Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
File: 3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: B5NAMkDDt1i70XnyEkJT8Z81S+QI8Jbwa+bfBSTJh1g=
Subject key identifier: 31:08:97:7C:60:28:ED:35:05:75:AE:9D:4A:27:FB:D0:B8:1B:9B:21
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 31E61FEC115DCB690E213A3FB9AE541E1252ABC4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 01 May 2024 12:03:33 +0000
ROA not before: Wed 01 May 2024 11:58:33 +0000
ROA not after: Wed 30 Apr 2025 12:03:33 +0000
asID: 207137
IP address blocks: 193.160.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e6:1f:ec:11:5d:cb:69:0e:21:3a:3f:b9:ae:54:1e:12:52:ab:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:33 2024 GMT
Not After : Apr 30 12:03:33 2025 GMT
Subject: CN=3108977C6028ED350575AE9D4A27FBD0B81B9B21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a3:d1:0a:4c:00:6c:a7:11:3a:a8:d9:8d:83:
d7:ca:38:a1:7d:08:ad:cd:f6:e8:c2:7c:b3:d9:94:
d6:e1:e1:c6:ca:81:42:16:6a:dd:ff:97:8d:dc:e8:
62:9e:fd:39:4c:c8:ac:dd:c3:d0:16:19:ae:a7:c4:
79:af:a8:22:b1:a2:c2:23:cb:41:b5:79:c6:44:57:
9a:f6:37:a4:cc:7b:14:21:10:9b:40:97:5c:0a:4f:
b7:74:b0:10:e9:5e:19:f9:9a:e1:f2:3e:82:c5:a6:
3c:5a:ce:59:1e:ff:b6:1b:d9:8e:de:9b:56:3e:b8:
b0:41:b5:ba:f0:fc:47:a3:a8:b7:f3:ea:5b:6e:40:
6e:5e:b1:a1:02:8f:8c:7a:66:c0:04:2d:53:34:4e:
9e:8a:cd:6c:9d:75:75:3d:03:47:f8:84:db:c7:f8:
46:2e:1d:14:30:80:4e:ce:4e:65:dd:13:38:e0:16:
15:05:7f:32:74:63:a6:c8:60:bc:97:6a:49:66:95:
fa:7e:4b:aa:27:79:f9:50:25:7f:5f:c6:fb:af:22:
81:6f:be:5e:f7:e9:e6:23:80:72:07:17:30:39:a2:
4e:f3:a9:fc:2a:e3:65:8b:c5:76:f1:10:aa:a2:92:
dc:fe:cb:97:30:51:22:40:c9:e8:81:1b:dd:59:3e:
d2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:08:97:7C:60:28:ED:35:05:75:AE:9D:4A:27:FB:D0:B8:1B:9B:21
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.101.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f8:81:c8:a0:39:3e:26:31:a5:05:45:d3:98:78:3a:13:92:
16:9c:c2:3c:92:3a:61:54:a3:24:3d:33:66:42:96:9c:04:aa:
67:43:11:bc:93:d2:b2:3c:13:2b:76:49:f5:27:73:6b:d4:53:
27:b5:de:41:f6:15:7b:79:04:b7:ae:db:4b:0d:d9:a4:e6:02:
54:81:97:f4:3d:5e:6d:8c:9d:00:8a:5c:8b:2d:d4:90:9a:5f:
4c:f7:57:a1:1d:de:43:e9:e7:a7:79:f9:90:8b:2e:68:bf:c0:
47:f0:9d:e4:40:58:fe:94:dd:5a:13:18:9a:5b:93:66:c4:40:
e6:6e:f2:d9:97:b1:9f:8f:33:27:84:f5:b5:72:a4:03:bd:f2:
ef:64:97:fb:01:42:ba:a1:e8:9b:84:8b:65:23:92:30:84:9c:
4f:77:13:97:f8:b2:75:11:97:f4:96:2a:f2:04:7b:21:8d:17:
b7:fb:85:36:5f:57:e2:ff:a4:73:fd:d3:87:5f:f4:68:82:3f:
4d:40:77:d7:53:50:70:71:54:4b:81:d8:18:82:63:58:de:3d:
1a:5e:16:9f:d9:dc:e8:b7:47:28:94:3c:9f:d2:02:67:44:21:
bb:f7:b7:1b:de:cb:8b:f1:bb:5a:af:4d:de:77:a1:ea:da:f6:
f2:99:1e:9d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMeYf7BFdy2kOITo/ua5UHhJSq8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzNaFw0yNTA0MzAxMjAzMzNaMDMxMTAvBgNV
BAMTKDMxMDg5NzdDNjAyOEVEMzUwNTc1QUU5RDRBMjdGQkQwQjgxQjlCMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLo9EKTABspxE6qNmNg9fKOKF9
CK3N9ujCfLPZlNbh4cbKgUIWat3/l43c6GKe/TlMyKzdw9AWGa6nxHmvqCKxosIj
y0G1ecZEV5r2N6TMexQhEJtAl1wKT7d0sBDpXhn5muHyPoLFpjxazlke/7Yb2Y7e
m1Y+uLBBtbrw/EejqLfz6ltuQG5esaECj4x6ZsAELVM0Tp6KzWyddXU9A0f4hNvH
+EYuHRQwgE7OTmXdEzjgFhUFfzJ0Y6bIYLyXaklmlfp+S6oneflQJX9fxvuvIoFv
vl736eYjgHIHFzA5ok7zqfwq42WLxXbxEKqiktz+y5cwUSJAyeiBG91ZPtIJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMQiXfGAo7TUFda6dSif70LgbmyEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGgZTANBgkqhkiG9w0BAQsFAAOCAQEADPiByKA5PiYxpQVF05h4OhOSFpzC
PJI6YVSjJD0zZkKWnASqZ0MRvJPSsjwTK3ZJ9Sdza9RTJ7XeQfYVe3kEt67bSw3Z
pOYCVIGX9D1ebYydAIpciy3UkJpfTPdXoR3eQ+nnp3n5kIsuaL/AR/Cd5EBY/pTd
WhMYmluTZsRA5m7y2Zexn48zJ4T1tXKkA73y72SX+wFCuqHom4SLZSOSMIScT3cT
l/iydRGX9JYq8gR7IY0Xt/uFNl9X4v+kc/3Th1/0aII/TUB311NQcHFUS4HYGIJj
WN49Gl4Wn9nc6LdHKJQ8n9ICZ0Qhu/e3G97Li/G7Wq9N3neh6tr28pkenQ==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org