Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
File: 3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wHQJaZJsa4fOx0gotGvAdcamFL5qW21K++r10SXAjes=
Subject key identifier: 78:F5:04:53:78:E4:44:7E:0C:DC:CD:FF:6D:1E:65:74:C5:39:A0:4D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5442042E2D8F4FC35D7E8BB9CB0D48CFBC5D9730
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:20 +0000
ROA not before: Sat 02 Mar 2024 21:49:20 +0000
ROA not after: Sat 01 Mar 2025 21:54:20 +0000
asID: 136787
IP address blocks: 193.189.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:42:04:2e:2d:8f:4f:c3:5d:7e:8b:b9:cb:0d:48:cf:bc:5d:97:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:20 2024 GMT
Not After : Mar 1 21:54:20 2025 GMT
Subject: CN=78F5045378E4447E0CDCCDFF6D1E6574C539A04D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:d9:ef:e6:b2:59:89:18:45:7f:d3:96:34:
ed:ad:c9:09:22:3c:33:99:d5:d9:b7:6a:9b:8e:3e:
f2:2d:5e:0d:89:5e:49:3e:1b:33:66:c1:f9:cc:65:
b6:bb:f8:27:cd:7e:bd:70:b4:da:64:cc:81:9e:58:
c0:d5:3c:dc:6d:f5:5f:4e:93:52:3b:b8:0b:b9:60:
81:eb:e9:95:7a:05:38:f7:c1:eb:99:17:98:10:63:
15:22:6e:39:67:35:b5:bd:fc:91:eb:e6:0a:c8:95:
57:94:3d:71:3c:00:88:ec:a0:2d:a2:3f:47:9b:a3:
62:9a:c6:36:24:4f:6a:d1:7f:5e:74:27:09:10:97:
2a:2f:23:94:44:c6:46:0f:02:40:62:14:05:40:2e:
82:6c:21:aa:6f:4f:39:a4:01:fe:fb:e7:e3:18:73:
12:84:33:6e:79:9a:39:d3:ab:28:1d:34:b0:53:85:
22:ad:a2:46:53:66:22:a3:f8:32:24:23:c2:5d:f5:
9c:1e:d1:fc:98:6b:a2:fd:d9:81:e1:c0:ee:33:61:
c7:ad:10:cf:13:f6:8a:92:6f:e7:da:47:d5:2f:5d:
bc:0f:99:e4:27:41:5c:5a:ab:e2:61:bd:6d:c2:f1:
11:60:a8:4e:4f:43:64:42:04:c7:43:44:39:d5:a4:
02:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F5:04:53:78:E4:44:7E:0C:DC:CD:FF:6D:1E:65:74:C5:39:A0:4D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:18:90:22:26:51:7c:97:93:51:8f:07:c0:80:56:c7:2d:84:
2a:e5:20:32:2f:16:85:7d:a6:20:4c:e0:bd:8b:9b:d0:ac:10:
46:ec:b5:d6:2d:2a:a4:ee:27:a8:50:24:18:72:40:1a:18:e5:
56:1e:0e:56:e1:2a:22:73:b3:0d:ee:83:d9:42:8d:fd:c3:14:
de:9e:67:84:45:d3:af:15:65:6e:ec:10:71:56:8b:ce:a2:b2:
92:92:8d:ab:ac:35:cd:d8:a4:5a:bc:e5:ff:47:04:0c:62:c5:
df:3c:f6:cd:d2:7c:7b:95:a0:81:1e:02:27:53:44:f6:53:97:
d8:b6:8e:9a:8e:bd:0b:a2:65:c6:59:d5:91:32:56:87:42:ef:
eb:81:80:92:0b:5c:b3:a4:55:0c:c9:11:37:8d:fa:48:2f:43:
5b:6f:a4:c2:11:26:98:ad:b5:34:8a:70:5f:f8:1f:4a:8b:ef:
51:72:6a:d4:98:46:c1:ae:91:92:e2:81:c2:de:d0:7f:c7:16:
e9:39:ea:32:4d:2a:f1:12:6b:9c:10:fd:7a:0b:43:2c:48:99:
16:f9:2d:93:9e:a4:81:65:3b:fb:b4:e4:6c:5c:7c:45:e8:87:
04:46:0e:86:55:23:bd:1e:86:b1:d9:14:d9:d6:6e:2c:c7:bc:
af:29:85:8a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVEIELi2PT8Ndfou5yw1Iz7xdlzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MjBaFw0yNTAzMDEyMTU0MjBaMDMxMTAvBgNV
BAMTKDc4RjUwNDUzNzhFNDQ0N0UwQ0RDQ0RGRjZEMUU2NTc0QzUzOUEwNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXr9nv5rJZiRhFf9OWNO2tyQki
PDOZ1dm3apuOPvItXg2JXkk+GzNmwfnMZba7+CfNfr1wtNpkzIGeWMDVPNxt9V9O
k1I7uAu5YIHr6ZV6BTj3weuZF5gQYxUibjlnNbW9/JHr5grIlVeUPXE8AIjsoC2i
P0ebo2KaxjYkT2rRf150JwkQlyovI5RExkYPAkBiFAVALoJsIapvTzmkAf775+MY
cxKEM255mjnTqygdNLBThSKtokZTZiKj+DIkI8Jd9Zwe0fyYa6L92YHhwO4zYcet
EM8T9oqSb+faR9UvXbwPmeQnQVxaq+JhvW3C8RFgqE5PQ2RCBMdDRDnVpALtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUePUEU3jkRH4M3M3/bR5ldMU5oE0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM4MzkyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMG9azANBgkqhkiG9w0BAQsFAAOCAQEADRiQIiZRfJeTUY8HwIBWxy2EKuUg
Mi8WhX2mIEzgvYub0KwQRuy11i0qpO4nqFAkGHJAGhjlVh4OVuEqInOzDe6D2UKN
/cMU3p5nhEXTrxVlbuwQcVaLzqKykpKNq6w1zdikWrzl/0cEDGLF3zz2zdJ8e5Wg
gR4CJ1NE9lOX2LaOmo69C6JlxlnVkTJWh0Lv64GAkgtcs6RVDMkRN436SC9DW2+k
whEmmK21NIpwX/gfSovvUXJq1JhGwa6RkuKBwt7Qf8cW6TnqMk0q8RJrnBD9egtD
LEiZFvktk56kgWU7+7TkbFx8ReiHBEYOhlUjvR6GsdkU2dZuLMe8rymFig==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org