Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
File: 3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: MuqmCfWzfNJ605xrTXnFaQaTRz7bC9VX1gquAUByZH8=
Subject key identifier: 85:32:26:1A:B9:01:76:9E:81:3D:17:0B:D6:E7:B7:76:2C:3A:FF:E3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1100F41C060BC8F9D366A4F30E36F17C473F9747
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:25 +0000
ROA not before: Tue 25 Jun 2024 21:42:25 +0000
ROA not after: Tue 24 Jun 2025 21:47:25 +0000
asID: 204170
IP address blocks: 192.145.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:00:f4:1c:06:0b:c8:f9:d3:66:a4:f3:0e:36:f1:7c:47:3f:97:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:25 2024 GMT
Not After : Jun 24 21:47:25 2025 GMT
Subject: CN=8532261AB901769E813D170BD6E7B7762C3AFFE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e0:6f:aa:1e:a8:60:85:c3:d8:0b:8e:e5:ec:
52:74:ed:1f:1f:57:c8:fb:5e:65:1e:07:b2:f0:2e:
a5:71:aa:8e:b6:62:3d:42:e1:d3:07:14:39:d6:ab:
61:28:8b:be:bb:37:75:ca:ba:d7:96:88:5d:6b:40:
14:bd:95:8f:f3:6c:85:53:a5:ac:0e:f1:8a:b6:ef:
2b:2f:e5:86:5a:64:72:ac:db:1b:d8:5d:98:d9:70:
49:b2:48:f5:41:a2:c6:c7:74:09:c5:8e:60:2e:c4:
56:71:3d:e4:00:4a:ab:f5:7b:29:82:5d:fa:a0:69:
98:81:04:e0:cc:9c:e4:b6:78:40:e4:a9:bf:32:6b:
01:f3:c3:ce:2d:ca:5e:b2:1e:16:24:e9:ca:d0:a2:
37:6e:21:1e:21:3d:88:de:62:ac:df:26:2d:8c:23:
9a:8e:d2:fc:1a:fa:f5:67:e5:73:23:5e:19:97:6e:
e0:9f:93:1d:27:fb:ee:da:ab:55:4b:0d:3e:63:28:
44:72:bb:b3:e7:ba:f3:fb:22:e4:c7:86:c6:ac:f1:
0f:fb:ea:1c:a9:37:eb:16:c9:8c:98:6f:0b:dd:a8:
f7:e3:1e:b6:26:cf:fd:70:5a:50:8a:1a:bc:b5:19:
29:c2:9f:88:7f:c4:9c:f2:0c:cc:9d:0c:b9:93:cf:
35:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:32:26:1A:B9:01:76:9E:81:3D:17:0B:D6:E7:B7:76:2C:3A:FF:E3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.81.0/24
Signature Algorithm: sha256WithRSAEncryption
96:07:96:8c:b9:02:6e:f8:7e:d7:63:cb:d6:cd:ef:9a:64:93:
c5:0b:0a:1f:31:d5:5c:08:bb:6c:d3:a9:0e:31:1c:93:d3:e9:
27:33:6d:20:07:76:1e:ac:94:0b:b7:7a:dc:52:7a:73:ee:3f:
a4:71:8b:dd:97:12:f7:00:94:d3:6a:1c:0c:a9:1c:e9:f9:8d:
d8:ad:68:7e:19:b6:22:b7:98:0e:8f:a9:b6:6c:a6:68:1e:aa:
8c:33:55:35:c0:f4:5b:1f:5a:9e:f6:56:5d:af:9e:4f:18:00:
b4:7f:a4:cb:be:94:4f:5e:82:33:6b:19:9e:6b:23:a4:be:3f:
bf:3d:91:c2:2e:07:36:a1:1c:53:75:dd:35:65:89:a7:91:14:
a4:98:12:06:53:fe:01:51:c1:fc:51:21:fd:99:95:72:0b:7b:
a7:ed:a6:8c:15:cd:59:5c:ab:8f:f1:cf:04:06:dc:60:86:b4:
01:b6:04:0e:10:41:39:91:49:42:69:ea:13:ef:1b:ad:d8:9c:
1a:f3:e1:34:ca:e4:e0:88:73:14:f0:0f:a7:65:93:b1:92:f7:
44:34:dc:97:9f:11:0b:ae:48:95:08:6e:19:5b:08:ea:47:66:
77:3c:62:4f:ba:14:24:6c:f7:7a:ca:30:96:96:46:9c:45:21:
37:6c:03:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEQD0HAYLyPnTZqTzDjbxfEc/l0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMjVaFw0yNTA2MjQyMTQ3MjVaMDMxMTAvBgNV
BAMTKDg1MzIyNjFBQjkwMTc2OUU4MTNEMTcwQkQ2RTdCNzc2MkMzQUZGRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj4G+qHqhghcPYC47l7FJ07R8f
V8j7XmUeB7LwLqVxqo62Yj1C4dMHFDnWq2Eoi767N3XKuteWiF1rQBS9lY/zbIVT
pawO8Yq27ysv5YZaZHKs2xvYXZjZcEmySPVBosbHdAnFjmAuxFZxPeQASqv1eymC
XfqgaZiBBODMnOS2eEDkqb8yawHzw84tyl6yHhYk6crQojduIR4hPYjeYqzfJi2M
I5qO0vwa+vVn5XMjXhmXbuCfkx0n++7aq1VLDT5jKERyu7PnuvP7IuTHhsas8Q/7
6hypN+sWyYyYbwvdqPfjHrYmz/1wWlCKGry1GSnCn4h/xJzyDMydDLmTzzVlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhTImGrkBdp6BPRcL1ue3diw6/+MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkVEwDQYJKoZIhvcNAQELBQADggEBAJYHloy5Am74ftdjy9bN75pkk8ULCh8x
1VwIu2zTqQ4xHJPT6SczbSAHdh6slAu3etxSenPuP6Rxi92XEvcAlNNqHAypHOn5
jditaH4ZtiK3mA6PqbZspmgeqowzVTXA9FsfWp72Vl2vnk8YALR/pMu+lE9egjNr
GZ5rI6S+P789kcIuBzahHFN13TVliaeRFKSYEgZT/gFRwfxRIf2ZlXILe6ftpowV
zVlcq4/xzwQG3GCGtAG2BA4QQTmRSUJp6hPvG63YnBrz4TTK5OCIcxTwD6dlk7GS
90Q03JefEQuuSJUIbhlbCOpHZnc8Yk+6FCRs93rKMJaWRpxFITdsAxI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org