Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
File: 3139332e34322e3133372e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: uhYamfSQpMTig59uB2rRzC695QJc7ZLWqUhqlQYAO5E=
Subject key identifier: C9:C2:9E:6D:2A:19:C9:7B:80:72:D4:A0:CF:FD:17:B7:E6:C6:C2:DD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3AAA751D7D37EC43AFF1E7E0297A27F7D3F184F4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:23 +0000
ROA not before: Mon 26 Feb 2024 08:48:23 +0000
ROA not after: Mon 24 Feb 2025 08:53:23 +0000
asID: 47583
IP address blocks: 193.42.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:aa:75:1d:7d:37:ec:43:af:f1:e7:e0:29:7a:27:f7:d3:f1:84:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:23 2024 GMT
Not After : Feb 24 08:53:23 2025 GMT
Subject: CN=C9C29E6D2A19C97B8072D4A0CFFD17B7E6C6C2DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:46:5c:45:91:72:af:b3:ef:7d:0b:6f:93:80:
2f:8d:63:f1:84:b8:a3:40:ec:ac:7e:e2:e1:e3:22:
6e:c1:37:48:3b:67:d4:d1:4c:1f:ff:d4:81:7d:66:
12:12:b2:d0:9c:96:13:9d:17:02:cd:a7:19:c3:b9:
c7:05:8f:0d:32:89:85:a0:7d:3e:9a:60:e2:42:bd:
39:85:98:26:4f:cb:2d:e1:fa:81:e5:da:f4:1e:40:
74:26:48:dd:0c:75:8b:3d:fe:31:ad:73:4d:e2:5c:
29:fa:bd:79:9e:e2:1e:b2:a8:95:d1:ee:de:54:d3:
82:94:3d:7e:8c:83:93:70:22:0e:7b:1e:34:27:0f:
a4:50:1d:2a:73:b7:e4:73:fa:18:bf:74:a0:c6:d2:
a6:9a:4e:f4:90:96:c5:8f:84:47:e2:ff:10:45:20:
cf:71:e4:64:7a:52:20:c2:e5:56:85:ce:8f:e2:e3:
ee:b5:f5:e2:fe:a3:0c:32:52:4b:69:0c:b7:45:67:
c5:ac:14:74:e5:89:6e:63:f4:07:37:01:4b:5d:34:
9d:31:2d:b0:83:9f:59:6b:47:0a:71:8d:6e:1b:5e:
21:67:4e:1a:36:ab:db:eb:cb:a0:ff:4b:0f:71:f6:
98:36:13:65:26:1d:f8:53:d6:45:9f:d1:f8:f3:54:
c0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C2:9E:6D:2A:19:C9:7B:80:72:D4:A0:CF:FD:17:B7:E6:C6:C2:DD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:37:02:df:e6:34:fc:4a:fb:03:7c:80:87:43:31:dd:97:83:
d3:19:e1:ec:f5:d3:da:5b:d0:49:83:3b:32:5f:98:02:fd:00:
a9:41:34:9e:c9:83:df:2d:7e:80:90:a0:ac:ee:89:db:b4:9b:
60:89:02:d5:fa:62:78:d2:bf:28:0b:bf:b4:f1:1c:c5:55:a8:
63:81:39:7d:1b:59:b8:e1:f5:26:34:82:f0:59:69:1c:49:1d:
dd:5c:5f:3e:ec:7f:cf:e9:a1:11:ee:8c:26:7b:aa:aa:a9:09:
ad:28:fb:d9:a2:7c:b0:80:83:53:a1:6c:0f:c6:a1:85:30:fb:
fa:79:fa:d4:f8:52:2c:43:c0:61:9c:f3:cc:24:55:a7:26:35:
09:f7:f3:90:a1:13:8d:4e:ad:3e:31:f8:94:d1:98:14:b3:fc:
45:4c:c4:f6:97:37:5f:e5:ff:91:33:46:a0:cf:e7:9f:e6:f1:
fc:e4:60:a6:b7:fa:fc:99:9c:29:19:89:9d:e1:41:47:45:26:
4b:b4:32:34:09:48:75:88:9e:c7:69:53:56:db:28:45:70:0f:
af:5c:19:cf:85:63:bd:b5:1a:69:1d:54:63:c5:9e:15:18:32:
f7:e2:da:61:12:5d:18:52:85:d4:32:4f:36:88:12:82:89:0b:
46:48:22:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOqp1HX037EOv8efgKXon99PxhPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjNaFw0yNTAyMjQwODUzMjNaMDMxMTAvBgNV
BAMTKEM5QzI5RTZEMkExOUM5N0I4MDcyRDRBMENGRkQxN0I3RTZDNkMyREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcRlxFkXKvs+99C2+TgC+NY/GE
uKNA7Kx+4uHjIm7BN0g7Z9TRTB//1IF9ZhISstCclhOdFwLNpxnDuccFjw0yiYWg
fT6aYOJCvTmFmCZPyy3h+oHl2vQeQHQmSN0MdYs9/jGtc03iXCn6vXme4h6yqJXR
7t5U04KUPX6Mg5NwIg57HjQnD6RQHSpzt+Rz+hi/dKDG0qaaTvSQlsWPhEfi/xBF
IM9x5GR6UiDC5VaFzo/i4+619eL+owwyUktpDLdFZ8WsFHTliW5j9Ac3AUtdNJ0x
LbCDn1lrRwpxjW4bXiFnTho2q9vry6D/Sw9x9pg2E2UmHfhT1kWf0fjzVMA9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUycKebSoZyXuActSgz/0Xt+bGwt0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzNDMyMmUzMTMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSqJMA0GCSqGSIb3DQEBCwUAA4IBAQBPNwLf5jT8SvsDfICHQzHdl4PTGeHs9dPa
W9BJgzsyX5gC/QCpQTSeyYPfLX6AkKCs7onbtJtgiQLV+mJ40r8oC7+08RzFVahj
gTl9G1m44fUmNILwWWkcSR3dXF8+7H/P6aER7owme6qqqQmtKPvZonywgINToWwP
xqGFMPv6efrU+FIsQ8BhnPPMJFWnJjUJ9/OQoRONTq0+MfiU0ZgUs/xFTMT2lzdf
5f+RM0agz+ef5vH85GCmt/r8mZwpGYmd4UFHRSZLtDI0CUh1iJ7HaVNW2yhFcA+v
XBnPhWO9tRppHVRjxZ4VGDL34tphEl0YUoXUMk82iBKCiQtGSCK1
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:57 2024 by rpki-client on console-fra.rpki-client.org