Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 1lN7nmP6NPT2/v2R+NjVkV4x7YccRwwdAovkSC6wqqU=
Subject key identifier: 28:95:7A:97:A1:E9:2A:2B:AF:65:21:26:74:FF:F6:FE:E4:7B:AC:B1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 26F843FA082D9289176BE265035DE8701C4DD913
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:09:57 +0000
ROA not before: Sun 14 Jan 2024 18:04:57 +0000
ROA not after: Sun 12 Jan 2025 18:09:57 +0000
asID: 136787
IP address blocks: 192.145.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:f8:43:fa:08:2d:92:89:17:6b:e2:65:03:5d:e8:70:1c:4d:d9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:04:57 2024 GMT
Not After : Jan 12 18:09:57 2025 GMT
Subject: CN=28957A97A1E92A2BAF65212674FFF6FEE47BACB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:34:10:4f:82:7a:d4:53:47:77:1d:6d:f1:51:
a3:88:5a:9b:13:64:1c:48:2b:86:6d:98:16:c3:db:
c8:d3:f1:66:95:b2:34:1d:2e:fb:8f:a4:33:56:47:
b3:7d:0c:d8:38:59:0b:d2:30:8f:34:d7:e3:3f:8d:
d0:d1:8f:90:a8:d2:4c:49:fc:95:9a:eb:91:d3:0b:
07:35:03:b8:ce:db:6c:57:35:fe:d1:a9:01:52:9a:
a6:bb:e5:68:54:00:a8:33:83:80:5c:b7:e5:42:a5:
cd:02:2a:4d:33:ca:35:d4:5f:6d:72:14:59:56:a7:
72:db:12:17:1d:a7:97:1d:e0:83:c5:c1:c1:8e:5b:
35:61:7e:46:a2:30:79:85:03:58:ad:4e:89:57:ed:
03:bc:e0:ae:2b:f4:84:f0:29:4b:5c:d1:db:08:44:
e0:f2:4b:3f:4a:de:d3:1f:95:5f:88:2b:34:11:f6:
e2:fb:1a:94:43:f0:28:fb:fa:7d:af:da:fc:96:8e:
75:28:99:81:44:fa:b9:ba:ef:14:2b:f2:34:ba:26:
cd:5f:f8:fc:99:ce:10:84:5e:d0:5a:73:6c:b8:9c:
05:60:4c:51:3b:31:32:f4:08:0b:2f:7a:b3:6a:63:
85:6d:12:35:78:90:39:62:10:b9:78:3e:c0:78:56:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:95:7A:97:A1:E9:2A:2B:AF:65:21:26:74:FF:F6:FE:E4:7B:AC:B1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.81.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e1:d4:9a:ec:b3:2c:a2:5e:ef:84:ef:4b:2e:9a:27:b5:a4:
54:fb:a6:20:6e:47:fe:ed:e8:cf:bb:87:d2:b4:fd:c3:12:ed:
fd:bb:92:d9:51:72:10:10:d2:e3:80:49:00:f6:26:68:aa:a1:
5c:3a:51:a1:3b:81:61:d5:07:53:13:b1:54:a3:4c:8e:20:36:
2b:5a:76:bf:bc:a9:98:3f:4d:22:bd:07:97:33:72:87:4c:65:
c6:06:f7:3c:d8:72:33:02:39:75:3b:08:79:c6:6a:6e:bb:f0:
e6:b0:1b:d9:c5:da:15:11:5a:65:c2:4f:be:01:54:ff:f2:01:
03:05:92:74:da:d6:ff:af:39:e1:fc:7e:0f:0a:3b:4f:aa:b8:
e7:8d:91:b4:2c:d2:6b:b0:da:17:ff:b0:dd:6f:f5:a7:46:ca:
b7:ad:e7:99:3c:5f:9b:76:ee:99:09:67:a4:73:31:c1:6b:a1:
37:e7:5a:5a:fa:52:e1:f0:d1:66:72:b2:10:eb:70:b3:b4:29:
1d:bc:75:d2:11:56:0b:71:71:cb:12:08:32:17:11:17:66:7e:
21:c7:db:06:34:9c:68:55:2f:37:21:9d:cd:fa:f7:db:3b:8f:
0e:b4:7e:40:47:4e:14:ac:ad:ce:6c:32:3a:7b:25:6f:6b:a5:
b8:ed:2f:fd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJvhD+ggtkokXa+JlA13ocBxN2RMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODA0NTdaFw0yNTAxMTIxODA5NTdaMDMxMTAvBgNV
BAMTKDI4OTU3QTk3QTFFOTJBMkJBRjY1MjEyNjc0RkZGNkZFRTQ3QkFDQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYNBBPgnrUU0d3HW3xUaOIWpsT
ZBxIK4ZtmBbD28jT8WaVsjQdLvuPpDNWR7N9DNg4WQvSMI801+M/jdDRj5Co0kxJ
/JWa65HTCwc1A7jO22xXNf7RqQFSmqa75WhUAKgzg4Bct+VCpc0CKk0zyjXUX21y
FFlWp3LbEhcdp5cd4IPFwcGOWzVhfkaiMHmFA1itTolX7QO84K4r9ITwKUtc0dsI
RODySz9K3tMflV+IKzQR9uL7GpRD8Cj7+n2v2vyWjnUomYFE+rm67xQr8jS6Js1f
+PyZzhCEXtBac2y4nAVgTFE7MTL0CAsverNqY4VtEjV4kDliELl4PsB4VhgXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKJV6l6HpKiuvZSEmdP/2/uR7rLEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkVEwDQYJKoZIhvcNAQELBQADggEBAHHh1JrssyyiXu+E70sumie1pFT7piBu
R/7t6M+7h9K0/cMS7f27ktlRchAQ0uOASQD2JmiqoVw6UaE7gWHVB1MTsVSjTI4g
Nitadr+8qZg/TSK9B5czcodMZcYG9zzYcjMCOXU7CHnGam678OawG9nF2hURWmXC
T74BVP/yAQMFknTa1v+vOeH8fg8KO0+quOeNkbQs0muw2hf/sN1v9adGyret55k8
X5t27pkJZ6RzMcFroTfnWlr6UuHw0WZyshDrcLO0KR28ddIRVgtxccsSCDIXERdm
fiHH2wY0nGhVLzchnc3699s7jw60fkBHThSsrc5sMjp7JW9rpbjtL/0=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org