Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: HhssVRsTwx9RlvBUii3MZAPDUsTV5ffrwm0Ts0CBLKE=
Subject key identifier: 96:D2:7C:A6:E8:97:B3:7A:78:2E:4D:03:03:94:16:38:C4:5A:13:25
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 422901363D3AF1D4F93F0FD1CE5B5B8A27A226F8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
Signing time: Fri 01 Sep 2023 10:54:35 +0000
ROA not before: Fri 01 Sep 2023 10:49:35 +0000
ROA not after: Fri 30 Aug 2024 10:54:35 +0000
asID: 47583
IP address blocks: 193.203.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:29:01:36:3d:3a:f1:d4:f9:3f:0f:d1:ce:5b:5b:8a:27:a2:26:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 1 10:49:35 2023 GMT
Not After : Aug 30 10:54:35 2024 GMT
Subject: CN=96D27CA6E897B37A782E4D0303941638C45A1325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3f:d2:9d:19:39:21:54:50:d2:7e:8f:b9:38:
a4:42:1f:5c:b7:9e:40:a9:e5:f3:a4:b2:9c:cf:05:
5f:63:d5:92:ef:2c:06:fb:29:54:ed:1d:5b:8b:aa:
bf:6a:19:53:31:f6:ba:28:a5:41:e7:f7:48:e7:07:
79:db:13:92:ea:a4:da:61:10:d2:66:3a:9d:cc:18:
4c:72:98:5c:25:1f:81:44:3a:ae:58:0c:98:cd:70:
bf:fc:46:1e:18:4c:3d:e9:94:8f:63:60:2b:43:2f:
6b:0e:f6:a6:a7:1e:e6:39:20:57:ae:f0:f4:d4:0f:
ec:e8:8b:0c:94:ba:5b:64:21:f7:15:68:51:c2:dd:
93:03:7a:7b:d5:3a:ba:8d:a7:17:da:48:28:4a:cf:
2d:99:9b:81:fc:19:3f:ac:13:41:87:df:c9:a7:08:
d2:01:5b:d5:2c:9d:7b:c1:51:a4:75:1a:c2:60:58:
98:cd:c8:00:0b:9d:67:a8:60:d3:63:13:c5:b3:97:
c9:44:c1:a3:6d:19:33:5f:aa:1d:ae:6d:ac:58:80:
78:80:11:95:1c:3c:f8:a9:aa:95:87:d5:05:67:1b:
d1:37:0a:ad:b6:22:e0:65:3b:9b:60:7b:19:96:c9:
a6:6b:2a:20:cb:d1:a8:b7:37:cd:20:24:8b:59:b9:
78:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D2:7C:A6:E8:97:B3:7A:78:2E:4D:03:03:94:16:38:C4:5A:13:25
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.168.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:50:98:dd:d5:b6:66:4a:7b:a5:79:87:35:02:df:29:0e:1d:
d3:d1:82:1e:08:79:f7:29:f0:11:80:c7:e3:60:15:1a:56:03:
be:f0:75:a3:32:db:e6:04:f5:da:d2:46:85:52:ca:1c:34:74:
5b:04:1e:23:b0:bf:29:86:3d:a1:63:ef:36:80:c9:6f:a1:ea:
5f:bf:1b:a1:27:e1:77:13:d2:6a:24:90:85:4c:2f:1e:4b:ed:
9c:b6:b5:e3:55:40:8b:f4:32:85:f1:1f:17:10:c7:d5:44:2b:
db:53:54:10:5b:1c:a0:e5:55:a6:f5:76:71:0b:04:39:ce:d0:
17:b9:71:d0:67:3d:92:ed:30:b6:92:5d:f3:ec:44:29:91:bd:
65:b0:1b:14:db:c4:9e:f5:5f:9a:9a:28:9e:3f:ab:18:e1:0a:
02:de:2e:32:63:1e:51:db:4e:ee:bd:51:2f:71:fb:3d:1d:8a:
cd:d5:b1:1c:68:a8:57:70:7b:b4:aa:6b:92:6a:e0:81:7d:04:
1f:f3:27:fa:23:2a:74:d0:42:27:14:90:43:34:e0:d1:e2:3f:
51:7b:dc:ff:25:48:e5:82:4b:80:d2:db:af:11:aa:f0:3d:1c:
d0:dd:ae:2b:58:91:36:c8:37:18:bb:13:f9:e2:00:8a:f6:a4:
e1:f8:21:21
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQikBNj068dT5Pw/RzltbiieiJvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MDExMDQ5MzVaFw0yNDA4MzAxMDU0MzVaMDMxMTAvBgNV
BAMTKDk2RDI3Q0E2RTg5N0IzN0E3ODJFNEQwMzAzOTQxNjM4QzQ1QTEzMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmP9KdGTkhVFDSfo+5OKRCH1y3
nkCp5fOkspzPBV9j1ZLvLAb7KVTtHVuLqr9qGVMx9roopUHn90jnB3nbE5LqpNph
ENJmOp3MGExymFwlH4FEOq5YDJjNcL/8Rh4YTD3plI9jYCtDL2sO9qanHuY5IFeu
8PTUD+zoiwyUultkIfcVaFHC3ZMDenvVOrqNpxfaSChKzy2Zm4H8GT+sE0GH38mn
CNIBW9UsnXvBUaR1GsJgWJjNyAALnWeoYNNjE8Wzl8lEwaNtGTNfqh2ubaxYgHiA
EZUcPPipqpWH1QVnG9E3Cq22IuBlO5tgexmWyaZrKiDL0ai3N80gJItZuXg7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUltJ8puiXs3p4Lk0DA5QWOMRaEyUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6gwDQYJKoZIhvcNAQELBQADggEBAI1QmN3VtmZKe6V5hzUC3ykOHdPRgh4I
efcp8BGAx+NgFRpWA77wdaMy2+YE9drSRoVSyhw0dFsEHiOwvymGPaFj7zaAyW+h
6l+/G6En4XcT0mokkIVMLx5L7Zy2teNVQIv0MoXxHxcQx9VEK9tTVBBbHKDlVab1
dnELBDnO0Be5cdBnPZLtMLaSXfPsRCmRvWWwGxTbxJ71X5qaKJ4/qxjhCgLeLjJj
HlHbTu69US9x+z0dis3VsRxoqFdwe7Sqa5Jq4IF9BB/zJ/ojKnTQQicUkEM04NHi
P1F73P8lSOWCS4DS268RqvA9HNDdritYkTbINxi7E/niAIr2pOH4ISE=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org