Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: pwdWkATOwPCXQR4MJwlpvkgZ6/pjbJhwdnY3mCiR7bk=
Subject key identifier: EB:45:F6:0E:E7:61:CD:BB:B1:AA:37:A8:BA:9B:5E:05:08:CA:8C:67
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C0C0DD11E230C909779DDAC04EA5BDA0F8BEE91
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 11 Sep 2023 16:07:58 +0000
ROA not before: Mon 11 Sep 2023 16:02:58 +0000
ROA not after: Mon 09 Sep 2024 16:07:58 +0000
asID: 47583
IP address blocks: 193.203.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:0c:0d:d1:1e:23:0c:90:97:79:dd:ac:04:ea:5b:da:0f:8b:ee:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 11 16:02:58 2023 GMT
Not After : Sep 9 16:07:58 2024 GMT
Subject: CN=EB45F60EE761CDBBB1AA37A8BA9B5E0508CA8C67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:25:05:bd:10:70:5a:b0:5b:05:a5:ca:47:29:
e1:9c:30:80:be:2c:ae:ec:57:08:0f:d8:fe:e3:48:
9f:b6:03:a9:b5:40:20:e9:a0:74:b9:45:e6:ee:a4:
39:6b:4a:34:10:ab:51:e6:d0:9d:36:20:a5:22:a2:
a4:8e:4d:b5:b2:9b:90:15:10:bb:90:8e:65:63:87:
40:cf:58:4b:cb:c5:3c:e1:5b:c4:da:e5:50:73:a3:
cf:32:84:bd:16:e8:41:39:bd:65:14:08:9f:cc:9b:
5c:5a:ef:5d:29:dc:4f:5f:19:24:42:dc:f1:04:43:
6f:fb:c7:10:b4:a7:3a:16:4d:c1:04:c8:7b:21:e4:
8a:be:ba:89:87:f9:6f:bd:19:67:4d:97:f9:fb:51:
46:bc:9f:b2:fe:47:e5:a9:79:e4:1c:3a:9c:9e:41:
c6:fe:f6:bb:66:6b:e5:af:de:ef:33:a6:cb:e5:89:
3d:07:fa:b1:f6:d5:40:29:8f:73:18:0b:6b:cd:96:
20:7b:0a:0b:42:e3:33:98:a3:66:35:0f:9e:d7:6c:
a4:57:97:98:1e:ab:a8:20:ea:e9:51:ca:df:f1:e0:
e1:2f:4d:e9:79:91:b4:49:d8:84:a4:da:8d:99:04:
17:71:55:6e:bd:7b:3c:c0:e2:6b:f3:8b:9a:18:7c:
33:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:45:F6:0E:E7:61:CD:BB:B1:AA:37:A8:BA:9B:5E:05:08:CA:8C:67
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.176.0/22
Signature Algorithm: sha256WithRSAEncryption
13:32:75:21:28:8a:1c:40:33:d6:ef:58:c5:e8:bd:cf:e5:35:
cc:83:c5:2d:ba:5d:e5:d9:82:10:e9:77:83:0e:c2:49:35:0e:
5b:7d:68:9d:fe:f9:65:fd:29:78:64:93:5c:39:ea:23:e9:dc:
1b:bf:51:34:f5:f8:bd:c5:a8:7a:5f:47:13:17:12:eb:ee:82:
33:b3:ff:e2:b9:02:16:ea:a4:29:ef:e5:df:d6:8d:bc:fa:d4:
06:7a:e0:3d:a3:a5:3e:40:df:fd:f2:31:59:68:77:88:41:63:
8c:ac:9f:a2:75:9d:6b:7f:a4:f1:ca:85:ad:dd:b9:fe:f7:2a:
09:f2:e8:9e:6a:16:ec:29:85:10:40:6e:e6:e3:d5:72:35:0b:
3b:a6:35:9b:0e:2b:f6:c2:e6:0c:69:04:ec:ee:8e:7c:e7:32:
56:ba:1e:fc:51:5f:c7:5f:ff:c6:15:3e:25:8e:e0:c8:1a:43:
10:01:d1:1b:85:0b:ef:1f:10:7f:3b:ac:6d:1e:7f:05:7a:7d:
99:9a:24:ec:10:c0:28:7d:eb:01:49:19:81:d1:4a:16:5e:c5:
71:a7:86:2d:8d:c6:d1:b9:f4:14:97:e7:46:d1:61:bf:43:9c:
4f:e5:42:f2:11:20:9e:82:20:b2:33:33:86:32:01:71:da:20:
ce:33:4b:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPAwN0R4jDJCXed2sBOpb2g+L7pEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MTExNjAyNThaFw0yNDA5MDkxNjA3NThaMDMxMTAvBgNV
BAMTKEVCNDVGNjBFRTc2MUNEQkJCMUFBMzdBOEJBOUI1RTA1MDhDQThDNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaJQW9EHBasFsFpcpHKeGcMIC+
LK7sVwgP2P7jSJ+2A6m1QCDpoHS5RebupDlrSjQQq1Hm0J02IKUioqSOTbWym5AV
ELuQjmVjh0DPWEvLxTzhW8Ta5VBzo88yhL0W6EE5vWUUCJ/Mm1xa710p3E9fGSRC
3PEEQ2/7xxC0pzoWTcEEyHsh5Iq+uomH+W+9GWdNl/n7UUa8n7L+R+WpeeQcOpye
Qcb+9rtma+Wv3u8zpsvliT0H+rH21UApj3MYC2vNliB7CgtC4zOYo2Y1D57XbKRX
l5geq6gg6ulRyt/x4OEvTel5kbRJ2ISk2o2ZBBdxVW69ezzA4mvzi5oYfDM/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU60X2DudhzbuxqjeoupteBQjKjGcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzczNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy7AwDQYJKoZIhvcNAQELBQADggEBABMydSEoihxAM9bvWMXovc/lNcyDxS26
XeXZghDpd4MOwkk1Dlt9aJ3++WX9KXhkk1w56iPp3Bu/UTT1+L3FqHpfRxMXEuvu
gjOz/+K5AhbqpCnv5d/Wjbz61AZ64D2jpT5A3/3yMVlod4hBY4ysn6J1nWt/pPHK
ha3duf73Kgny6J5qFuwphRBAbubj1XI1CzumNZsOK/bC5gxpBOzujnznMla6HvxR
X8df/8YVPiWO4MgaQxAB0RuFC+8fEH87rG0efwV6fZmaJOwQwCh96wFJGYHRShZe
xXGnhi2NxtG59BSX50bRYb9DnE/lQvIRIJ6CILIzM4YyAXHaIM4zS+E=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org