Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135322e302f32322d3332203d3e20313431393935.roa
File: 3134372e39332e3135322e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: 1bkuT0czLo2BoRcZ2lVl9aLC47UvwLAzM6DIzUTY6gY=
Subject key identifier: E4:E4:07:39:06:85:33:07:F4:C3:43:81:FF:C9:7E:93:11:10:9E:1C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1844E610F896299D96836E075E8D94CEECE0ED17
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135322e302f32322d3332203d3e20313431393935.roa
Signing time: Fri 22 Nov 2024 14:28:33 +0000
ROA not before: Fri 22 Nov 2024 14:23:33 +0000
ROA not after: Fri 21 Nov 2025 14:28:33 +0000
asID: 141995
IP address blocks: 147.93.152.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:44:e6:10:f8:96:29:9d:96:83:6e:07:5e:8d:94:ce:ec:e0:ed:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 22 14:23:33 2024 GMT
Not After : Nov 21 14:28:33 2025 GMT
Subject: CN=E4E4073906853307F4C34381FFC97E9311109E1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f2:cd:76:92:33:70:bc:d1:b2:0b:cb:73:1c:
ce:9a:4f:99:08:49:bf:88:db:ee:28:be:3c:85:fb:
12:c6:a7:23:40:e6:82:eb:8d:50:13:cb:11:a5:2d:
d0:73:2d:f1:9c:45:9b:7a:46:7b:1f:dc:eb:ed:5d:
23:6b:37:b5:c6:1f:78:f1:98:ec:9b:ee:f6:cf:05:
35:19:3a:0d:ea:c4:d7:96:50:a6:6f:9c:91:98:72:
0b:ce:8d:b1:b0:13:46:75:6e:af:2d:c1:fa:ce:82:
e9:ae:e1:97:61:ce:00:ea:8a:4c:68:d2:f1:ee:f8:
b7:e2:0d:3f:c5:97:ae:58:b0:8f:86:85:86:57:82:
66:b9:80:8d:e4:57:ff:66:9d:05:41:74:a1:81:03:
4c:d6:e5:12:2c:83:4f:2a:4b:c1:da:8d:61:69:10:
b9:d6:0e:33:41:5a:6f:fe:9b:8c:90:8b:ea:72:7d:
f3:79:a3:06:ee:fd:1c:02:cf:50:8d:ef:06:95:e6:
ff:fc:75:f6:fe:63:94:cd:c8:56:91:68:17:9e:83:
0a:6f:10:46:4e:fb:a7:8f:8c:96:7d:d8:91:c1:65:
28:5f:8b:99:2b:f7:f7:91:b9:46:3c:1a:86:14:11:
97:cd:6f:ad:63:a7:8f:98:15:47:6e:65:ce:a1:d8:
61:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:07:39:06:85:33:07:F4:C3:43:81:FF:C9:7E:93:11:10:9E:1C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135322e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.93.152.0/22
Signature Algorithm: sha256WithRSAEncryption
90:0c:ad:8c:ea:0d:6d:42:ac:68:0a:5d:69:3e:7a:4f:e7:16:
f5:fc:05:27:3d:cc:8a:85:4f:6d:44:2b:1e:ca:3f:16:91:82:
07:a6:c8:15:be:f8:a4:87:08:60:cc:64:03:7b:ed:61:ca:af:
e6:18:3a:c3:0b:a4:b3:ee:73:d8:24:fc:7b:f2:1d:1e:1e:e5:
d2:a4:cc:11:6a:ca:3b:15:df:9d:6d:5e:34:79:d2:f9:22:bd:
c7:1c:ee:c4:0b:c2:e8:d3:2f:81:97:73:bc:65:05:ee:e1:f6:
1a:05:01:88:bc:4b:15:6b:58:10:a4:81:29:f3:be:ed:f5:8c:
bb:e1:b9:0f:00:e2:3d:4f:b5:f4:6b:50:29:3f:be:1d:f6:4c:
98:8d:37:28:61:e2:72:5a:ba:f4:81:16:75:1c:93:86:c1:77:
a1:2b:3a:2c:c3:9d:0e:6d:6b:e9:03:76:69:f9:2e:34:a8:d6:
1f:1a:2f:92:eb:5f:09:22:ea:b6:31:21:16:79:43:17:f0:67:
54:94:0a:f2:5c:38:40:77:14:f0:13:a5:a6:b0:a7:c5:e6:69:
1d:a1:43:f7:48:e6:96:8e:76:3c:39:03:ed:93:86:6b:17:22:
6f:17:dc:fe:d8:45:17:2b:0d:e1:b0:42:3c:59:e3:30:80:fd:
6c:90:29:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGETmEPiWKZ2Wg24HXo2Uzuzg7RcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMjIxNDIzMzNaFw0yNTExMjExNDI4MzNaMDMxMTAvBgNV
BAMTKEU0RTQwNzM5MDY4NTMzMDdGNEMzNDM4MUZGQzk3RTkzMTExMDlFMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe8s12kjNwvNGyC8tzHM6aT5kI
Sb+I2+4ovjyF+xLGpyNA5oLrjVATyxGlLdBzLfGcRZt6Rnsf3OvtXSNrN7XGH3jx
mOyb7vbPBTUZOg3qxNeWUKZvnJGYcgvOjbGwE0Z1bq8twfrOgumu4ZdhzgDqikxo
0vHu+LfiDT/Fl65YsI+GhYZXgma5gI3kV/9mnQVBdKGBA0zW5RIsg08qS8HajWFp
ELnWDjNBWm/+m4yQi+pyffN5owbu/RwCz1CN7waV5v/8dfb+Y5TNyFaRaBeegwpv
EEZO+6ePjJZ92JHBZShfi5kr9/eRuUY8GoYUEZfNb61jp4+YFUduZc6h2GE9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5OQHOQaFMwf0w0OB/8l+kxEQnhwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM3MmUzOTMzMmUzMTM1
MzIyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKTXZgwDQYJKoZIhvcNAQELBQADggEBAJAMrYzqDW1CrGgKXWk+ek/nFvX8BSc9
zIqFT21EKx7KPxaRggemyBW++KSHCGDMZAN77WHKr+YYOsMLpLPuc9gk/HvyHR4e
5dKkzBFqyjsV351tXjR50vkivccc7sQLwujTL4GXc7xlBe7h9hoFAYi8SxVrWBCk
gSnzvu31jLvhuQ8A4j1PtfRrUCk/vh32TJiNNyhh4nJauvSBFnUck4bBd6ErOizD
nQ5ta+kDdmn5LjSo1h8aL5LrXwki6rYxIRZ5QxfwZ1SUCvJcOEB3FPATpaawp8Xm
aR2hQ/dI5paOdjw5A+2ThmsXIm8X3P7YRRcrDeGwQjxZ4zCA/WyQKSs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:15:32 2024 by rpki-client on console-ams.rpki-client.org