Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: rsweCgPWvHIYIxKeTMxgWtjPTPWKdB3YQe4OQ4whZgE=
Subject key identifier: 67:74:ED:97:EB:4F:F0:91:68:F7:59:B4:D1:B9:C7:A5:40:D3:DA:B5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 65D9AAA93956226CD66781CF1AA979591FC9DBF6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
Signing time: Fri 02 Aug 2024 11:04:34 +0000
ROA not before: Fri 02 Aug 2024 10:59:34 +0000
ROA not after: Fri 01 Aug 2025 11:04:34 +0000
asID: 47583
IP address blocks: 193.203.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d9:aa:a9:39:56:22:6c:d6:67:81:cf:1a:a9:79:59:1f:c9:db:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 2 10:59:34 2024 GMT
Not After : Aug 1 11:04:34 2025 GMT
Subject: CN=6774ED97EB4FF09168F759B4D1B9C7A540D3DAB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:77:35:da:27:d7:24:03:36:04:80:43:81:
5d:73:ab:17:3c:ec:ac:fe:40:95:89:af:90:e4:aa:
11:5b:92:8d:33:47:26:45:51:0f:8d:7f:f6:86:5e:
7c:03:34:6a:4a:33:cb:48:f8:8d:63:5e:2f:e1:5a:
68:d7:2d:13:8b:f1:df:b6:8f:ac:16:9e:9d:79:9f:
7a:58:fa:68:cc:9d:f8:b0:a0:e2:a0:fd:f5:b9:df:
61:f2:b5:e8:de:69:d7:6e:45:91:12:fb:3b:8a:26:
02:81:e8:6f:76:58:71:87:67:46:f7:5a:ab:9b:a4:
35:56:67:69:92:d9:d7:38:d1:a9:9c:56:28:b0:30:
12:c4:eb:fe:99:6a:0e:dd:4c:a0:d0:9a:7d:d2:dc:
fb:68:0e:01:47:43:07:ac:88:9d:28:67:f5:29:94:
b6:8c:a9:a2:f5:56:6a:0e:a4:86:3a:07:28:de:d5:
fa:c3:50:3c:b2:21:e2:c5:ab:2f:a0:5e:02:13:35:
d4:a5:95:a8:2f:3a:e3:b6:9f:0e:42:f4:51:d0:1a:
bc:f3:bd:64:c4:4c:86:de:cf:95:22:55:71:37:4a:
31:8d:e5:bf:32:bf:9d:ca:ab:54:bc:4d:d2:ed:48:
5f:bf:2a:b6:3f:be:c8:2b:4d:fb:1c:bc:ba:e3:c4:
aa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:74:ED:97:EB:4F:F0:91:68:F7:59:B4:D1:B9:C7:A5:40:D3:DA:B5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:f9:bc:eb:a9:65:9d:29:d4:a7:27:3b:70:0c:8d:e0:8e:06:
d6:cc:4c:81:a5:8f:71:66:59:47:52:20:2d:06:dc:3b:15:82:
62:c4:f8:cc:6b:57:c6:3f:71:22:64:5e:a0:40:dd:56:ff:a2:
d8:40:9f:18:64:c0:4f:6a:1d:0e:35:f4:66:66:9c:e6:4f:ff:
bc:e5:13:96:5b:fc:74:ba:54:ae:de:6e:3f:34:3c:8f:e9:41:
9f:d4:7b:2f:60:39:21:3b:1f:f9:64:bd:83:38:2f:30:b3:f7:
34:dc:d7:c0:6e:12:9a:9b:61:cd:31:76:b0:0c:d6:41:f9:e6:
81:e1:83:54:e8:9b:18:35:98:89:f3:e4:ea:2b:32:03:0f:62:
6f:f3:e4:ea:6e:f7:73:96:49:b8:f5:24:c5:eb:d2:09:22:7e:
33:f0:2f:ae:00:8a:dc:ef:71:ad:f4:d7:e6:d4:1f:96:ad:62:
f4:a7:7b:d1:f0:f5:6a:05:48:cf:f3:5e:d4:f9:11:0f:3e:f7:
f5:7e:a5:bb:01:14:26:68:a9:89:a5:ae:a4:a6:2e:0b:38:8d:
da:55:46:67:15:32:e3:5d:ae:86:03:dd:50:a4:64:09:b9:bf:
ac:5c:28:2e:59:0c:0e:eb:15:ea:b6:85:04:36:21:09:8c:49:
88:34:e2:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZdmqqTlWImzWZ4HPGql5WR/J2/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDIxMDU5MzRaFw0yNTA4MDExMTA0MzRaMDMxMTAvBgNV
BAMTKDY3NzRFRDk3RUI0RkYwOTE2OEY3NTlCNEQxQjlDN0E1NDBEM0RBQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuRXc12ifXJAM2BIBDgV1zqxc8
7Kz+QJWJr5DkqhFbko0zRyZFUQ+Nf/aGXnwDNGpKM8tI+I1jXi/hWmjXLROL8d+2
j6wWnp15n3pY+mjMnfiwoOKg/fW532HytejeadduRZES+zuKJgKB6G92WHGHZ0b3
WqubpDVWZ2mS2dc40amcViiwMBLE6/6Zag7dTKDQmn3S3PtoDgFHQwesiJ0oZ/Up
lLaMqaL1VmoOpIY6Byje1frDUDyyIeLFqy+gXgITNdSllagvOuO2nw5C9FHQGrzz
vWTETIbez5UiVXE3SjGN5b8yv53Kq1S8TdLtSF+/KrY/vsgrTfscvLrjxKrBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZ3Ttl+tP8JFo91m00bnHpUDT2rUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6QwDQYJKoZIhvcNAQELBQADggEBAGz5vOupZZ0p1KcnO3AMjeCOBtbMTIGl
j3FmWUdSIC0G3DsVgmLE+MxrV8Y/cSJkXqBA3Vb/othAnxhkwE9qHQ419GZmnOZP
/7zlE5Zb/HS6VK7ebj80PI/pQZ/Uey9gOSE7H/lkvYM4LzCz9zTc18BuEpqbYc0x
drAM1kH55oHhg1Tomxg1mInz5OorMgMPYm/z5Opu93OWSbj1JMXr0gkifjPwL64A
itzvca301+bUH5atYvSne9Hw9WoFSM/zXtT5EQ8+9/V+pbsBFCZoqYmlrqSmLgs4
jdpVRmcVMuNdroYD3VCkZAm5v6xcKC5ZDA7rFeq2hQQ2IQmMSYg04vQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org