Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: eql27XTCDCVWQyfo5XP8snPXoNT4H4AlmCikMxI5jeo=
Subject key identifier: 01:44:9A:52:4D:27:C2:58:9A:74:FB:D6:F8:30:5B:59:2F:D2:00:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4A528905088A28B1F3C47DE714AF3BDC0149EA21
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
Signing time: Fri 02 Aug 2024 11:04:33 +0000
ROA not before: Fri 02 Aug 2024 10:59:33 +0000
ROA not after: Fri 01 Aug 2025 11:04:33 +0000
asID: 47583
IP address blocks: 193.203.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:52:89:05:08:8a:28:b1:f3:c4:7d:e7:14:af:3b:dc:01:49:ea:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 2 10:59:33 2024 GMT
Not After : Aug 1 11:04:33 2025 GMT
Subject: CN=01449A524D27C2589A74FBD6F8305B592FD200EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b1:2e:c2:b1:66:de:81:1d:07:49:3a:7e:dd:
61:b5:7b:a7:f5:e2:24:43:20:e7:29:6d:cd:d7:ff:
5d:42:f0:4e:0a:98:4d:6f:42:84:f7:f9:c7:13:d2:
af:8e:e2:ce:fb:68:27:15:ca:44:a9:f1:3b:6b:ad:
31:31:12:dd:f7:3e:57:c1:d3:ad:cb:b8:5f:8e:91:
9d:e8:d3:3a:bf:40:a6:33:08:10:a4:91:fe:82:f1:
9c:60:4e:25:e8:1c:57:79:9f:64:45:0f:49:73:56:
ce:ef:11:b4:e0:bd:25:af:66:55:87:d7:df:4c:05:
8a:d6:c7:86:af:86:a4:70:ad:20:e1:0c:ce:07:a0:
32:f7:ce:c4:22:8a:44:34:db:65:8a:a0:dc:94:fc:
ec:3d:da:a7:6a:3e:f3:4c:ee:58:da:0e:d5:db:b8:
48:0f:69:8d:82:e8:8c:09:3c:a6:72:7e:a6:ab:76:
f6:26:57:10:a6:8c:24:27:cc:e9:ea:ad:3e:7b:72:
f8:d4:9d:17:a5:b4:cb:a6:d7:9f:e4:02:8f:56:1b:
1a:96:c6:e0:a9:d8:23:80:a0:c3:ba:65:05:ea:35:
90:aa:b7:11:9f:65:e0:83:15:9d:10:6b:2c:6c:31:
b9:8f:2b:45:15:99:f4:e2:4b:b3:b2:43:dc:6c:58:
1e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:44:9A:52:4D:27:C2:58:9A:74:FB:D6:F8:30:5B:59:2F:D2:00:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.168.0/22
Signature Algorithm: sha256WithRSAEncryption
65:15:42:c7:ed:c4:d1:33:b6:2e:e2:82:74:23:28:49:ad:58:
61:06:13:e8:fc:4a:66:d5:14:ac:19:05:9f:d9:ba:7e:d7:fa:
42:f8:ed:40:78:9b:d4:97:2e:22:f5:e2:0a:49:88:2f:5f:99:
7e:7d:4b:74:9b:b5:fc:0f:ba:f6:97:13:ac:c1:a5:eb:c1:3c:
a7:0a:95:e9:3b:52:bd:5a:9e:48:70:d1:6b:fb:91:6a:5c:ac:
dd:41:59:36:6b:42:b0:c9:4d:87:26:2e:25:e3:6f:80:cf:5d:
7f:c5:c1:07:c1:94:fd:cd:8b:3d:96:2d:ec:9f:f2:9c:8e:2e:
54:10:9f:7f:e6:1e:af:ad:55:c2:b5:e4:b9:5f:88:91:bc:97:
25:ec:de:ae:d7:79:3d:99:04:0e:4c:05:04:8d:f6:c9:3c:b6:
28:a2:15:b8:4c:e0:d2:98:6e:80:60:f7:2e:4e:ce:ec:6e:df:
58:16:c5:8e:fc:bd:38:81:13:3e:9c:fa:b3:0e:cf:d4:8d:fd:
55:ea:f1:d4:fc:14:ea:06:2a:b0:f4:f8:3d:c4:33:cc:d5:f3:
ad:35:63:ef:2f:ab:97:6c:84:dd:48:09:4c:c9:f3:80:dc:8e:
da:50:55:a5:01:27:5b:75:d8:9f:78:00:9f:96:15:c2:be:28:
0d:7a:bf:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSlKJBQiKKLHzxH3nFK873AFJ6iEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MDIxMDU5MzNaFw0yNTA4MDExMTA0MzNaMDMxMTAvBgNV
BAMTKDAxNDQ5QTUyNEQyN0MyNTg5QTc0RkJENkY4MzA1QjU5MkZEMjAwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5sS7CsWbegR0HSTp+3WG1e6f1
4iRDIOcpbc3X/11C8E4KmE1vQoT3+ccT0q+O4s77aCcVykSp8TtrrTExEt33PlfB
063LuF+OkZ3o0zq/QKYzCBCkkf6C8ZxgTiXoHFd5n2RFD0lzVs7vEbTgvSWvZlWH
199MBYrWx4avhqRwrSDhDM4HoDL3zsQiikQ022WKoNyU/Ow92qdqPvNM7ljaDtXb
uEgPaY2C6IwJPKZyfqardvYmVxCmjCQnzOnqrT57cvjUnReltMum15/kAo9WGxqW
xuCp2COAoMO6ZQXqNZCqtxGfZeCDFZ0QayxsMbmPK0UVmfTiS7OyQ9xsWB6LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAUSaUk0nwliadPvW+DBbWS/SAOowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6gwDQYJKoZIhvcNAQELBQADggEBAGUVQsftxNEzti7ignQjKEmtWGEGE+j8
SmbVFKwZBZ/Zun7X+kL47UB4m9SXLiL14gpJiC9fmX59S3SbtfwPuvaXE6zBpevB
PKcKlek7Ur1ankhw0Wv7kWpcrN1BWTZrQrDJTYcmLiXjb4DPXX/FwQfBlP3Niz2W
Leyf8pyOLlQQn3/mHq+tVcK15LlfiJG8lyXs3q7XeT2ZBA5MBQSN9sk8tiiiFbhM
4NKYboBg9y5Ozuxu31gWxY78vTiBEz6c+rMOz9SN/VXq8dT8FOoGKrD0+D3EM8zV
8601Y+8vq5dshN1ICUzJ84DcjtpQVaUBJ1t12J94AJ+WFcK+KA16v9A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org