Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233362e302f32332d3234203d3e203437353833.roa
File: 3139352e3137392e3233362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: ZYSqWVRevff8o3EHPAzLhxbMUHOjjiTuwvF5J0g2uAE=
Subject key identifier: C8:2D:E1:78:DB:19:3A:CB:2F:93:B3:9E:16:13:64:08:B3:40:28:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 37023E7018A91D25A7BC277770348C5F459924DE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233362e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:06 +0000
ROA not before: Mon 26 Feb 2024 08:48:06 +0000
ROA not after: Mon 24 Feb 2025 08:53:06 +0000
asID: 47583
IP address blocks: 195.179.236.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:02:3e:70:18:a9:1d:25:a7:bc:27:77:70:34:8c:5f:45:99:24:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:06 2024 GMT
Not After : Feb 24 08:53:06 2025 GMT
Subject: CN=C82DE178DB193ACB2F93B39E16136408B34028C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f9:53:54:d2:e9:81:03:27:04:8d:5b:5b:80:
b4:c1:8b:8e:f2:7b:c1:5d:a9:b0:b3:50:42:0c:57:
5a:1d:1e:79:d0:33:da:73:89:5d:2d:e4:e4:59:cc:
af:a1:24:28:5c:65:c5:11:c9:a3:8d:ad:4d:95:0d:
08:92:56:fb:78:10:68:62:7d:c1:95:b8:d1:17:96:
a1:73:81:81:e4:ec:24:8e:6f:45:fb:f9:7b:7e:37:
f4:06:21:f1:8d:30:09:e2:f7:65:06:23:d5:fd:84:
02:94:d1:ad:90:c7:18:ae:28:75:cd:1a:79:70:49:
81:b1:8f:8c:0c:a3:9d:ee:4c:e7:40:9e:19:ce:4c:
ca:0f:de:fd:60:0e:46:78:91:25:d3:3e:a0:f9:c3:
19:8d:26:67:51:75:f1:b3:37:26:30:71:92:69:85:
3e:a2:34:c3:d0:cf:f6:a9:f7:03:9f:34:f9:55:fe:
b3:fb:ec:78:a8:c7:8a:01:9f:7a:5c:69:ce:20:59:
3a:75:0d:45:9f:d3:df:cb:fe:92:cd:09:a3:f8:9b:
e1:be:3d:00:ce:28:db:4c:64:0d:fe:80:80:3c:a5:
69:44:4f:e4:9b:95:d9:b8:b5:8f:af:f7:a8:5f:e6:
a3:19:b6:a6:1a:e7:ae:64:ce:95:68:c7:b8:f8:64:
8d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2D:E1:78:DB:19:3A:CB:2F:93:B3:9E:16:13:64:08:B3:40:28:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.236.0/23
Signature Algorithm: sha256WithRSAEncryption
29:6c:9c:56:e8:19:5d:ed:e7:e0:e3:87:f3:67:a9:4c:4c:4d:
38:f7:40:48:68:53:cf:3e:21:b0:7a:53:00:15:f6:14:4b:bc:
1d:42:26:02:50:01:c6:c9:5f:96:f8:22:51:c3:fa:c6:3e:26:
76:a2:b0:4b:2a:fe:76:6e:19:29:d8:46:75:86:51:3b:bd:c4:
a7:39:a1:13:b6:7e:5a:e9:29:fc:b6:2e:5c:86:8c:e6:6a:12:
ac:60:51:e0:b6:9f:85:0b:64:77:96:b2:6a:23:00:7c:21:9e:
e0:ad:be:a2:bd:a6:4b:ec:32:7c:3c:de:be:13:64:3b:c5:7b:
76:62:a5:4d:c5:40:db:fd:60:81:c1:9d:49:84:f2:5f:3e:49:
de:ae:d5:8d:0e:66:c1:ca:5a:79:e4:d9:5d:71:e0:87:e9:71:
b4:ff:c9:f5:f2:cf:14:da:fd:49:fb:96:8b:48:a9:93:72:ed:
57:4a:3b:c9:c7:ec:d7:82:de:eb:d6:da:99:7a:cd:cb:00:0c:
df:2f:d1:a4:43:bc:e0:51:0f:01:c2:67:32:e9:41:97:ac:82:
a6:e8:7c:db:a5:77:a7:4b:6b:52:1b:12:1e:57:f6:65:ae:9b:
2c:b4:e6:f2:e1:67:24:1f:e0:a8:3b:a0:b8:61:8f:7f:c9:50:
38:50:a2:b9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNwI+cBipHSWnvCd3cDSMX0WZJN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDZaFw0yNTAyMjQwODUzMDZaMDMxMTAvBgNV
BAMTKEM4MkRFMTc4REIxOTNBQ0IyRjkzQjM5RTE2MTM2NDA4QjM0MDI4QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB+VNU0umBAycEjVtbgLTBi47y
e8FdqbCzUEIMV1odHnnQM9pziV0t5ORZzK+hJChcZcURyaONrU2VDQiSVvt4EGhi
fcGVuNEXlqFzgYHk7CSOb0X7+Xt+N/QGIfGNMAni92UGI9X9hAKU0a2QxxiuKHXN
GnlwSYGxj4wMo53uTOdAnhnOTMoP3v1gDkZ4kSXTPqD5wxmNJmdRdfGzNyYwcZJp
hT6iNMPQz/ap9wOfNPlV/rP77Hiox4oBn3pcac4gWTp1DUWf09/L/pLNCaP4m+G+
PQDOKNtMZA3+gIA8pWlET+Sbldm4tY+v96hf5qMZtqYa565kzpVox7j4ZI2LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyC3heNsZOssvk7OeFhNkCLNAKMgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzMzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDs+wwDQYJKoZIhvcNAQELBQADggEBAClsnFboGV3t5+Djh/NnqUxMTTj3QEho
U88+IbB6UwAV9hRLvB1CJgJQAcbJX5b4IlHD+sY+JnaisEsq/nZuGSnYRnWGUTu9
xKc5oRO2flrpKfy2LlyGjOZqEqxgUeC2n4ULZHeWsmojAHwhnuCtvqK9pkvsMnw8
3r4TZDvFe3ZipU3FQNv9YIHBnUmE8l8+Sd6u1Y0OZsHKWnnk2V1x4IfpcbT/yfXy
zxTa/Un7lotIqZNy7VdKO8nH7NeC3uvW2pl6zcsADN8v0aRDvOBRDwHCZzLpQZes
gqbofNuld6dLa1IbEh5X9mWumyy05vLhZyQf4Kg7oLhhj3/JUDhQork=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org