Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
File: 3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: CYKzC54z3s/cDEdiEixmRKXQibckCGEv6qiReVZ564M=
Subject key identifier: E7:ED:51:DF:6B:53:F1:72:62:09:18:8C:7E:E5:4E:B6:BB:00:2D:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5E91982824AC19A546314348C542983CFC230F0C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:29 +0000
ROA not before: Mon 26 Feb 2024 08:48:29 +0000
ROA not after: Mon 24 Feb 2025 08:53:29 +0000
asID: 47583
IP address blocks: 109.106.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:91:98:28:24:ac:19:a5:46:31:43:48:c5:42:98:3c:fc:23:0f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:29 2024 GMT
Not After : Feb 24 08:53:29 2025 GMT
Subject: CN=E7ED51DF6B53F1726209188C7EE54EB6BB002D64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:ee:60:cf:3f:e5:ad:fd:86:3a:96:d5:5c:
e6:c7:de:f8:a3:9d:ce:75:46:d3:5d:fc:6b:a0:e6:
e9:d7:93:ce:13:f4:fb:17:0f:f6:20:32:71:0b:7a:
a0:c2:f0:60:e4:9b:19:b1:10:61:70:b8:7d:3f:c5:
3f:c5:be:03:61:3b:0d:29:a7:45:ba:2e:30:f3:01:
4e:bb:7b:f4:cc:93:44:62:74:76:5a:b4:ef:51:69:
04:4d:8b:22:04:d3:13:1a:ae:24:00:e7:d7:cd:b4:
60:05:b1:18:73:75:41:c8:f8:a0:a0:85:ef:ad:42:
03:b9:d7:83:4a:73:c0:d0:f1:5e:7b:3d:94:73:70:
ba:c7:70:d0:d7:9c:d8:f6:b1:b3:6d:c0:5f:ea:da:
71:6a:c0:45:dd:af:35:84:79:eb:97:8e:7d:86:76:
b6:b0:16:78:0c:b1:21:b8:6f:46:0c:02:7f:20:31:
99:7e:76:9c:b6:b5:81:fc:66:ee:5b:65:49:89:93:
04:13:d8:b4:8f:6c:18:5d:67:3f:67:05:62:53:3c:
52:72:09:a7:96:c0:6e:9c:66:08:68:6d:6a:40:2b:
35:4b:97:03:56:d4:dd:bc:5e:4a:6e:b5:ef:07:fb:
66:15:95:3e:50:e6:9f:88:34:d5:b0:29:8b:60:6d:
39:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:ED:51:DF:6B:53:F1:72:62:09:18:8C:7E:E5:4E:B6:BB:00:2D:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.240.0/21
Signature Algorithm: sha256WithRSAEncryption
64:b9:a7:71:97:fd:53:9a:90:3c:e3:16:b5:b6:bc:c6:ee:b9:
29:c4:94:36:10:6c:f2:73:7c:ba:88:7d:b3:61:f2:6e:ba:77:
63:5b:73:21:0f:e5:7a:ff:3f:6b:e5:d4:e2:02:c4:eb:ee:68:
c8:4f:c2:69:23:3e:8e:bb:44:70:be:a7:a4:73:a4:7b:09:93:
3e:30:cb:cc:06:98:89:8f:b7:4d:1d:5b:7d:32:ed:cd:b0:14:
56:fe:03:1d:c2:9b:61:87:92:c4:25:70:02:e3:17:1c:d4:31:
a0:c8:2f:63:4b:08:aa:82:7b:d2:ce:61:99:6c:55:b5:bd:ca:
3d:cf:20:71:92:33:ad:4e:5a:42:eb:27:94:90:dc:05:53:73:
01:9d:a6:c1:ba:8d:15:c6:a9:e8:59:ea:5a:5f:c4:dd:fb:0f:
f7:8c:ed:9e:49:8d:20:21:f9:ea:ed:0d:34:67:c0:b3:8a:76:
17:9d:02:28:0e:36:f7:bc:79:10:a6:5d:e3:08:ab:2c:25:35:
94:d3:89:bb:1b:b4:c0:5e:26:b3:ad:7c:28:53:d0:1b:ce:a7:
a4:41:ad:92:a1:12:9e:72:70:64:a0:24:28:be:92:a3:90:0a:
33:98:21:de:6f:32:6d:23:bc:eb:58:4b:e0:95:8c:0e:af:83:
6d:6c:e6:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXpGYKCSsGaVGMUNIxUKYPPwjDwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjlaFw0yNTAyMjQwODUzMjlaMDMxMTAvBgNV
BAMTKEU3RUQ1MURGNkI1M0YxNzI2MjA5MTg4QzdFRTU0RUI2QkIwMDJENjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi7O5gzz/lrf2GOpbVXObH3vij
nc51RtNd/Gug5unXk84T9PsXD/YgMnELeqDC8GDkmxmxEGFwuH0/xT/FvgNhOw0p
p0W6LjDzAU67e/TMk0RidHZatO9RaQRNiyIE0xMariQA59fNtGAFsRhzdUHI+KCg
he+tQgO514NKc8DQ8V57PZRzcLrHcNDXnNj2sbNtwF/q2nFqwEXdrzWEeeuXjn2G
drawFngMsSG4b0YMAn8gMZl+dpy2tYH8Zu5bZUmJkwQT2LSPbBhdZz9nBWJTPFJy
CaeWwG6cZghobWpAKzVLlwNW1N28Xkpute8H+2YVlT5Q5p+INNWwKYtgbTnHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5+1R32tT8XJiCRiMfuVOtrsALWQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMy
MzQzMDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtavAwDQYJKoZIhvcNAQELBQADggEBAGS5p3GX/VOakDzjFrW2vMbuuSnElDYQ
bPJzfLqIfbNh8m66d2NbcyEP5Xr/P2vl1OICxOvuaMhPwmkjPo67RHC+p6RzpHsJ
kz4wy8wGmImPt00dW30y7c2wFFb+Ax3Cm2GHksQlcALjFxzUMaDIL2NLCKqCe9LO
YZlsVbW9yj3PIHGSM61OWkLrJ5SQ3AVTcwGdpsG6jRXGqehZ6lpfxN37D/eM7Z5J
jSAh+ertDTRnwLOKdhedAigONve8eRCmXeMIqywlNZTTibsbtMBeJrOtfChT0BvO
p6RBrZKhEp5ycGSgJCi+kqOQCjOYId5vMm0jvOtYS+CVjA6vg21s5l8=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org