Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233382e302f32332d3234203d3e203437353833.roa
File: 3139352e3137392e3233382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: UFtuoCeb7rhunW4DPyK7X0pS+AbRxmzkE83L2OmrXl8=
Subject key identifier: 4F:BB:14:B3:5C:EA:1B:01:93:AD:6C:E7:15:6D:DD:4C:27:47:18:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 117FF0EF600F8A2667691188376486ADE864640A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233382e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:09 +0000
ROA not before: Mon 26 Feb 2024 08:48:09 +0000
ROA not after: Mon 24 Feb 2025 08:53:09 +0000
asID: 47583
IP address blocks: 195.179.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:7f:f0:ef:60:0f:8a:26:67:69:11:88:37:64:86:ad:e8:64:64:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:09 2024 GMT
Not After : Feb 24 08:53:09 2025 GMT
Subject: CN=4FBB14B35CEA1B0193AD6CE7156DDD4C274718B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:1c:69:54:d9:15:6e:63:04:08:3f:eb:29:
e1:12:89:7e:66:62:e6:e5:65:71:3d:7f:65:53:49:
b1:27:52:2c:2c:b7:54:a4:7f:3a:ba:ff:13:fd:ee:
fb:82:f7:42:c2:e3:60:90:ee:1c:7d:98:fc:0f:ac:
95:00:8f:57:2a:2c:a7:0d:f0:cc:2c:cc:9e:3d:e9:
73:29:c9:b0:34:cb:90:e0:2f:d5:e2:4f:f0:ea:37:
5d:30:ae:7f:e0:02:88:c8:d1:02:99:89:60:df:a9:
7f:89:45:69:29:99:e5:80:79:0e:49:8a:23:40:65:
9e:fa:32:c8:20:cd:a6:c1:59:1d:d6:fc:5f:9c:51:
49:0d:b8:4b:53:98:9f:cd:fd:f0:1e:ce:41:76:d4:
51:29:5b:0f:31:b3:b1:12:e2:c3:05:13:4a:99:d3:
93:53:d2:07:4a:c7:f0:53:09:9d:a7:ab:1e:9e:4f:
6c:d8:e1:e4:58:97:81:b7:c8:1f:83:3b:58:44:de:
d5:ae:48:52:2f:a5:5e:1d:ac:af:15:cb:fc:48:dc:
4c:d6:ae:17:16:6e:e2:e4:af:20:dd:a4:34:82:cb:
a5:3c:50:d0:a5:5b:27:77:24:b4:91:69:66:9d:59:
f8:e4:bd:3d:41:de:3d:f4:98:98:e5:cf:06:98:f5:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BB:14:B3:5C:EA:1B:01:93:AD:6C:E7:15:6D:DD:4C:27:47:18:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.238.0/23
Signature Algorithm: sha256WithRSAEncryption
67:69:00:8c:fd:ed:3d:ca:90:98:c2:e5:4c:eb:7b:35:46:9b:
84:05:87:f6:2a:8f:be:ef:e7:5a:02:49:f9:aa:8e:dd:88:92:
f0:08:01:e5:4e:c7:2b:4c:11:92:a0:c2:b9:f5:74:95:46:3d:
78:9d:36:fa:67:5e:a5:a4:46:27:0a:d8:01:50:7c:d2:6b:9b:
3b:c5:5b:9c:5f:df:73:a2:60:7d:28:d1:2d:d8:c7:ba:64:16:
85:79:66:c6:0c:90:e3:c1:08:3b:a6:8f:b3:44:a3:cd:f9:9f:
a3:ef:19:50:49:12:b9:3c:1e:6a:bc:2d:3a:be:c0:54:0d:a0:
56:9c:7f:02:82:f5:7c:77:13:dc:5d:da:89:c3:fb:df:72:1f:
c0:0b:ed:69:9e:b5:60:bf:8c:8b:76:6f:54:ff:54:80:32:bf:
4a:32:36:c4:b7:c9:63:9d:a8:f0:91:4d:e3:28:50:7c:67:56:
c8:a4:be:6d:1b:26:35:8d:d0:dd:dd:8c:fa:5f:93:d4:84:0c:
50:e3:c3:2c:0a:1c:99:12:3f:bd:65:4b:a0:ba:95:8b:1e:0a:
4e:76:5d:a0:4b:2c:6c:a8:49:b8:3e:96:75:d1:80:43:d6:cf:
c4:15:48:f8:bd:30:1e:22:4e:21:10:68:4e:7a:33:b3:c6:e6:
51:24:09:b4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEX/w72APiiZnaRGIN2SGrehkZAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDlaFw0yNTAyMjQwODUzMDlaMDMxMTAvBgNV
BAMTKDRGQkIxNEIzNUNFQTFCMDE5M0FENkNFNzE1NkRERDRDMjc0NzE4QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu4BxpVNkVbmMECD/rKeESiX5m
YublZXE9f2VTSbEnUiwst1Skfzq6/xP97vuC90LC42CQ7hx9mPwPrJUAj1cqLKcN
8MwszJ496XMpybA0y5DgL9XiT/DqN10wrn/gAojI0QKZiWDfqX+JRWkpmeWAeQ5J
iiNAZZ76MsggzabBWR3W/F+cUUkNuEtTmJ/N/fAezkF21FEpWw8xs7ES4sMFE0qZ
05NT0gdKx/BTCZ2nqx6eT2zY4eRYl4G3yB+DO1hE3tWuSFIvpV4drK8Vy/xI3EzW
rhcWbuLkryDdpDSCy6U8UNClWyd3JLSRaWadWfjkvT1B3j30mJjlzwaY9U9tAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUT7sUs1zqGwGTrWznFW3dTCdHGLYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzMzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDs+4wDQYJKoZIhvcNAQELBQADggEBAGdpAIz97T3KkJjC5UzrezVGm4QFh/Yq
j77v51oCSfmqjt2IkvAIAeVOxytMEZKgwrn1dJVGPXidNvpnXqWkRicK2AFQfNJr
mzvFW5xf33OiYH0o0S3Yx7pkFoV5ZsYMkOPBCDumj7NEo835n6PvGVBJErk8Hmq8
LTq+wFQNoFacfwKC9Xx3E9xd2onD+99yH8AL7WmetWC/jIt2b1T/VIAyv0oyNsS3
yWOdqPCRTeMoUHxnVsikvm0bJjWN0N3djPpfk9SEDFDjwywKHJkSP71lS6C6lYse
Ck52XaBLLGyoSbg+lnXRgEPWz8QVSPi9MB4iTiEQaE56M7PG5lEkCbQ=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org