Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
File: 3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: klpg67Co5F64fvPmScnsB+QnwCjJeShT4gatQXFHyrY=
Subject key identifier: 74:F5:42:B1:C4:3F:1A:75:1D:A1:AC:99:9F:0E:0D:CD:07:D5:DB:59
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2551BB9B263D55A12EF85E9F8DED765D1137845F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:17 +0000
ROA not before: Mon 26 Feb 2024 08:48:17 +0000
ROA not after: Mon 24 Feb 2025 08:53:17 +0000
asID: 204170
IP address blocks: 195.179.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:51:bb:9b:26:3d:55:a1:2e:f8:5e:9f:8d:ed:76:5d:11:37:84:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:17 2024 GMT
Not After : Feb 24 08:53:17 2025 GMT
Subject: CN=74F542B1C43F1A751DA1AC999F0E0DCD07D5DB59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6c:d7:3a:02:6e:a9:cb:67:b3:6d:fa:55:a1:
d2:df:df:48:ef:2f:89:6d:5e:3e:50:ab:c1:38:c1:
77:7f:6c:42:ec:b2:89:87:b4:f4:f7:68:89:7f:d5:
39:d4:fc:ec:0d:6c:c8:9c:8b:35:dd:ee:f3:ed:c3:
34:95:19:66:95:b6:b7:f1:db:f9:e6:12:ee:51:24:
24:3b:fe:c2:d7:c1:e9:22:ef:66:e3:4e:68:c1:df:
10:e6:eb:25:11:0e:21:22:67:00:f3:ae:b2:29:a5:
b9:cc:cf:cf:b6:fc:d2:1a:64:c0:a4:32:c2:b8:c6:
10:33:03:38:6d:ab:a6:23:bf:41:46:d6:8f:6c:09:
7e:b0:04:83:8e:f5:d9:13:1b:4f:e8:56:e9:4b:f1:
e7:e5:71:27:25:69:a5:9b:84:9b:b5:6a:c6:c1:e4:
b6:f1:5a:92:b5:5a:32:58:c3:58:08:21:e9:8a:21:
f4:41:4e:0c:f2:87:50:d2:23:ab:c2:92:99:6d:0d:
c5:a9:b0:8f:4a:b2:ae:f8:8b:04:13:e4:ac:36:a8:
93:8d:0f:e3:4f:24:17:af:14:6a:dd:93:8a:52:63:
8b:5a:c5:ca:09:60:9f:a0:a4:d6:56:21:71:af:a8:
f3:80:ee:01:1e:46:25:15:66:41:14:1d:09:bf:e4:
02:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F5:42:B1:C4:3F:1A:75:1D:A1:AC:99:9F:0E:0D:CD:07:D5:DB:59
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:16:84:ec:9a:7e:67:06:b4:b0:c5:3a:11:e0:85:e8:45:f6:
78:c5:94:0b:ce:3d:da:44:da:d6:1a:ad:42:b3:ac:14:c2:24:
99:3c:4b:08:95:bc:d4:01:f2:92:e9:58:da:ff:7e:a9:c8:9b:
58:dd:55:d6:a7:cf:6f:5a:e6:12:b3:32:b2:1e:af:17:bc:d6:
a7:71:88:b9:bf:0d:49:c2:9d:bf:48:ed:b4:b6:f7:8e:b2:fb:
9b:ac:61:bb:ff:a2:eb:c3:4b:dc:0c:0f:b2:a1:10:12:cd:30:
46:e1:e3:83:7e:c9:22:fd:8a:2c:93:2a:be:a9:7f:d0:5d:6c:
19:40:4a:03:68:b7:29:80:55:c3:c8:65:6f:5c:32:76:ca:80:
58:d9:9f:d7:d1:49:27:f4:f4:2a:6c:4e:ac:2e:3e:ad:de:bc:
42:08:fb:7f:88:8a:0f:74:52:e2:88:83:84:8c:f8:b8:47:e3:
67:41:63:1c:a3:43:1d:44:7c:5d:b2:3e:be:f3:d1:07:29:ff:
8a:6f:7a:bc:54:df:69:b2:4f:e2:7d:ee:85:32:2c:d1:43:fb:
20:bf:b1:64:df:4b:26:ba:70:97:83:40:84:52:8d:7c:33:0a:
ac:50:92:b9:cd:77:26:e6:12:54:32:4f:60:f2:e6:6c:6f:a0:
ba:57:48:4d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJVG7myY9VaEu+F6fje12XRE3hF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTdaFw0yNTAyMjQwODUzMTdaMDMxMTAvBgNV
BAMTKDc0RjU0MkIxQzQzRjFBNzUxREExQUM5OTlGMEUwRENEMDdENURCNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHbNc6Am6py2ezbfpVodLf30jv
L4ltXj5Qq8E4wXd/bELssomHtPT3aIl/1TnU/OwNbMicizXd7vPtwzSVGWaVtrfx
2/nmEu5RJCQ7/sLXweki72bjTmjB3xDm6yURDiEiZwDzrrIppbnMz8+2/NIaZMCk
MsK4xhAzAzhtq6Yjv0FG1o9sCX6wBIOO9dkTG0/oVulL8eflcSclaaWbhJu1asbB
5LbxWpK1WjJYw1gIIemKIfRBTgzyh1DSI6vCkpltDcWpsI9Ksq74iwQT5Kw2qJON
D+NPJBevFGrdk4pSY4taxcoJYJ+gpNZWIXGvqPOA7gEeRiUVZkEUHQm/5AKbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdPVCscQ/GnUdoayZnw4NzQfV21kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMx
MzkzNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsOzxDANBgkqhkiG9w0BAQsFAAOCAQEAbhaE7Jp+Zwa0sMU6EeCF6EX2eMWU
C8492kTa1hqtQrOsFMIkmTxLCJW81AHykulY2v9+qcibWN1V1qfPb1rmErMysh6v
F7zWp3GIub8NScKdv0jttLb3jrL7m6xhu/+i68NL3AwPsqEQEs0wRuHjg37JIv2K
LJMqvql/0F1sGUBKA2i3KYBVw8hlb1wydsqAWNmf19FJJ/T0KmxOrC4+rd68Qgj7
f4iKD3RS4oiDhIz4uEfjZ0FjHKNDHUR8XbI+vvPRByn/im96vFTfabJP4n3uhTIs
0UP7IL+xZN9LJrpwl4NAhFKNfDMKrFCSuc13JuYSVDJPYPLmbG+guldITQ==
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org