Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
File: 3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /rbjb9guwkor9gGau1k7kOo5mQF7eqqR13KziRiPqhI=
Subject key identifier: F3:1C:8D:71:A9:C2:15:1C:6B:DE:A4:AE:49:77:38:96:6E:C2:C6:55
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42DD163FDED9FFA83CD47B5FDBC0DE8CF63E18E4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 19 Nov 2024 09:55:26 +0000
ROA not before: Tue 19 Nov 2024 09:50:26 +0000
ROA not after: Tue 18 Nov 2025 09:55:26 +0000
asID: 136787
IP address blocks: 194.107.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:dd:16:3f:de:d9:ff:a8:3c:d4:7b:5f:db:c0:de:8c:f6:3e:18:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 19 09:50:26 2024 GMT
Not After : Nov 18 09:55:26 2025 GMT
Subject: CN=F31C8D71A9C2151C6BDEA4AE497738966EC2C655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4e:c7:94:a3:df:02:6e:d7:34:0a:30:6e:01:
28:71:e5:1d:6f:12:4b:8a:99:68:8f:cb:c6:de:41:
6e:b0:07:93:de:5f:5c:fd:e2:0c:7f:4b:0b:76:d5:
41:e9:bf:8f:a7:1a:7b:ec:9a:e9:30:00:0a:00:72:
79:b9:59:ca:72:ec:e9:28:7b:e9:b3:c0:24:a5:4e:
7a:a6:f8:c7:79:d8:9a:a9:50:af:4e:b2:a1:1a:93:
37:69:a2:7f:78:c3:01:e1:eb:6b:b9:03:f7:8c:05:
fd:8e:65:09:59:b5:ca:1f:4f:20:9e:2d:9d:0b:e9:
dc:3e:e8:a9:42:9b:8f:f0:b7:a5:7e:85:6d:bc:f9:
85:3d:f5:c7:23:52:0e:74:db:43:32:10:ca:06:7b:
1b:f6:26:a9:e1:bd:34:f1:1d:dc:ab:5c:31:5d:81:
e9:a7:82:85:ac:44:92:39:24:06:c6:86:aa:e2:93:
be:b8:41:ab:25:a8:26:9b:12:4a:e0:4a:63:59:15:
6b:a7:0c:27:50:21:c3:f9:e9:07:c1:ce:01:57:3a:
83:47:be:b8:c1:9a:05:5d:09:26:02:f5:14:a4:7c:
79:9a:3a:76:8a:6e:49:08:e2:8b:91:a8:03:a6:44:
e5:45:d1:f9:00:ae:c0:a3:4c:83:ad:3b:af:a8:ad:
77:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1C:8D:71:A9:C2:15:1C:6B:DE:A4:AE:49:77:38:96:6E:C2:C6:55
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.162.0/24
Signature Algorithm: sha256WithRSAEncryption
50:fd:e9:06:91:91:0e:9a:36:e8:ab:25:12:83:3e:9f:c6:de:
3b:2e:c7:2c:df:be:c7:34:a4:4e:99:42:95:91:65:d9:de:58:
54:6c:5a:e5:5c:b6:5a:93:bf:ca:e8:1e:0a:40:16:19:9d:c6:
bb:27:be:12:5c:d5:d1:b2:64:f8:d7:1b:ea:57:d8:de:e4:10:
66:7f:9f:50:b8:09:00:43:3b:c9:7b:3f:62:c8:3b:d7:d0:27:
6e:2d:7e:b0:28:da:92:a1:9c:76:7b:08:9c:46:b9:62:7e:7c:
9f:35:63:b9:45:f1:61:a0:3c:d3:86:fb:cb:2d:1b:77:d2:7e:
18:86:d5:07:58:03:76:38:3d:29:c5:ce:22:1c:b9:e4:54:f7:
81:fc:bf:80:00:e1:02:f6:3b:17:a3:0e:8c:98:06:ff:90:6c:
73:04:ca:e8:9e:73:2d:b9:c1:93:5b:50:9d:ee:e5:a5:8d:64:
c7:97:1f:88:2a:95:17:21:2b:9d:57:1a:a3:b1:3e:16:38:e7:
b2:72:f9:4a:41:cb:67:05:35:ae:91:b6:32:d1:10:1f:d5:39:
78:fe:34:bf:47:bd:10:c5:a7:1b:7f:3a:ca:37:c0:37:6b:ef:
45:6d:5d:99:cd:88:26:47:a5:b5:bc:de:cb:a3:d5:f4:bf:db:
a6:34:6a:5c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQt0WP97Z/6g81Htf28DejPY+GOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTkwOTUwMjZaFw0yNTExMTgwOTU1MjZaMDMxMTAvBgNV
BAMTKEYzMUM4RDcxQTlDMjE1MUM2QkRFQTRBRTQ5NzczODk2NkVDMkM2NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUTseUo98Cbtc0CjBuAShx5R1v
EkuKmWiPy8beQW6wB5PeX1z94gx/Swt21UHpv4+nGnvsmukwAAoAcnm5Wcpy7Oko
e+mzwCSlTnqm+Md52JqpUK9OsqEakzdpon94wwHh62u5A/eMBf2OZQlZtcofTyCe
LZ0L6dw+6KlCm4/wt6V+hW28+YU99ccjUg5020MyEMoGexv2JqnhvTTxHdyrXDFd
gemngoWsRJI5JAbGhqrik764QaslqCabEkrgSmNZFWunDCdQIcP56QfBzgFXOoNH
vrjBmgVdCSYC9RSkfHmaOnaKbkkI4ouRqAOmROVF0fkArsCjTIOtO6+orXdhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8xyNcanCFRxr3qSuSXc4lm7CxlUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTMwMzcyZTMx
MzYzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJrojANBgkqhkiG9w0BAQsFAAOCAQEAUP3pBpGRDpo26KslEoM+n8beOy7H
LN++xzSkTplClZFl2d5YVGxa5Vy2WpO/yugeCkAWGZ3Guye+ElzV0bJk+Ncb6lfY
3uQQZn+fULgJAEM7yXs/Ysg719Anbi1+sCjakqGcdnsInEa5Yn58nzVjuUXxYaA8
04b7yy0bd9J+GIbVB1gDdjg9KcXOIhy55FT3gfy/gADhAvY7F6MOjJgG/5BscwTK
6J5zLbnBk1tQne7lpY1kx5cfiCqVFyErnVcao7E+FjjnsnL5SkHLZwU1rpG2MtEQ
H9U5eP40v0e9EMWnG386yjfAN2vvRW1dmc2IJkeltbzey6PV9L/bpjRqXA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org