Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: /cd9xT0XMMpNmZoz8aLmGH5yfHMM0kiHpr68D1UaU/w=
Subject key identifier: AA:2A:F0:7E:95:5C:45:77:8F:FA:48:EB:CC:E1:A2:E5:FD:A5:1D:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1AC02BC3B2FDD5F0976F4831DB3C913658C1C316
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
Signing time: Fri 01 Sep 2023 10:54:29 +0000
ROA not before: Fri 01 Sep 2023 10:49:29 +0000
ROA not after: Fri 30 Aug 2024 10:54:29 +0000
asID: 47583
IP address blocks: 193.203.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:c0:2b:c3:b2:fd:d5:f0:97:6f:48:31:db:3c:91:36:58:c1:c3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 1 10:49:29 2023 GMT
Not After : Aug 30 10:54:29 2024 GMT
Subject: CN=AA2AF07E955C45778FFA48EBCCE1A2E5FDA51D17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:86:c5:85:d9:9b:3d:9f:96:91:48:db:43:8d:
d7:3e:2a:af:90:67:83:61:23:ec:16:8b:ab:0c:9e:
f4:5a:8b:59:69:ec:ce:c0:66:77:e3:d7:d5:98:64:
5e:5e:aa:17:b7:62:59:dc:49:8b:9a:71:d1:c5:32:
2a:8f:10:db:78:09:6d:21:e0:1d:b4:35:bb:0f:1b:
5e:d9:60:18:ee:1d:a7:5e:3f:8e:26:98:74:b7:16:
3a:ba:27:2e:ff:75:5e:cb:a7:db:53:ca:19:8a:7e:
20:2a:10:a2:44:2c:56:10:60:20:e9:7e:d3:75:72:
35:7b:8d:47:06:3f:fd:5d:ce:5a:f8:6f:c1:b5:03:
e0:6f:42:ba:07:16:d9:16:5c:e6:86:bf:c4:a4:68:
c2:8f:66:7e:9d:9e:6f:79:9f:90:64:22:b4:1c:a8:
aa:6d:c2:67:a6:d7:29:13:95:74:b9:8a:58:93:66:
2d:8b:10:3e:84:5c:d7:c3:3d:ea:f1:44:c3:5e:77:
b3:22:20:7e:d2:81:2c:4d:51:52:25:65:30:c6:3b:
8e:6e:21:9e:4c:7d:a3:b9:17:68:e1:da:67:bb:9c:
d2:cc:e3:89:88:05:e1:76:31:c0:e5:21:0c:84:65:
a2:a4:d0:b8:80:2d:be:ce:f2:ba:8e:77:96:42:1f:
9a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2A:F0:7E:95:5C:45:77:8F:FA:48:EB:CC:E1:A2:E5:FD:A5:1D:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
95:a5:a4:02:21:4d:ea:b0:95:81:04:ff:2f:63:a2:fc:08:f8:
91:ec:fe:57:50:31:1b:3d:c8:e3:9c:1e:0f:ae:37:50:12:01:
f6:06:04:79:4d:41:15:0c:f0:18:79:d3:7b:d7:e4:e2:f2:ca:
6f:22:f0:82:a4:9e:b1:95:bd:69:3b:36:3f:8a:5d:f7:4f:35:
f5:51:69:d7:e9:2d:a1:95:3d:38:fe:6b:51:18:9d:5e:52:7c:
09:e4:82:f4:6b:23:55:15:4a:fc:6d:ad:83:d0:ca:4c:84:5a:
ae:b5:48:f7:b1:8c:1a:bb:9d:b3:07:13:b5:24:59:46:ca:8f:
2c:c7:55:c3:40:ad:66:92:a8:32:02:95:ac:a9:cc:a7:e7:29:
0e:73:55:4c:72:85:c1:72:39:66:97:66:25:e9:1a:99:52:5d:
c3:06:3f:63:a3:1b:d8:95:db:89:f1:16:56:d9:8f:bc:57:90:
8d:6e:f2:9e:af:5f:5a:2d:c2:17:05:e9:1f:bb:2f:f8:bd:a7:
d3:6c:e0:d9:e1:dc:bc:63:af:9d:08:f2:6b:12:48:4e:1a:20:
cc:44:cd:e0:d7:35:ff:f4:12:7d:ac:84:d7:d2:21:b3:1d:94:
51:f7:eb:74:af:79:e6:1b:3d:97:e4:4f:7c:fd:ce:2f:62:f9:
be:ee:39:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGsArw7L91fCXb0gx2zyRNljBwxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MDExMDQ5MjlaFw0yNDA4MzAxMDU0MjlaMDMxMTAvBgNV
BAMTKEFBMkFGMDdFOTU1QzQ1Nzc4RkZBNDhFQkNDRTFBMkU1RkRBNTFEMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8hsWF2Zs9n5aRSNtDjdc+Kq+Q
Z4NhI+wWi6sMnvRai1lp7M7AZnfj19WYZF5eqhe3YlncSYuacdHFMiqPENt4CW0h
4B20NbsPG17ZYBjuHadeP44mmHS3Fjq6Jy7/dV7Lp9tTyhmKfiAqEKJELFYQYCDp
ftN1cjV7jUcGP/1dzlr4b8G1A+BvQroHFtkWXOaGv8SkaMKPZn6dnm95n5BkIrQc
qKptwmem1ykTlXS5iliTZi2LED6EXNfDPerxRMNed7MiIH7SgSxNUVIlZTDGO45u
IZ5MfaO5F2jh2me7nNLM44mIBeF2McDlIQyEZaKk0LiALb7O8rqOd5ZCH5rDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqirwfpVcRXeP+kjrzOGi5f2lHRcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6QwDQYJKoZIhvcNAQELBQADggEBAJWlpAIhTeqwlYEE/y9jovwI+JHs/ldQ
MRs9yOOcHg+uN1ASAfYGBHlNQRUM8Bh503vX5OLyym8i8IKknrGVvWk7Nj+KXfdP
NfVRadfpLaGVPTj+a1EYnV5SfAnkgvRrI1UVSvxtrYPQykyEWq61SPexjBq7nbMH
E7UkWUbKjyzHVcNArWaSqDIClaypzKfnKQ5zVUxyhcFyOWaXZiXpGplSXcMGP2Oj
G9iV24nxFlbZj7xXkI1u8p6vX1otwhcF6R+7L/i9p9Ns4Nnh3Lxjr50I8msSSE4a
IMxEzeDXNf/0En2shNfSIbMdlFH363SveeYbPZfkT3z9zi9i+b7uOeE=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org