNV
BAMTKEJCOEQ5QTc4MjdGRDQ1NDExM0Q5MTNENTAzMDdENjRENDEyQTgxN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2y4Lu+8oQTnwO2xCjTFShNbTw
jlVR6Th85tMZ0+JjXymUJzT+4Cpc4tebh3gBoJPo9D6kGRoe6UoYOMKeFI+xg8dj
8zWLm6xhd4osMVOA62GaZ3FRspfaMGMjj2HcM2gVw9sCCH43QcEbquQUc07C8KrL
ywQ3G47lsji5nddVXDLFmKWOdDBksg329vCUmMqJ5ceIQVJmpsYPVUI6Yeqst6W+
Sy/5VF0hDnG4EKtqTkxS6AVh3PxV2G8Ngj1hG2cE5gMC63nsIqflQHd575tVeLK9
nrr6vVNKDMLFKb6uKA3K10m9Nm6kYpNtCyRHhUZivlMeURob544oskxZ9utPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUu42aeCf9RUET2RPVAwfWTUEqgX4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALCw1AwDQYJKoZIhvcNAQELBQADggEBAIfh58VNlaFxfSf+2AnPqYGdzHRQbHRb
zH5QAV4oG/ged6Isn3ErkvyKGhJHIlGz1sUp2wu5Hjemhxn4WtY3dJLBm4qKDP7N
yXHuZVL0ABApI6o7rHzRycDrMgikP/9tNZ+Uh+216ICo0Ee/5/1JsYPTn2vl5v2q
xVPTOZz833AWBFAikYFZTK4xYRG/utgqTxqDbhlYvbVXyKo2bv3HH5YmRCyDDIjU
jIkxLiXWNNVgnEz/ZrH2c700kCyaJ+NCkpixaMfYg/Nq+ZHaMctgWQH859GNiNvw
VBpcYhF5sWmavl0c8mbpxmZDuba/f5+nXmA4Pdt/yhYWTGaE059FNHw=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org