Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: pz9jzrD1JzT4WFIFfGI+sMzKNQistZtvRKm0yFVNAxk=
Subject key identifier: B6:7C:47:B8:46:17:4E:B3:DA:25:58:4F:24:C2:88:53:23:72:E1:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 68FADCF5686C005CE972A9CB322FEA35562B0B20
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
Signing time: Mon 12 Aug 2024 17:04:37 +0000
ROA not before: Mon 12 Aug 2024 16:59:37 +0000
ROA not after: Mon 11 Aug 2025 17:04:37 +0000
asID: 47583
IP address blocks: 193.203.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:fa:dc:f5:68:6c:00:5c:e9:72:a9:cb:32:2f:ea:35:56:2b:0b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 12 16:59:37 2024 GMT
Not After : Aug 11 17:04:37 2025 GMT
Subject: CN=B67C47B846174EB3DA25584F24C288532372E1AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:34:bc:88:c0:de:2a:86:a3:19:a7:93:d3:
97:08:39:8d:7d:38:59:4f:36:a6:f2:75:a4:87:67:
3a:d6:df:e3:d8:9b:58:3e:37:a9:2c:f1:e3:ef:96:
fa:5b:f7:1b:b2:20:08:eb:6c:e0:82:a9:05:f9:ba:
5f:17:6e:e4:2b:9e:10:70:ff:46:86:29:23:f0:76:
02:f6:e4:5c:d4:cc:88:89:43:4e:fb:0f:b1:b0:89:
15:35:eb:19:47:ce:15:8a:c9:12:57:37:e6:c9:a4:
b5:a8:e4:e6:6c:32:b6:67:9c:00:92:ba:90:74:31:
de:c3:e1:88:08:06:2e:51:a1:60:5b:cb:46:d9:d6:
b6:f2:cb:14:c3:93:f2:4e:54:e8:3a:6e:71:03:2e:
5b:20:55:e3:db:3d:ba:05:f7:a1:92:55:50:5f:8b:
6a:06:7d:73:e8:4a:0c:e7:49:c6:c2:97:0d:f4:6e:
96:76:49:9f:4f:4b:0a:e3:e2:64:49:90:2b:af:5a:
92:d9:3f:dd:86:61:c3:61:81:f3:a2:f1:74:db:9d:
ef:b1:ea:01:2e:11:b9:af:d2:5a:84:e0:cb:d7:91:
37:af:29:97:3b:e0:82:ce:35:5c:f5:c4:2c:06:59:
57:1c:00:0e:45:9a:cb:f6:72:69:09:6c:f9:9d:87:
22:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7C:47:B8:46:17:4E:B3:DA:25:58:4F:24:C2:88:53:23:72:E1:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.180.0/22
Signature Algorithm: sha256WithRSAEncryption
70:44:d5:95:fd:2a:39:7f:db:11:b9:89:e6:99:b5:c7:0d:25:
03:46:ea:af:67:d2:82:91:07:e6:a2:4a:4a:4e:46:f9:8b:87:
84:49:c5:71:9c:72:bf:2f:3a:e6:cc:cf:71:6f:20:6e:38:78:
6f:b9:f2:14:a5:fe:ae:38:10:80:82:8b:62:e1:fe:a0:20:5b:
29:ee:f7:41:6b:f5:55:53:3a:02:df:c6:e5:b5:ca:dc:c2:c1:
e2:ba:da:b8:1d:f0:e4:45:ba:04:77:a5:bf:be:60:2c:41:49:
f8:d0:cf:73:4e:45:e9:2d:45:c7:0b:32:1e:17:f6:af:e5:33:
c0:31:6b:c0:3c:58:1e:90:1f:23:67:7b:03:26:cd:9f:c7:a7:
40:39:a4:25:99:a1:20:59:f8:bd:28:37:c4:c9:9f:4c:90:11:
22:c8:30:04:15:42:cb:46:28:a4:6b:75:08:dc:ff:a9:27:b2:
bc:41:f6:80:d5:88:f1:67:80:c4:22:eb:63:fa:fa:ec:93:65:
d2:30:37:7a:03:42:54:bf:3e:d8:74:76:4f:e9:da:97:e2:f5:
d0:74:e5:fb:2a:8c:2b:6d:9a:1f:4e:8c:32:29:bc:c4:44:ee:
56:29:3a:3a:bd:83:80:5c:f6:8c:b3:60:38:2e:83:e7:b5:85:
72:92:3c:47
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaPrc9WhsAFzpcqnLMi/qNVYrCyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MTIxNjU5MzdaFw0yNTA4MTExNzA0MzdaMDMxMTAvBgNV
BAMTKEI2N0M0N0I4NDYxNzRFQjNEQTI1NTg0RjI0QzI4ODUzMjM3MkUxQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFNjS8iMDeKoajGaeT05cIOY19
OFlPNqbydaSHZzrW3+PYm1g+N6ks8ePvlvpb9xuyIAjrbOCCqQX5ul8XbuQrnhBw
/0aGKSPwdgL25FzUzIiJQ077D7GwiRU16xlHzhWKyRJXN+bJpLWo5OZsMrZnnACS
upB0Md7D4YgIBi5RoWBby0bZ1rbyyxTDk/JOVOg6bnEDLlsgVePbPboF96GSVVBf
i2oGfXPoSgznScbClw30bpZ2SZ9PSwrj4mRJkCuvWpLZP92GYcNhgfOi8XTbne+x
6gEuEbmv0lqE4MvXkTevKZc74ILONVz1xCwGWVccAA5Fmsv2cmkJbPmdhyL5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtnxHuEYXTrPaJVhPJMKIUyNy4aowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzgzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy7QwDQYJKoZIhvcNAQELBQADggEBAHBE1ZX9Kjl/2xG5ieaZtccNJQNG6q9n
0oKRB+aiSkpORvmLh4RJxXGccr8vOubMz3FvIG44eG+58hSl/q44EICCi2Lh/qAg
Wynu90Fr9VVTOgLfxuW1ytzCweK62rgd8ORFugR3pb++YCxBSfjQz3NORektRccL
Mh4X9q/lM8Axa8A8WB6QHyNnewMmzZ/Hp0A5pCWZoSBZ+L0oN8TJn0yQESLIMAQV
QstGKKRrdQjc/6knsrxB9oDViPFngMQi62P6+uyTZdIwN3oDQlS/Pth0dk/p2pfi
9dB05fsqjCttmh9OjDIpvMRE7lYpOjq9g4Bc9oyzYDgug+e1hXKSPEc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org