Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38362e302f32342d3234203d3e203437353833.roa
File: 3139342e3139352e38362e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: OD48dqB3fqfRyXEZ9dKFTWesXNZU4+BAXEeBfB4WNT4=
Subject key identifier: 44:1E:45:D8:EB:DB:32:EB:23:FD:28:60:E1:4F:4D:55:DE:D0:E3:FD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1FD7E0E46A4400FCC25891D805D75ACB10423A24
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38362e302f32342d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:33 +0000
ROA not before: Mon 26 Feb 2024 08:48:33 +0000
ROA not after: Mon 24 Feb 2025 08:53:33 +0000
asID: 47583
IP address blocks: 194.195.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:d7:e0:e4:6a:44:00:fc:c2:58:91:d8:05:d7:5a:cb:10:42:3a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:33 2024 GMT
Not After : Feb 24 08:53:33 2025 GMT
Subject: CN=441E45D8EBDB32EB23FD2860E14F4D55DED0E3FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:15:e0:b9:e4:f0:87:38:45:11:80:c4:30:44:
40:6b:f5:95:af:a5:78:00:07:a5:fe:aa:72:10:21:
d7:27:29:b8:da:27:97:76:9b:53:2f:ab:c6:fb:cc:
66:f6:23:17:84:6b:e9:fd:8f:40:e2:48:c4:4a:4e:
de:68:1d:72:03:b9:71:32:08:14:b7:c8:3e:20:2f:
4e:32:f7:55:7f:1e:1b:fb:e7:be:83:5c:f8:12:f8:
38:58:32:24:a4:37:12:97:de:78:fd:3a:95:24:87:
67:70:87:cf:4a:ed:d4:ec:c4:e4:c3:86:c0:da:05:
c9:6b:e1:37:26:c5:70:59:9c:14:7f:bd:f8:b9:07:
10:b0:04:d4:3e:e0:9d:39:84:5f:89:06:fa:a9:88:
8c:a0:59:f8:d1:1a:e1:f4:a6:31:7d:bc:dc:7f:ea:
76:42:8d:ec:af:fd:b1:e7:13:2d:5d:45:43:35:f1:
bc:d7:1e:5c:8b:d9:c2:d9:67:c0:fc:46:6e:9d:ef:
98:55:42:8d:bd:82:6b:4a:a6:55:40:30:cf:92:27:
a7:60:82:ad:3b:3e:9b:71:32:a0:29:70:e9:71:8a:
36:28:4b:ed:0d:14:fd:e0:f9:62:f8:e5:7f:6b:42:
e9:2e:b3:d9:da:e0:bf:77:bb:c4:1d:54:08:6c:7d:
df:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1E:45:D8:EB:DB:32:EB:23:FD:28:60:E1:4F:4D:55:DE:D0:E3:FD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38362e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.86.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:7d:54:ae:d2:f5:39:ad:ed:b1:94:3c:2d:17:d2:0c:b8:08:
79:b4:7b:07:34:14:f6:91:4e:c3:90:44:d5:a4:45:d9:69:59:
60:c5:c2:c2:b1:36:b9:04:a2:44:1c:26:8c:88:8a:86:4e:5b:
7d:e6:44:e5:f2:f8:80:29:f1:b6:ac:10:06:04:cc:fd:4b:8f:
03:17:6f:53:d2:20:ab:d1:10:0b:61:90:97:65:1c:21:74:a6:
a9:4e:03:2f:be:28:bc:e2:75:e1:6b:25:33:e1:d9:64:31:83:
52:43:20:71:fa:57:0b:8a:8a:e2:90:20:39:ac:3b:29:8a:a0:
42:4a:35:1d:9e:cb:3f:70:1c:a9:89:44:fb:57:00:08:c1:30:
7b:c6:58:51:13:7a:5c:f6:8e:82:71:83:da:3f:ae:04:ad:9e:
61:2e:83:77:8e:e6:b7:f2:9e:0e:25:e9:6d:b6:e7:6a:5b:a7:
31:95:6f:15:47:62:42:bf:83:e0:f6:f0:65:a4:99:b7:a4:54:
a8:c2:52:3f:32:41:99:26:29:16:80:8d:b0:94:55:87:10:33:
c4:03:be:6e:ae:7c:1d:d5:23:c7:13:f3:3e:27:15:e1:5c:2b:
19:33:60:d1:19:6b:47:0c:7f:cc:4c:69:3c:9c:13:70:df:6f:
02:1e:07:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUH9fg5GpEAPzCWJHYBddayxBCOiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzNaFw0yNTAyMjQwODUzMzNaMDMxMTAvBgNV
BAMTKDQ0MUU0NUQ4RUJEQjMyRUIyM0ZEMjg2MEUxNEY0RDU1REVEMEUzRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrFeC55PCHOEURgMQwREBr9ZWv
pXgAB6X+qnIQIdcnKbjaJ5d2m1Mvq8b7zGb2IxeEa+n9j0DiSMRKTt5oHXIDuXEy
CBS3yD4gL04y91V/Hhv7576DXPgS+DhYMiSkNxKX3nj9OpUkh2dwh89K7dTsxOTD
hsDaBclr4TcmxXBZnBR/vfi5BxCwBNQ+4J05hF+JBvqpiIygWfjRGuH0pjF9vNx/
6nZCjeyv/bHnEy1dRUM18bzXHlyL2cLZZ8D8Rm6d75hVQo29gmtKplVAMM+SJ6dg
gq07PptxMqApcOlxijYoS+0NFP3g+WL45X9rQukus9na4L93u8QdVAhsfd+ZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURB5F2OvbMusj/Shg4U9NVd7Q4/0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wsNWMA0GCSqGSIb3DQEBCwUAA4IBAQBPfVSu0vU5re2xlDwtF9IMuAh5tHsHNBT2
kU7DkETVpEXZaVlgxcLCsTa5BKJEHCaMiIqGTlt95kTl8viAKfG2rBAGBMz9S48D
F29T0iCr0RALYZCXZRwhdKapTgMvvii84nXhayUz4dlkMYNSQyBx+lcLiorikCA5
rDspiqBCSjUdnss/cBypiUT7VwAIwTB7xlhRE3pc9o6CcYPaP64ErZ5hLoN3jua3
8p4OJelttudqW6cxlW8VR2JCv4Pg9vBlpJm3pFSowlI/MkGZJikWgI2wlFWHEDPE
A75urnwd1SPHE/M+JxXhXCsZM2DRGWtHDH/MTGk8nBNw328CHgdd
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org