Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: PzRamhunYwqA8BEcbITHEASD1NMGviRX72Ja0JEGW1o=
Subject key identifier: 3B:A4:FC:88:12:D7:B1:83:42:90:7F:23:A5:9C:06:29:2A:C6:79:38
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 15BB73A3413F48F8FC3512CF4987FBDA4C2FA309
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 12 Aug 2024 17:04:37 +0000
ROA not before: Mon 12 Aug 2024 16:59:37 +0000
ROA not after: Mon 11 Aug 2025 17:04:37 +0000
asID: 47583
IP address blocks: 193.203.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:bb:73:a3:41:3f:48:f8:fc:35:12:cf:49:87:fb:da:4c:2f:a3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 12 16:59:37 2024 GMT
Not After : Aug 11 17:04:37 2025 GMT
Subject: CN=3BA4FC8812D7B18342907F23A59C06292AC67938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:87:f9:df:1a:04:b5:10:7a:0e:29:a1:95:95:
3b:c9:00:30:c5:b4:8d:a9:9f:4e:59:f5:de:c9:3b:
fa:7d:1d:25:cf:ad:1b:06:a1:69:f1:42:d2:83:77:
39:3f:83:3d:22:e6:99:4c:a4:fa:1d:27:2e:1d:cf:
10:a7:5d:8a:47:af:e0:75:1a:bf:9b:37:cb:05:a4:
f9:be:e3:7b:55:46:93:b8:48:7a:81:f8:af:78:0a:
af:d8:6b:de:17:5a:3b:1e:0d:66:fe:4e:35:1c:13:
33:20:5f:8f:0c:d0:a8:71:83:39:d6:90:80:7e:94:
d7:39:17:49:ee:2a:18:d9:83:f4:ec:53:61:cc:18:
1a:97:6e:8a:6b:ba:98:99:97:19:21:01:12:03:5a:
26:e4:fc:9a:d4:b2:8f:40:74:01:89:d4:95:ab:00:
9c:77:fe:e0:37:c2:50:a5:d6:6f:16:d6:b3:c7:6b:
51:b9:6c:3c:7e:30:b1:e1:28:6c:65:36:f1:76:1d:
8c:2d:df:1c:5d:72:6c:19:7f:01:8f:58:5e:b3:c1:
db:0f:27:d2:94:e7:a7:2a:dc:b0:a9:a5:4f:78:ba:
f6:bc:52:7f:68:49:8e:d5:c9:5d:01:9f:e8:53:b2:
e4:d8:82:d9:04:b1:de:ac:98:f7:d8:6c:9a:2c:f6:
b0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A4:FC:88:12:D7:B1:83:42:90:7F:23:A5:9C:06:29:2A:C6:79:38
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3137362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.176.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:7d:93:85:e6:7a:61:2f:76:1a:62:3a:a2:00:39:1c:fb:aa:
1f:71:22:22:1c:d8:82:de:33:43:27:be:30:9b:23:63:80:6b:
c1:0b:38:83:9c:1e:2c:27:1f:76:9b:ae:f0:12:b2:f6:32:85:
4a:5b:9c:0e:e8:1c:a4:6d:23:fa:ea:3a:37:e7:d6:1e:fe:d3:
e6:aa:a4:fc:2b:0e:6b:29:06:75:c3:75:03:aa:78:5c:92:a6:
54:ff:27:ed:35:2e:c0:56:05:f7:ff:c7:f8:eb:45:af:1a:78:
6c:da:67:87:63:62:98:a0:a9:78:6a:6f:45:a3:97:19:df:97:
40:09:12:27:1d:0d:ea:93:c7:20:ac:e2:83:3b:05:60:af:00:
a2:a3:c7:ec:af:ff:26:ff:42:5c:38:ca:7f:64:1b:50:8b:83:
71:20:bf:42:b2:0a:1f:54:bf:c7:45:3a:45:c7:3d:a2:3f:5c:
66:b0:56:0e:56:9d:e0:30:a4:93:51:c0:ba:d4:fe:45:f6:02:
4d:a8:79:31:77:a5:a7:b4:9d:a2:cc:de:e5:c0:d3:00:18:f4:
2e:2b:19:54:ed:50:c1:47:72:81:a9:b1:ce:fe:a1:64:c7:fe:
f1:c6:00:90:ed:6e:70:74:27:8f:67:aa:3f:b2:7e:e3:b7:f5:
fc:b7:1b:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFbtzo0E/SPj8NRLPSYf72kwvowkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MTIxNjU5MzdaFw0yNTA4MTExNzA0MzdaMDMxMTAvBgNV
BAMTKDNCQTRGQzg4MTJEN0IxODM0MjkwN0YyM0E1OUMwNjI5MkFDNjc5MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxh/nfGgS1EHoOKaGVlTvJADDF
tI2pn05Z9d7JO/p9HSXPrRsGoWnxQtKDdzk/gz0i5plMpPodJy4dzxCnXYpHr+B1
Gr+bN8sFpPm+43tVRpO4SHqB+K94Cq/Ya94XWjseDWb+TjUcEzMgX48M0KhxgznW
kIB+lNc5F0nuKhjZg/TsU2HMGBqXboprupiZlxkhARIDWibk/JrUso9AdAGJ1JWr
AJx3/uA3wlCl1m8W1rPHa1G5bDx+MLHhKGxlNvF2HYwt3xxdcmwZfwGPWF6zwdsP
J9KU56cq3LCppU94uva8Un9oSY7VyV0Bn+hTsuTYgtkEsd6smPfYbJos9rBXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUO6T8iBLXsYNCkH8jpZwGKSrGeTgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzczNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy7AwDQYJKoZIhvcNAQELBQADggEBAKF9k4XmemEvdhpiOqIAORz7qh9xIiIc
2ILeM0MnvjCbI2OAa8ELOIOcHiwnH3abrvASsvYyhUpbnA7oHKRtI/rqOjfn1h7+
0+aqpPwrDmspBnXDdQOqeFySplT/J+01LsBWBff/x/jrRa8aeGzaZ4djYpigqXhq
b0Wjlxnfl0AJEicdDeqTxyCs4oM7BWCvAKKjx+yv/yb/Qlw4yn9kG1CLg3Egv0Ky
Ch9Uv8dFOkXHPaI/XGawVg5WneAwpJNRwLrU/kX2Ak2oeTF3pae0naLM3uXA0wAY
9C4rGVTtUMFHcoGpsc7+oWTH/vHGAJDtbnB0J49nqj+yfuO39fy3Gyk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org