Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
File: 3139322e3134352e38332e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: i4I+avvpXeZ48+XSGjZRJM4YFbOjLK53If0BfsPtwdQ=
Subject key identifier: 2F:A7:05:F8:64:A9:9B:E9:58:1E:1D:AF:A2:F6:41:A9:B7:F6:84:29
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 519292C43B1714AB6B3A9B0DFBF801215DC281F5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
Signing time: Fri 20 Sep 2024 14:04:54 +0000
ROA not before: Fri 20 Sep 2024 13:59:54 +0000
ROA not after: Fri 19 Sep 2025 14:04:54 +0000
asID: 20473
IP address blocks: 192.145.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:92:92:c4:3b:17:14:ab:6b:3a:9b:0d:fb:f8:01:21:5d:c2:81:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:54 2024 GMT
Not After : Sep 19 14:04:54 2025 GMT
Subject: CN=2FA705F864A99BE9581E1DAFA2F641A9B7F68429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:43:85:03:3b:2c:09:8f:9f:b3:39:09:c8:
93:a0:46:31:76:45:ce:05:c2:2a:e7:84:48:b0:42:
96:67:f7:26:83:85:6b:a6:a4:2e:76:d7:04:4f:ce:
ae:88:17:21:eb:64:4e:7b:ff:4b:b2:7a:f6:1e:fd:
2c:7a:ef:b6:54:bf:38:4d:90:83:58:82:b3:0a:8e:
1d:1e:dc:ee:bf:a1:84:41:d6:74:bc:bc:ef:ed:5e:
96:fe:ac:27:82:36:9e:41:94:19:6a:ea:58:9b:dd:
d6:ac:34:72:40:19:51:44:7c:67:75:25:94:84:82:
51:05:c4:58:c3:0b:16:12:a7:c4:87:87:1d:d9:62:
43:2f:9b:de:c8:cd:c4:29:b3:ac:eb:d7:be:fb:95:
04:06:b9:bd:ad:b8:83:31:0e:d4:50:a9:67:08:4a:
ff:ee:8f:8a:b4:73:5a:d6:6a:84:bb:6d:be:d0:ab:
99:66:18:a0:9b:49:90:c0:13:bf:23:c1:60:2f:0a:
a4:db:0f:e1:87:be:08:75:80:ba:69:fb:f4:20:14:
4b:e4:d3:cc:dd:f6:6a:fd:28:3b:81:87:1c:d5:68:
6f:81:12:9e:28:83:7a:b5:e9:60:05:8f:c1:60:80:
ff:ae:27:6e:2f:bf:1f:c1:d3:33:0d:d4:f0:2b:97:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A7:05:F8:64:A9:9B:E9:58:1E:1D:AF:A2:F6:41:A9:B7:F6:84:29
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.83.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d1:44:40:89:07:0b:6a:fe:e8:3e:25:94:9e:8c:0a:06:90:
ac:ef:5f:68:fc:06:bc:ce:39:46:29:04:27:b1:05:b0:78:6d:
07:68:c4:73:5e:47:48:6a:7a:fc:9d:ea:5a:cb:04:5f:6c:85:
cb:1b:37:39:de:48:ac:ab:a2:c7:5a:96:39:84:d1:02:d4:fc:
2d:aa:e8:39:fb:44:45:8c:dd:30:4c:ff:7e:cc:38:de:51:ba:
3a:70:49:46:73:6e:29:79:57:56:22:84:93:39:1e:52:f1:85:
36:ac:0d:11:53:70:8c:05:7f:c7:2c:db:68:c2:a2:83:5c:7c:
52:52:c9:8c:e4:09:42:4e:00:a6:f2:39:35:43:59:0d:5c:00:
97:7e:10:a8:f9:b5:ab:c7:1d:ae:66:5a:9f:de:32:94:cd:71:
6d:09:87:4d:9f:a7:25:f2:ad:92:76:85:f5:c8:7f:40:85:64:
97:c1:3c:80:0f:c3:73:f1:82:f1:83:73:63:26:fb:f8:94:69:
a2:e5:a6:de:3f:d3:26:0a:d6:e3:1b:e6:14:75:d0:75:83:da:
80:f3:22:21:e6:16:6b:bd:a8:d4:35:b0:2e:30:cd:25:c0:81:
09:30:70:c4:e1:14:68:69:26:c7:27:f4:8f:0e:c3:e6:d2:ce:
90:25:1f:5e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUZKSxDsXFKtrOpsN+/gBIV3CgfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTRaFw0yNTA5MTkxNDA0NTRaMDMxMTAvBgNV
BAMTKDJGQTcwNUY4NjRBOTlCRTk1ODFFMURBRkEyRjY0MUE5QjdGNjg0MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLzkOFAzssCY+fszkJyJOgRjF2
Rc4FwirnhEiwQpZn9yaDhWumpC521wRPzq6IFyHrZE57/0uyevYe/Sx677ZUvzhN
kINYgrMKjh0e3O6/oYRB1nS8vO/tXpb+rCeCNp5BlBlq6lib3dasNHJAGVFEfGd1
JZSEglEFxFjDCxYSp8SHhx3ZYkMvm97IzcQps6zr1777lQQGub2tuIMxDtRQqWcI
Sv/uj4q0c1rWaoS7bb7Qq5lmGKCbSZDAE78jwWAvCqTbD+GHvgh1gLpp+/QgFEvk
08zd9mr9KDuBhxzVaG+BEp4og3q16WAFj8FggP+uJ24vvx/B0zMN1PArl4q7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUL6cF+GSpm+lYHh2vovZBqbf2hCkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wJFTMA0GCSqGSIb3DQEBCwUAA4IBAQAQ0URAiQcLav7oPiWUnowKBpCs719o/Aa8
zjlGKQQnsQWweG0HaMRzXkdIanr8nepaywRfbIXLGzc53kisq6LHWpY5hNEC1Pwt
qug5+0RFjN0wTP9+zDjeUbo6cElGc24peVdWIoSTOR5S8YU2rA0RU3CMBX/HLNto
wqKDXHxSUsmM5AlCTgCm8jk1Q1kNXACXfhCo+bWrxx2uZlqf3jKUzXFtCYdNn6cl
8q2SdoX1yH9AhWSXwTyAD8Nz8YLxg3NjJvv4lGmi5abeP9MmCtbjG+YUddB1g9qA
8yIh5hZrvajUNbAuMM0lwIEJMHDE4RRoaSbHJ/SPDsPm0s6QJR9e
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org