Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e392e33352e302f32342d3234203d3e20313336373837.roa
File: 3139332e392e33352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: eSQC5NQKpGq470+O5hGpos+dZUJM0vVYMM646sz6TXA=
Subject key identifier: 48:E5:76:54:2B:CF:48:0A:47:80:5F:79:39:D6:5F:E0:4F:FB:CC:A2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4C9CBA2F1FE69E2B02E2066BCD685552CE84654C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e392e33352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:28 +0000
ROA not before: Fri 26 Jan 2024 18:57:28 +0000
ROA not after: Fri 24 Jan 2025 19:02:28 +0000
asID: 136787
IP address blocks: 193.9.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:9c:ba:2f:1f:e6:9e:2b:02:e2:06:6b:cd:68:55:52:ce:84:65:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:28 2024 GMT
Not After : Jan 24 19:02:28 2025 GMT
Subject: CN=48E576542BCF480A47805F7939D65FE04FFBCCA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:8c:10:21:75:be:8d:0e:8b:8e:8d:e8:fc:
92:1b:80:ed:40:45:7f:d6:a9:68:cd:75:3f:b7:fe:
93:f6:b5:7b:d5:e5:f6:51:80:9e:fd:a8:c3:c8:52:
b5:5a:02:c1:c0:ec:57:4b:aa:c2:67:ec:98:41:1c:
9a:e8:e4:a3:d2:76:61:5a:00:88:cb:14:f1:77:4e:
32:70:cc:dc:61:4f:71:49:e0:9a:f2:80:05:30:bb:
ee:a0:f8:cc:31:25:c5:d4:b6:2b:8b:00:23:11:15:
eb:50:28:6c:90:09:32:a6:c9:24:15:32:97:99:d9:
83:93:43:e7:39:8c:5d:28:6d:fa:37:cd:aa:b8:e2:
3d:16:d0:40:f7:df:40:2c:86:21:18:77:8b:6c:26:
3f:02:ba:93:2f:8e:b7:d5:bb:bf:7e:ad:ee:97:32:
f5:5e:61:00:f7:07:cc:09:30:81:3a:52:b0:8b:5f:
16:8b:76:b5:d8:7b:d4:4a:65:00:90:59:1c:4d:f2:
13:89:e3:93:19:09:9a:46:24:26:e3:e5:c4:8f:26:
da:9a:a9:67:c4:b6:6b:7e:d9:6f:6c:db:cb:b4:71:
a4:b6:7e:bb:db:09:1e:48:88:6c:a9:f1:31:fd:7c:
c2:c9:2f:4f:6a:ff:77:37:d3:1c:4e:f1:2d:6a:81:
d6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E5:76:54:2B:CF:48:0A:47:80:5F:79:39:D6:5F:E0:4F:FB:CC:A2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e392e33352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.35.0/24
Signature Algorithm: sha256WithRSAEncryption
37:34:de:68:fd:f9:af:4a:83:ca:97:b3:fd:65:53:20:7e:90:
43:4f:1f:36:3e:d8:57:d8:bc:ab:64:83:e2:20:8f:83:d1:f5:
17:46:32:47:af:d5:21:d1:48:40:70:36:3b:ad:2d:34:c3:82:
46:e4:e3:a0:52:be:50:10:a5:07:28:9b:f6:d9:52:68:38:32:
8e:e2:c1:11:23:1d:12:9a:42:3a:50:ea:08:11:dc:cf:fe:94:
e9:f1:63:a0:11:58:df:60:24:b6:d5:e7:69:49:46:14:56:4f:
c7:25:74:70:fc:b4:81:3c:f3:90:76:25:50:43:5f:93:bd:f5:
25:db:ad:ea:37:aa:2e:e1:b0:8f:f4:21:94:78:12:38:3d:0b:
bb:cc:14:70:62:3d:b4:45:8b:a8:96:ec:c3:4c:20:c5:35:dd:
38:ec:20:2a:00:68:06:78:02:75:30:39:7a:af:c7:61:e0:62:
a1:5f:94:e4:61:6d:6d:51:c3:d9:5b:78:5d:28:09:3b:fb:fe:
09:fe:18:f3:ce:60:65:ad:f5:b5:e7:0c:c2:8e:0b:d2:97:dc:
56:b2:3f:83:e3:8e:7e:fb:36:1a:c1:e6:3e:10:07:fd:90:fb:
d8:cd:39:eb:ea:35:7c:f6:b7:a5:0b:5c:71:f7:94:00:7c:e1:
d3:1f:05:ef
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTJy6Lx/mnisC4gZrzWhVUs6EZUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MjhaFw0yNTAxMjQxOTAyMjhaMDMxMTAvBgNV
BAMTKDQ4RTU3NjU0MkJDRjQ4MEE0NzgwNUY3OTM5RDY1RkUwNEZGQkNDQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtVYwQIXW+jQ6Ljo3o/JIbgO1A
RX/WqWjNdT+3/pP2tXvV5fZRgJ79qMPIUrVaAsHA7FdLqsJn7JhBHJro5KPSdmFa
AIjLFPF3TjJwzNxhT3FJ4JrygAUwu+6g+MwxJcXUtiuLACMRFetQKGyQCTKmySQV
MpeZ2YOTQ+c5jF0obfo3zaq44j0W0ED330AshiEYd4tsJj8CupMvjrfVu79+re6X
MvVeYQD3B8wJMIE6UrCLXxaLdrXYe9RKZQCQWRxN8hOJ45MZCZpGJCbj5cSPJtqa
qWfEtmt+2W9s28u0caS2frvbCR5IiGyp8TH9fMLJL09q/3c30xxO8S1qgdaFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSOV2VCvPSApHgF95OdZf4E/7zKIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzOTJlMzMzNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEJ
IzANBgkqhkiG9w0BAQsFAAOCAQEANzTeaP35r0qDypez/WVTIH6QQ08fNj7YV9i8
q2SD4iCPg9H1F0YyR6/VIdFIQHA2O60tNMOCRuTjoFK+UBClByib9tlSaDgyjuLB
ESMdEppCOlDqCBHcz/6U6fFjoBFY32AkttXnaUlGFFZPxyV0cPy0gTzzkHYlUENf
k731Jdut6jeqLuGwj/QhlHgSOD0Lu8wUcGI9tEWLqJbsw0wgxTXdOOwgKgBoBngC
dTA5eq/HYeBioV+U5GFtbVHD2Vt4XSgJO/v+Cf4Y885gZa31tecMwo4L0pfcVrI/
g+OOfvs2GsHmPhAH/ZD72M056+o1fPa3pQtccfeUAHzh0x8F7w==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:59 2024 by rpki-client on console-ams.rpki-client.org