Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
File: 3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: CaL0tHflv8GZ1N1NxIivYf5coyyDaJYNX2Eel0eNHMk=
Subject key identifier: AC:A4:56:DE:B4:D4:B6:71:90:3F:48:F8:9B:97:7B:87:DC:55:71:B8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 557DBD18D1ACACFE597389EE16738D1541DDA58C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 01 May 2024 12:03:33 +0000
ROA not before: Wed 01 May 2024 11:58:33 +0000
ROA not after: Wed 30 Apr 2025 12:03:33 +0000
asID: 207137
IP address blocks: 193.160.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:7d:bd:18:d1:ac:ac:fe:59:73:89:ee:16:73:8d:15:41:dd:a5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:33 2024 GMT
Not After : Apr 30 12:03:33 2025 GMT
Subject: CN=ACA456DEB4D4B671903F48F89B977B87DC5571B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7d:6a:8d:86:a0:b4:7a:90:ce:ea:57:ae:61:
5e:1d:a0:ea:bb:b7:6b:2a:6f:bd:84:0c:66:d9:d1:
34:50:d8:d9:09:b1:32:fc:55:f0:86:0f:78:fc:90:
07:71:cb:a7:12:63:a9:6d:f7:84:8f:d9:f4:ca:cf:
a5:fd:eb:45:9d:d7:dc:39:ec:51:16:6a:9e:07:6f:
9b:6a:ee:33:7c:03:e7:9c:49:af:32:5e:63:3c:21:
57:1d:1a:46:29:ca:7a:82:44:73:31:23:38:c3:dd:
a0:7f:03:dc:70:bf:4b:ce:9f:b5:55:d7:94:1c:13:
5e:c7:b7:45:4a:7c:77:14:f0:c3:0c:83:4a:e6:b6:
e2:eb:8c:a9:da:e5:fa:dc:4d:ff:a4:fe:69:65:8d:
a1:5e:fd:fa:2c:27:30:9a:49:dd:a9:a8:f7:a0:7e:
7c:04:da:87:e1:7b:1b:43:bb:2d:f3:8b:32:c8:3c:
d0:e3:2a:61:89:1a:70:58:0d:85:ed:70:03:97:ef:
ed:66:fd:1f:f2:97:25:f5:90:4f:9a:75:db:68:3b:
32:6f:4b:4c:9b:50:a4:de:2c:8e:b5:eb:d4:f5:a2:
fd:2d:96:61:8b:a1:e1:16:4b:0e:ca:4e:f4:bb:20:
03:87:2b:67:06:aa:52:06:a0:b9:14:1b:d6:b1:4c:
f8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A4:56:DE:B4:D4:B6:71:90:3F:48:F8:9B:97:7B:87:DC:55:71:B8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.100.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a7:ff:2d:87:a8:f9:2e:01:2f:ce:c4:d3:1b:26:fe:19:5d:
67:93:2b:0e:7a:13:3c:7b:60:6b:17:58:81:52:53:28:b2:6c:
c6:63:c4:6b:99:6a:7c:3b:c1:bc:44:20:c7:71:ca:48:c0:e2:
05:5e:1d:7e:82:f8:4f:a3:cb:5d:fa:18:c4:4a:3f:b7:10:26:
48:44:70:bf:a3:2a:98:d1:10:ea:a7:ff:5b:4e:2b:01:5a:68:
48:57:a0:d4:c6:c6:fe:a2:1c:24:04:b9:24:95:d2:f5:09:37:
8b:9b:d4:5a:f1:9e:bd:b5:53:35:37:3f:c9:72:a6:cf:6e:9b:
e1:86:c9:90:ed:18:5a:7d:56:19:dc:81:da:d8:d7:5c:2c:9c:
e7:ac:8a:b6:e5:62:35:e4:3d:f1:83:69:30:d8:43:fa:ca:e7:
f6:27:11:a9:7f:0a:6f:61:1c:b6:26:45:be:18:1d:dc:1b:55:
0c:db:66:32:8b:c0:73:bb:98:1e:72:f3:e7:15:6b:0a:e3:e6:
34:08:e6:62:74:4c:25:4e:67:25:a5:92:6d:58:5f:37:d2:27:
49:ed:cd:d9:84:82:fc:43:6b:ae:14:57:90:5c:7c:48:42:52:
05:db:93:5e:1e:16:a4:57:45:85:a3:8a:c1:83:4d:20:ba:57:
47:b3:11:89
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVX29GNGsrP5Zc4nuFnONFUHdpYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzNaFw0yNTA0MzAxMjAzMzNaMDMxMTAvBgNV
BAMTKEFDQTQ1NkRFQjRENEI2NzE5MDNGNDhGODlCOTc3Qjg3REM1NTcxQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBfWqNhqC0epDO6leuYV4doOq7
t2sqb72EDGbZ0TRQ2NkJsTL8VfCGD3j8kAdxy6cSY6lt94SP2fTKz6X960Wd19w5
7FEWap4Hb5tq7jN8A+ecSa8yXmM8IVcdGkYpynqCRHMxIzjD3aB/A9xwv0vOn7VV
15QcE17Ht0VKfHcU8MMMg0rmtuLrjKna5frcTf+k/mlljaFe/fosJzCaSd2pqPeg
fnwE2ofhextDuy3zizLIPNDjKmGJGnBYDYXtcAOX7+1m/R/ylyX1kE+addtoOzJv
S0ybUKTeLI6169T1ov0tlmGLoeEWSw7KTvS7IAOHK2cGqlIGoLkUG9axTPj7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrKRW3rTUtnGQP0j4m5d7h9xVcbgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGgZDANBgkqhkiG9w0BAQsFAAOCAQEACqf/LYeo+S4BL87E0xsm/hldZ5Mr
DnoTPHtgaxdYgVJTKLJsxmPEa5lqfDvBvEQgx3HKSMDiBV4dfoL4T6PLXfoYxEo/
txAmSERwv6MqmNEQ6qf/W04rAVpoSFeg1MbG/qIcJAS5JJXS9Qk3i5vUWvGevbVT
NTc/yXKmz26b4YbJkO0YWn1WGdyB2tjXXCyc56yKtuViNeQ98YNpMNhD+srn9icR
qX8Kb2EctiZFvhgd3BtVDNtmMovAc7uYHnLz5xVrCuPmNAjmYnRMJU5nJaWSbVhf
N9InSe3N2YSC/ENrrhRXkFx8SEJSBduTXh4WpFdFhaOKwYNNILpXR7MRiQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org