Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136302e302f32342d3234203d3e20313336373837.roa
File: 3139342e3130372e3136302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RsZZ408W5mym2Ch2zQaGcb3o9G60/RZV9CNqIfoT4cI=
Subject key identifier: 0B:B4:F5:67:CD:58:EB:AA:C5:EE:07:0B:53:55:E4:21:57:24:8F:87
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 67B9A3AC9BA109499CF7B18D1336972450409C15
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136302e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 19 Nov 2024 09:54:46 +0000
ROA not before: Tue 19 Nov 2024 09:49:46 +0000
ROA not after: Tue 18 Nov 2025 09:54:46 +0000
asID: 136787
IP address blocks: 194.107.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b9:a3:ac:9b:a1:09:49:9c:f7:b1:8d:13:36:97:24:50:40:9c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 19 09:49:46 2024 GMT
Not After : Nov 18 09:54:46 2025 GMT
Subject: CN=0BB4F567CD58EBAAC5EE070B5355E42157248F87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:45:1b:d2:85:0b:37:a3:45:bc:f4:cc:c1:
10:dc:1a:7b:4c:cc:e3:59:16:a5:f8:b6:37:48:6f:
75:ac:7d:0f:eb:c3:65:cd:8d:ab:d0:b0:c7:b4:28:
26:18:73:68:fb:4b:e4:f7:b3:20:5c:2b:fe:b5:cb:
8a:11:8a:54:fb:a7:a0:ad:03:3e:9b:9b:f8:8b:a9:
1f:b7:fd:ef:65:fc:1a:0e:25:09:1d:c7:89:20:55:
10:d9:c3:ce:26:d4:d7:74:fa:e0:d4:f8:96:fe:68:
e7:b1:76:ab:5a:e1:0a:34:7c:d1:ad:27:3b:98:6c:
d3:59:6f:bc:bb:07:58:34:8c:30:ed:99:4a:43:f9:
d6:ca:6d:86:02:88:ea:54:ae:3e:a9:00:81:c3:47:
d7:a9:b5:f6:8c:23:c1:8b:ac:20:59:44:f5:82:f0:
c4:f7:f0:61:d0:3a:92:b9:11:cd:95:0b:f2:43:77:
19:a6:63:b4:e2:c3:dd:43:fa:66:ac:4b:6e:8b:98:
a0:15:3f:63:49:e9:a2:59:42:ff:34:71:09:b8:3e:
17:89:78:16:27:5f:dc:26:7f:32:04:e3:49:d5:dd:
ab:04:fe:23:af:d1:d5:35:ef:6c:fb:af:28:2c:f0:
5a:5f:b3:73:95:79:8d:fd:04:9c:94:3c:bc:59:a8:
52:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B4:F5:67:CD:58:EB:AA:C5:EE:07:0B:53:55:E4:21:57:24:8F:87
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.160.0/24
Signature Algorithm: sha256WithRSAEncryption
13:00:8e:cd:51:e9:d6:0f:42:fd:18:a9:02:02:bf:b6:63:da:
62:1a:d5:54:5e:0e:27:f6:56:61:53:fd:3d:2f:3a:0c:fd:a3:
bc:ff:4d:81:3f:8e:c6:10:e3:22:ba:b6:d4:12:33:30:0d:44:
dd:44:a4:5d:29:cc:cd:94:07:8c:af:87:51:2d:7f:00:0d:b3:
16:1f:67:3f:9d:05:4f:cf:f3:d8:e1:e9:87:9d:7f:3b:0d:12:
75:9e:6b:11:ce:04:e1:52:02:2a:b1:e9:d1:57:a1:9b:e1:06:
aa:df:4b:37:67:79:6a:6d:10:19:e4:fa:3b:27:11:b3:72:4d:
eb:19:0e:bc:25:3c:b6:37:47:ac:be:06:b1:02:d4:48:f3:9d:
85:20:10:d0:28:82:5d:1c:65:0c:80:ce:fb:5b:e1:72:68:a2:
f9:d7:83:9d:84:52:e3:61:99:4f:3f:87:2c:71:df:b0:71:a8:
92:c5:17:7d:75:11:6d:fe:37:cb:e1:ff:78:a7:a4:d5:e6:37:
cc:59:b9:07:7c:96:58:5a:e3:3e:8b:97:32:86:4a:ac:3c:32:
da:33:c5:76:09:e0:57:9e:ec:eb:73:75:00:88:4f:06:b4:4d:
31:a9:6d:92:da:a2:c7:31:27:d3:db:31:dd:8f:81:85:3a:d9:
0d:b8:4d:58
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZ7mjrJuhCUmc97GNEzaXJFBAnBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTkwOTQ5NDZaFw0yNTExMTgwOTU0NDZaMDMxMTAvBgNV
BAMTKDBCQjRGNTY3Q0Q1OEVCQUFDNUVFMDcwQjUzNTVFNDIxNTcyNDhGODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzy0Ub0oULN6NFvPTMwRDcGntM
zONZFqX4tjdIb3WsfQ/rw2XNjavQsMe0KCYYc2j7S+T3syBcK/61y4oRilT7p6Ct
Az6bm/iLqR+3/e9l/BoOJQkdx4kgVRDZw84m1Nd0+uDU+Jb+aOexdqta4Qo0fNGt
JzuYbNNZb7y7B1g0jDDtmUpD+dbKbYYCiOpUrj6pAIHDR9eptfaMI8GLrCBZRPWC
8MT38GHQOpK5Ec2VC/JDdxmmY7Tiw91D+masS26LmKAVP2NJ6aJZQv80cQm4PheJ
eBYnX9wmfzIE40nV3asE/iOv0dU172z7rygs8Fpfs3OVeY39BJyUPLxZqFKjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUC7T1Z81Y66rF7gcLU1XkIVckj4cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTMwMzcyZTMx
MzYzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJroDANBgkqhkiG9w0BAQsFAAOCAQEAEwCOzVHp1g9C/RipAgK/tmPaYhrV
VF4OJ/ZWYVP9PS86DP2jvP9NgT+OxhDjIrq21BIzMA1E3USkXSnMzZQHjK+HUS1/
AA2zFh9nP50FT8/z2OHph51/Ow0SdZ5rEc4E4VICKrHp0Vehm+EGqt9LN2d5am0Q
GeT6OycRs3JN6xkOvCU8tjdHrL4GsQLUSPOdhSAQ0CiCXRxlDIDO+1vhcmii+deD
nYRS42GZTz+HLHHfsHGoksUXfXURbf43y+H/eKek1eY3zFm5B3yWWFrjPouXMoZK
rDwy2jPFdgngV57s63N1AIhPBrRNMaltktqixzEn09sx3Y+BhTrZDbhNWA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org