Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3137362e3132342e302f32342d3332203d3e203531313637.roa
File: 3139332e3137362e3132342e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: D0e5tggvDjbsZ6eSTMTvqQ+/w6hCE4eaO55ndsMDwIY=
Subject key identifier: FB:01:44:3C:37:16:D6:C8:19:8F:7B:02:70:EC:F5:F9:7E:80:C7:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 31BD00FBC5E746FCE2A0F213BB81CB9D19B030C7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3137362e3132342e302f32342d3332203d3e203531313637.roa
Signing time: Thu 08 Aug 2024 04:14:31 +0000
ROA not before: Thu 08 Aug 2024 04:09:31 +0000
ROA not after: Thu 07 Aug 2025 04:14:31 +0000
asID: 51167
IP address blocks: 193.176.124.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:bd:00:fb:c5:e7:46:fc:e2:a0:f2:13:bb:81:cb:9d:19:b0:30:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 8 04:09:31 2024 GMT
Not After : Aug 7 04:14:31 2025 GMT
Subject: CN=FB01443C3716D6C8198F7B0270ECF5F97E80C75A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:2e:66:71:b3:56:45:91:8e:3e:65:b1:30:
d2:57:98:69:56:86:26:f7:6a:8e:6e:a1:a9:e8:3c:
0f:bd:a5:9b:9d:9c:ae:24:8a:75:84:38:98:32:21:
56:1d:61:f7:f1:a6:e5:b6:7e:8e:dc:cb:00:b7:a5:
f2:58:08:da:7d:e5:1b:05:9e:4e:85:bd:d6:d6:3a:
5e:c7:c7:09:84:13:7a:c6:ac:95:b3:e3:aa:3c:d9:
1c:a4:c7:f4:e5:48:e3:65:59:2f:d1:e8:64:56:6f:
94:55:c5:cd:19:96:fe:89:ec:e8:52:39:fc:55:00:
e4:fe:d6:40:e8:34:08:5f:5f:82:a6:b5:62:43:90:
cd:ef:25:58:1c:a9:5e:86:a9:2b:a9:2b:f9:c1:39:
d3:d0:7f:4d:de:3c:f1:56:d1:57:b8:ba:9f:60:3d:
14:aa:90:90:3c:40:df:2e:14:a8:db:96:95:65:84:
58:b4:9c:8f:6f:d9:84:62:91:d9:22:aa:f7:98:66:
3c:d2:8b:97:6e:39:94:4a:f7:7e:15:6a:52:66:ec:
46:0b:23:ee:11:4f:cf:ac:e8:0f:3b:c3:91:62:48:
cc:ec:04:1a:8a:70:84:36:77:67:33:c1:3a:1a:a0:
1d:72:55:75:6a:d3:77:04:5b:8f:f9:fd:cf:c6:7f:
32:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:01:44:3C:37:16:D6:C8:19:8F:7B:02:70:EC:F5:F9:7E:80:C7:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3137362e3132342e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.124.0/24
Signature Algorithm: sha256WithRSAEncryption
39:56:a8:78:84:0a:6e:ff:56:a0:fe:83:0c:d6:2f:72:06:35:
ec:19:71:1e:aa:db:b1:3c:bc:02:cc:26:87:38:e8:b3:c0:6c:
eb:53:e0:63:85:84:9e:0e:5f:bd:62:8f:59:a7:16:23:79:aa:
0f:e2:e4:f9:e8:f2:3e:2b:4a:a9:b1:48:5c:e1:34:77:ac:23:
12:66:20:f0:0c:75:c8:04:6d:e3:b0:58:51:e2:20:5c:67:e3:
65:83:e5:43:2e:07:c5:2d:f8:f5:51:6f:3c:4f:f3:b5:04:bf:
52:3f:77:54:87:4f:96:da:18:c7:04:db:64:4f:55:32:14:6c:
be:5e:35:5a:a1:b1:8e:d2:7d:2e:0f:08:d1:63:55:f6:67:18:
0b:1c:32:9c:49:6a:24:67:be:a3:c0:c2:a4:23:da:3d:64:9b:
dd:f4:62:7c:f1:40:a1:c2:57:69:c1:53:89:0a:24:48:02:36:
b4:42:e1:42:b0:26:17:26:be:44:a8:b9:de:87:57:ed:bd:17:
53:fb:03:ca:18:46:a8:7e:89:7c:48:8f:d3:30:98:b4:8a:ce:
10:95:c4:35:e3:fe:6d:9c:e4:15:ef:70:48:5d:5c:a4:22:1b:
3a:9a:cf:ac:ce:9f:25:55:11:75:a0:e2:56:82:31:ee:84:a6:
77:62:09:1d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMb0A+8XnRvzioPITu4HLnRmwMMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDgwNDA5MzFaFw0yNTA4MDcwNDE0MzFaMDMxMTAvBgNV
BAMTKEZCMDE0NDNDMzcxNkQ2QzgxOThGN0IwMjcwRUNGNUY5N0U4MEM3NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5hi5mcbNWRZGOPmWxMNJXmGlW
hib3ao5uoanoPA+9pZudnK4kinWEOJgyIVYdYffxpuW2fo7cywC3pfJYCNp95RsF
nk6FvdbWOl7HxwmEE3rGrJWz46o82Rykx/TlSONlWS/R6GRWb5RVxc0Zlv6J7OhS
OfxVAOT+1kDoNAhfX4KmtWJDkM3vJVgcqV6GqSupK/nBOdPQf03ePPFW0Ve4up9g
PRSqkJA8QN8uFKjblpVlhFi0nI9v2YRikdkiqveYZjzSi5duOZRK934ValJm7EYL
I+4RT8+s6A87w5FiSMzsBBqKcIQ2d2czwToaoB1yVXVq03cEW4/5/c/GfzInAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+wFEPDcW1sgZj3sCcOz1+X6Ax1owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM3MzYyZTMx
MzIzNDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBsHwwDQYJKoZIhvcNAQELBQADggEBADlWqHiECm7/VqD+gwzWL3IGNewZcR6q
27E8vALMJoc46LPAbOtT4GOFhJ4OX71ij1mnFiN5qg/i5Pno8j4rSqmxSFzhNHes
IxJmIPAMdcgEbeOwWFHiIFxn42WD5UMuB8Ut+PVRbzxP87UEv1I/d1SHT5baGMcE
22RPVTIUbL5eNVqhsY7SfS4PCNFjVfZnGAscMpxJaiRnvqPAwqQj2j1km930Ynzx
QKHCV2nBU4kKJEgCNrRC4UKwJhcmvkSoud6HV+29F1P7A8oYRqh+iXxIj9MwmLSK
zhCVxDXj/m2c5BXvcEhdXKQiGzqaz6zOnyVVEXWg4laCMe6EpndiCR0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org