Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3232342e302f32312d3332203d3e203531313637.roa
File: 3139352e3137392e3232342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: aat9YUh1COaoL/dYXxIqU//VFIkj3lsAq9xHV7Mk7Oo=
Subject key identifier: FD:E1:72:EA:31:EA:65:82:04:DA:52:67:0E:C3:4A:40:82:0C:C4:50
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3605B5230F9497492E369C859D3C82795746F50F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3232342e302f32312d3332203d3e203531313637.roa
Signing time: Thu 04 Apr 2024 20:35:28 +0000
ROA not before: Thu 04 Apr 2024 20:30:28 +0000
ROA not after: Thu 03 Apr 2025 20:35:28 +0000
asID: 51167
IP address blocks: 195.179.224.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:05:b5:23:0f:94:97:49:2e:36:9c:85:9d:3c:82:79:57:46:f5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 4 20:30:28 2024 GMT
Not After : Apr 3 20:35:28 2025 GMT
Subject: CN=FDE172EA31EA658204DA52670EC34A40820CC450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:41:7a:ec:d1:c0:c7:60:10:94:a1:f3:af:
cb:0f:71:8b:7f:6a:85:bb:c2:ae:56:c8:6c:19:52:
3b:12:b0:4d:6b:de:bd:3e:b8:17:08:c5:00:ae:ad:
88:09:2f:a9:af:d4:6e:44:05:b5:f9:27:70:54:ef:
12:5f:f3:38:20:1b:5c:3d:51:59:d5:3c:6f:fc:a3:
b0:3d:b7:65:be:75:29:66:72:48:09:a2:2b:bc:d7:
df:d9:d3:4b:db:9c:2a:da:34:bb:85:20:fd:51:e0:
4e:c4:78:84:31:6f:58:f6:8e:7a:3f:66:16:f5:72:
f2:33:e7:47:86:fc:66:24:9e:e9:ea:a5:89:cf:9d:
72:c8:62:6b:20:7e:b4:2a:c3:99:bd:a8:a2:bd:62:
56:47:14:d5:0c:b8:3b:75:52:91:bf:31:5e:a1:1f:
8b:3b:91:98:e1:9d:29:79:cc:e6:72:6c:fa:97:d4:
aa:7b:57:74:b8:35:e7:4e:b7:e9:c0:60:0b:05:c2:
52:5c:54:bf:8e:c4:24:e3:eb:2f:8e:ae:ba:11:d8:
e4:56:da:31:15:77:94:f6:e8:c6:fa:2b:79:9a:24:
d5:4b:c3:e3:c8:4f:07:98:41:b8:05:fc:b9:09:36:
32:ff:9f:20:75:3a:39:3e:57:66:8a:95:1d:52:b0:
09:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E1:72:EA:31:EA:65:82:04:DA:52:67:0E:C3:4A:40:82:0C:C4:50
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3232342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.224.0/21
Signature Algorithm: sha256WithRSAEncryption
63:bf:7d:ac:f4:36:2e:a5:00:ab:7e:40:cf:39:62:d4:9e:78:
e6:5c:ad:ce:76:bb:f7:2e:9d:3b:59:ae:eb:a4:18:6c:0c:9a:
a7:e9:47:48:b3:72:93:bc:85:d0:a1:15:76:0f:0f:1b:0d:aa:
5c:ea:3d:3b:89:25:be:0c:e6:e1:9a:83:d3:b4:66:0b:a3:4b:
c3:6b:81:01:eb:ba:e6:5e:84:21:34:e0:f3:bc:7f:b0:4b:20:
25:b0:d6:46:ff:1c:29:0d:b1:73:5a:98:c6:12:ac:31:e6:83:
d3:86:bb:a2:aa:60:7d:de:3d:e9:64:d1:6c:0f:3c:8c:0c:0a:
86:c5:44:1c:51:60:47:7b:ec:72:eb:7c:50:19:5b:11:20:db:
58:11:a2:9d:93:40:71:08:22:c7:65:34:50:2f:e6:ae:ac:03:
03:7f:2b:c9:e2:a2:23:af:1f:a9:5a:33:cb:74:cf:11:f1:e4:
a5:eb:98:a8:28:e5:f7:84:5c:d2:39:c1:22:2a:5c:7b:72:f2:
72:55:7b:9c:32:5f:34:2f:c4:9f:ad:43:18:69:3a:2e:d4:84:
97:24:2f:df:b1:83:34:05:c7:5c:2b:28:16:8d:15:33:eb:17:
d3:dc:f4:42:f2:79:5b:33:0b:4f:79:96:9d:e9:63:75:db:10:
40:ed:7c:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNgW1Iw+Ul0kuNpyFnTyCeVdG9Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDQyMDMwMjhaFw0yNTA0MDMyMDM1MjhaMDMxMTAvBgNV
BAMTKEZERTE3MkVBMzFFQTY1ODIwNERBNTI2NzBFQzM0QTQwODIwQ0M0NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5vEF67NHAx2AQlKHzr8sPcYt/
aoW7wq5WyGwZUjsSsE1r3r0+uBcIxQCurYgJL6mv1G5EBbX5J3BU7xJf8zggG1w9
UVnVPG/8o7A9t2W+dSlmckgJoiu819/Z00vbnCraNLuFIP1R4E7EeIQxb1j2jno/
Zhb1cvIz50eG/GYknunqpYnPnXLIYmsgfrQqw5m9qKK9YlZHFNUMuDt1UpG/MV6h
H4s7kZjhnSl5zOZybPqX1Kp7V3S4NedOt+nAYAsFwlJcVL+OxCTj6y+OrroR2ORW
2jEVd5T26Mb6K3maJNVLw+PITweYQbgF/LkJNjL/nyB1Ojk+V2aKlR1SsAlJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/eFy6jHqZYIE2lJnDsNKQIIMxFAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzIzNDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPDs+AwDQYJKoZIhvcNAQELBQADggEBAGO/faz0Ni6lAKt+QM85YtSeeOZcrc52
u/cunTtZruukGGwMmqfpR0izcpO8hdChFXYPDxsNqlzqPTuJJb4M5uGag9O0Zguj
S8NrgQHruuZehCE04PO8f7BLICWw1kb/HCkNsXNamMYSrDHmg9OGu6KqYH3ePelk
0WwPPIwMCobFRBxRYEd77HLrfFAZWxEg21gRop2TQHEIIsdlNFAv5q6sAwN/K8ni
oiOvH6laM8t0zxHx5KXrmKgo5feEXNI5wSIqXHty8nJVe5wyXzQvxJ+tQxhpOi7U
hJckL9+xgzQFx1wrKBaNFTPrF9Pc9ELyeVszC095lp3pY3XbEEDtfOE=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org