Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39362e302f32342d3234203d3e20313437303439.roa
File: 3139342e3233332e39362e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: YJPf+aekq8QEYj+NArTFgtCisONsIcRrkU8toreIwb8=
Subject key identifier: A8:4D:96:3C:F7:A2:8E:62:8A:E9:7F:C8:D5:E8:78:7E:55:68:4E:AF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F30DC58EBC4668F8F3BC2B55163F784177B37DA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39362e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:53:07 +0000
ROA not before: Mon 26 Feb 2024 08:48:07 +0000
ROA not after: Mon 24 Feb 2025 08:53:07 +0000
asID: 147049
IP address blocks: 194.233.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:30:dc:58:eb:c4:66:8f:8f:3b:c2:b5:51:63:f7:84:17:7b:37:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:07 2024 GMT
Not After : Feb 24 08:53:07 2025 GMT
Subject: CN=A84D963CF7A28E628AE97FC8D5E8787E55684EAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:26:f2:ff:13:62:90:db:cd:c6:04:49:a6:76:
ba:b5:64:38:8b:5c:77:8a:9f:83:82:53:c4:91:8c:
11:49:2e:92:7d:2c:15:30:1f:15:1c:ca:e6:8d:81:
7d:14:4a:4f:7c:4d:41:af:a9:34:33:17:09:2c:1a:
b6:59:53:b7:83:10:08:e1:18:35:74:13:3f:b5:72:
ff:27:6c:41:ab:76:f2:48:04:f0:35:f7:d9:7f:e6:
89:af:4a:64:1e:47:99:60:4e:1a:8b:51:7f:e0:20:
8e:ca:b7:88:9b:af:35:ca:b6:78:76:1b:39:01:b0:
9a:99:52:68:4b:93:e2:8b:7d:08:4c:d1:3e:38:c2:
c3:9e:df:3e:31:7c:56:28:81:cf:8b:b5:b0:bc:10:
bb:06:bc:53:4f:2c:6c:05:e4:73:c3:12:21:e8:d3:
56:cd:a8:41:94:de:6a:0c:b0:df:20:17:63:1f:ab:
43:a5:07:48:ea:29:f9:5f:96:5b:ac:58:ea:a5:e6:
c4:91:e4:10:ad:fe:04:e2:a7:3b:23:87:7d:32:3f:
33:14:0c:7a:a0:2d:01:e4:1c:18:7b:dc:5d:f1:11:
71:19:d0:21:6d:40:f5:c5:a6:e7:ee:62:ed:06:6c:
46:2f:ff:b8:46:d8:dc:a1:5c:ff:68:75:ce:24:9d:
b4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4D:96:3C:F7:A2:8E:62:8A:E9:7F:C8:D5:E8:78:7E:55:68:4E:AF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39362e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.96.0/24
Signature Algorithm: sha256WithRSAEncryption
53:77:4c:b8:9e:e0:b3:7e:9b:2f:0e:2e:92:95:ab:72:b8:07:
71:53:bb:48:14:bf:62:ad:23:73:85:86:3c:0b:b4:a3:34:91:
d5:b2:a5:d3:a0:bb:51:cc:af:6d:e9:c4:4a:59:00:83:2d:99:
54:02:5e:d3:8d:18:39:8b:f7:5b:82:36:27:bd:41:7d:61:9f:
b1:e9:3b:ac:4f:8f:68:78:d4:d6:8b:6f:b1:5b:df:c9:51:fd:
44:57:bd:e1:23:52:55:6e:67:ef:49:ba:ff:b6:cb:39:4a:46:
1a:68:08:8a:78:12:0e:aa:56:6b:59:9f:ed:a6:f0:2d:16:e7:
bc:e0:31:eb:90:c2:72:ca:fd:6b:e9:51:83:d4:ef:c5:c5:03:
7a:9f:a2:0d:9a:16:ec:e5:d6:1c:25:43:6d:c4:7b:fb:79:92:
fe:01:01:fc:82:c0:01:33:16:ff:f0:59:15:66:1f:89:65:f4:
7c:bb:12:f5:a4:cb:6f:16:bd:ee:e1:4c:10:29:3f:a8:92:3c:
56:f4:d0:72:0a:cd:fb:03:bd:67:a3:d6:b6:ce:7e:0f:3e:02:
6f:73:07:3e:7a:a2:4d:9f:16:5c:b3:b6:56:09:94:9c:9c:d8:
da:0d:4e:f3:3e:c5:82:71:a6:2c:25:af:f4:ca:4f:a1:97:ce:
19:41:47:7a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHzDcWOvEZo+PO8K1UWP3hBd7N9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDdaFw0yNTAyMjQwODUzMDdaMDMxMTAvBgNV
BAMTKEE4NEQ5NjNDRjdBMjhFNjI4QUU5N0ZDOEQ1RTg3ODdFNTU2ODRFQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAJvL/E2KQ283GBEmmdrq1ZDiL
XHeKn4OCU8SRjBFJLpJ9LBUwHxUcyuaNgX0USk98TUGvqTQzFwksGrZZU7eDEAjh
GDV0Ez+1cv8nbEGrdvJIBPA199l/5omvSmQeR5lgThqLUX/gII7Kt4ibrzXKtnh2
GzkBsJqZUmhLk+KLfQhM0T44wsOe3z4xfFYogc+LtbC8ELsGvFNPLGwF5HPDEiHo
01bNqEGU3moMsN8gF2Mfq0OlB0jqKflfllusWOql5sSR5BCt/gTipzsjh30yPzMU
DHqgLQHkHBh73F3xEXEZ0CFtQPXFpufuYu0GbEYv/7hG2NyhXP9odc4knbTBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqE2WPPeijmKK6X/I1eh4flVoTq8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzMyZTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADC6WAwDQYJKoZIhvcNAQELBQADggEBAFN3TLie4LN+my8OLpKVq3K4B3FTu0gU
v2KtI3OFhjwLtKM0kdWypdOgu1HMr23pxEpZAIMtmVQCXtONGDmL91uCNie9QX1h
n7HpO6xPj2h41NaLb7Fb38lR/URXveEjUlVuZ+9Juv+2yzlKRhpoCIp4Eg6qVmtZ
n+2m8C0W57zgMeuQwnLK/WvpUYPU78XFA3qfog2aFuzl1hwlQ23Ee/t5kv4BAfyC
wAEzFv/wWRVmH4ll9Hy7EvWky28Wve7hTBApP6iSPFb00HIKzfsDvWej1rbOfg8+
Am9zBz56ok2fFlyztlYJlJyc2NoNTvM+xYJxpiwlr/TKT6GXzhlBR3o=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org