Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
File: 3139322e3134352e38332e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: TbIEdtD60nz2sum5HFzEtpDnAi4dTOBxF+ewHTF7gEY=
Subject key identifier: 81:A7:FF:9D:CA:3B:9F:0B:36:4B:DF:D0:02:C0:96:AD:9D:FC:D4:A5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D14CC4D0FB9C1C110442880C18C70A0B0099AF0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
Signing time: Fri 20 Oct 2023 13:41:52 +0000
ROA not before: Fri 20 Oct 2023 13:36:52 +0000
ROA not after: Fri 18 Oct 2024 13:41:52 +0000
asID: 20473
IP address blocks: 192.145.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:14:cc:4d:0f:b9:c1:c1:10:44:28:80:c1:8c:70:a0:b0:09:9a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:52 2023 GMT
Not After : Oct 18 13:41:52 2024 GMT
Subject: CN=81A7FF9DCA3B9F0B364BDFD002C096AD9DFCD4A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3c:d0:11:a3:e0:45:87:c9:67:45:59:75:d5:
94:97:75:d3:4a:c0:81:b9:f3:78:a1:55:b4:7e:03:
c4:3f:cc:a0:34:16:78:69:bb:bd:01:5d:78:06:f8:
6b:0f:55:9a:59:ee:97:38:29:a0:2b:64:04:af:ba:
22:71:c3:49:1b:7b:2d:0d:6c:6a:ae:9b:79:e7:f0:
9e:ee:b4:3e:3f:57:50:c7:65:fb:97:a0:41:e1:9e:
9b:d5:55:9e:47:18:40:b7:f9:96:f8:ef:d3:53:47:
97:d3:20:cb:6e:14:cf:c2:19:1b:bf:e0:06:44:8b:
f5:f2:ad:a2:8f:31:12:6b:09:7f:f0:6d:c8:6f:89:
53:a0:d9:87:7f:6f:bd:13:51:34:94:b3:4e:81:c3:
75:b2:6e:5f:a0:aa:0f:af:2d:be:4e:c9:aa:23:8c:
11:ac:6d:60:bd:0f:7a:ca:75:45:e8:6b:d9:4a:d3:
da:45:1e:e0:c1:f1:09:1e:87:9b:0d:ca:b1:cd:e6:
9e:1d:dd:b7:a5:0d:23:e1:76:ce:c3:e1:2e:6e:88:
52:b5:f4:84:14:44:3d:88:78:79:14:e4:c0:ca:e5:
0e:36:7b:a3:df:69:c2:a1:b6:9f:40:e5:14:f3:0b:
b0:02:52:8b:c9:11:8c:dc:e0:af:4e:58:51:d9:e6:
81:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A7:FF:9D:CA:3B:9F:0B:36:4B:DF:D0:02:C0:96:AD:9D:FC:D4:A5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38332e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.83.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d1:47:f9:22:c9:c0:88:5c:ac:81:10:3a:70:18:39:43:6c:
23:e6:9c:77:26:24:f0:fe:25:05:e5:0a:4f:7e:be:13:5d:b7:
ea:44:6b:0c:ce:fd:9f:f1:a0:17:b2:46:6b:52:bc:50:37:29:
23:54:2b:47:94:ac:df:09:4c:97:4a:98:a0:10:be:94:4e:44:
bf:42:be:71:24:8e:e1:36:5a:41:09:72:f8:a8:44:4a:2f:e9:
84:59:6c:b5:93:b7:02:0e:50:b4:eb:e6:ec:22:cb:6a:ce:af:
c2:ab:1f:7d:72:ea:44:43:0b:e3:13:7c:1a:f7:32:ea:f3:51:
29:58:66:f3:4e:6e:4f:3a:2e:51:5d:64:3c:77:99:a0:d2:d1:
cf:f1:e8:1b:ef:b3:e6:33:70:6b:c7:45:44:8e:cf:c0:4a:55:
03:23:b9:b0:d0:92:6a:d1:9d:da:73:38:5a:37:d1:e3:ea:46:
c6:ef:11:2d:77:2a:08:dd:fe:03:c2:80:45:99:fd:a7:6e:de:
0a:99:55:ab:41:55:e7:bb:10:16:ee:11:89:6f:0b:3c:ae:f6:
14:17:d0:f4:0c:6a:48:1b:f9:31:0a:b4:8a:85:c5:f4:b2:6e:
83:95:54:e8:1a:32:6c:ad:ba:45:7b:21:b9:8c:45:bd:41:41:
ea:de:a5:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHRTMTQ+5wcEQRCiAwYxwoLAJmvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTJaFw0yNDEwMTgxMzQxNTJaMDMxMTAvBgNV
BAMTKDgxQTdGRjlEQ0EzQjlGMEIzNjRCREZEMDAyQzA5NkFEOURGQ0Q0QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBPNARo+BFh8lnRVl11ZSXddNK
wIG583ihVbR+A8Q/zKA0Fnhpu70BXXgG+GsPVZpZ7pc4KaArZASvuiJxw0kbey0N
bGqum3nn8J7utD4/V1DHZfuXoEHhnpvVVZ5HGEC3+Zb479NTR5fTIMtuFM/CGRu/
4AZEi/XyraKPMRJrCX/wbchviVOg2Yd/b70TUTSUs06Bw3Wybl+gqg+vLb5Oyaoj
jBGsbWC9D3rKdUXoa9lK09pFHuDB8Qkeh5sNyrHN5p4d3belDSPhds7D4S5uiFK1
9IQURD2IeHkU5MDK5Q42e6PfacKhtp9A5RTzC7ACUovJEYzc4K9OWFHZ5oExAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgaf/nco7nws2S9/QAsCWrZ381KUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wJFTMA0GCSqGSIb3DQEBCwUAA4IBAQBf0Uf5IsnAiFysgRA6cBg5Q2wj5px3JiTw
/iUF5QpPfr4TXbfqRGsMzv2f8aAXskZrUrxQNykjVCtHlKzfCUyXSpigEL6UTkS/
Qr5xJI7hNlpBCXL4qERKL+mEWWy1k7cCDlC06+bsIstqzq/Cqx99cupEQwvjE3wa
9zLq81EpWGbzTm5POi5RXWQ8d5mg0tHP8egb77PmM3Brx0VEjs/ASlUDI7mw0JJq
0Z3aczhaN9Hj6kbG7xEtdyoI3f4DwoBFmf2nbt4KmVWrQVXnuxAW7hGJbws8rvYU
F9D0DGpIG/kxCrSKhcX0sm6DlVToGjJsrbpFeyG5jEW9QUHq3qWR
-----END CERTIFICATE-----
Generated at Mon May 6 13:59:28 2024 by rpki-client on console-fra.rpki-client.org