Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
File: 3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa (raw, json)
Hash identifier: B/ykDs0S4vy2qN6TUtMALmc5yLI7gjZtvD12Br6qjEw=
Subject key identifier: 2E:6D:03:07:CA:57:89:DD:10:0F:CE:55:39:2C:B0:07:00:16:75:A4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2803B0F782231DEBD4828E3BC821D094390CD4D0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
Signing time: Mon 26 Feb 2024 08:53:14 +0000
ROA not before: Mon 26 Feb 2024 08:48:14 +0000
ROA not after: Mon 24 Feb 2025 08:53:14 +0000
asID: 40021
IP address blocks: 194.140.196.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:03:b0:f7:82:23:1d:eb:d4:82:8e:3b:c8:21:d0:94:39:0c:d4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:14 2024 GMT
Not After : Feb 24 08:53:14 2025 GMT
Subject: CN=2E6D0307CA5789DD100FCE55392CB007001675A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:18:d0:c0:2e:c0:81:cc:ec:a1:88:cf:be:
de:d2:b1:34:64:9d:45:c4:70:2e:a0:f3:ad:c6:c9:
3a:59:a8:4c:ae:7b:84:ea:92:5e:06:61:f4:a3:dc:
1a:00:63:8c:81:42:16:c5:ed:3a:17:41:a9:4e:fb:
88:38:0d:9b:07:1d:ec:6c:ed:80:00:b3:a5:4f:9f:
55:bb:68:d1:9c:cb:c3:ea:e1:c3:ac:ce:9d:67:52:
26:de:bf:3e:db:b9:f9:9c:68:52:2b:5a:4e:0c:d8:
17:a0:c0:72:eb:66:40:d8:bc:9b:5e:c2:0e:62:93:
2d:2a:25:7a:59:8e:70:ff:ce:3d:1c:25:a6:ed:ce:
e4:7f:51:44:ea:9f:66:23:07:f8:31:6f:cf:34:24:
dc:3c:de:58:91:7c:4c:b0:03:d9:c4:f9:0a:d4:48:
7a:0a:42:db:17:33:ea:8a:5f:a1:18:19:6a:a7:7d:
75:c4:58:6f:45:13:4d:3e:86:2f:b1:d5:1c:28:9f:
af:fc:1c:d7:0c:07:00:65:74:1c:18:07:47:d2:5d:
3f:b8:7d:43:64:4c:89:f1:34:3f:5f:9b:29:09:11:
43:32:74:6d:e2:dd:28:85:b8:8d:54:4e:1a:37:3a:
88:5c:09:33:6f:15:98:df:3a:83:9d:9c:d5:76:41:
1c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6D:03:07:CA:57:89:DD:10:0F:CE:55:39:2C:B0:07:00:16:75:A4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.196.0/22
Signature Algorithm: sha256WithRSAEncryption
02:83:80:e0:04:d7:d1:74:3b:bc:45:a0:e1:a0:a4:9f:c2:22:
46:30:f9:fb:d4:c8:84:23:07:36:36:64:ae:52:67:2b:ec:6a:
c6:ac:af:b0:41:94:a1:ac:42:91:16:80:42:63:7b:53:98:1b:
66:8b:1f:39:13:74:37:81:0e:df:f8:c5:26:2a:86:11:14:4d:
d3:6a:b7:e7:8a:9f:7b:50:ba:80:9f:b4:16:ee:b6:12:8d:b2:
9f:cb:99:3e:bd:19:61:ce:fa:2a:83:ed:61:9c:97:87:f0:e4:
3e:46:f7:90:a8:86:c3:68:01:1b:0e:34:2a:13:c7:90:02:97:
5b:fe:d0:d2:56:a4:82:3c:f8:84:e8:52:41:6c:42:65:38:1b:
7c:41:a9:a9:6b:1f:e6:fb:30:1d:b6:6d:57:29:4f:77:48:0c:
f9:bf:15:e1:38:23:6b:7f:d9:51:e3:7c:34:31:4f:4b:bb:22:
ec:f6:ca:c6:f3:17:9d:a6:55:42:35:9a:6f:4d:e1:7f:de:2c:
77:40:28:64:16:8e:71:c3:23:db:1c:f9:f1:85:92:ab:2a:3c:
6f:00:b9:06:90:6d:fd:6e:22:f1:cd:84:24:67:4a:f5:72:de:
14:14:80:f0:67:33:de:a5:c1:44:f7:3e:21:0f:20:da:f9:94:
10:22:72:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKAOw94IjHevUgo47yCHQlDkM1NAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTRaFw0yNTAyMjQwODUzMTRaMDMxMTAvBgNV
BAMTKDJFNkQwMzA3Q0E1Nzg5REQxMDBGQ0U1NTM5MkNCMDA3MDAxNjc1QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGohjQwC7AgczsoYjPvt7SsTRk
nUXEcC6g863GyTpZqEyue4Tqkl4GYfSj3BoAY4yBQhbF7ToXQalO+4g4DZsHHexs
7YAAs6VPn1W7aNGcy8Pq4cOszp1nUibevz7bufmcaFIrWk4M2BegwHLrZkDYvJte
wg5iky0qJXpZjnD/zj0cJabtzuR/UUTqn2YjB/gxb880JNw83liRfEywA9nE+QrU
SHoKQtsXM+qKX6EYGWqnfXXEWG9FE00+hi+x1Rwon6/8HNcMBwBldBwYB0fSXT+4
fUNkTInxND9fmykJEUMydG3i3SiFuI1UTho3OohcCTNvFZjfOoOdnNV2QRxTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULm0DB8pXid0QD85VOSywBwAWdaQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM0MzAyZTMx
MzkzNjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALCjMQwDQYJKoZIhvcNAQELBQADggEBAAKDgOAE19F0O7xFoOGgpJ/CIkYw+fvU
yIQjBzY2ZK5SZyvsasasr7BBlKGsQpEWgEJje1OYG2aLHzkTdDeBDt/4xSYqhhEU
TdNqt+eKn3tQuoCftBbuthKNsp/LmT69GWHO+iqD7WGcl4fw5D5G95CohsNoARsO
NCoTx5ACl1v+0NJWpII8+IToUkFsQmU4G3xBqalrH+b7MB22bVcpT3dIDPm/FeE4
I2t/2VHjfDQxT0u7Iuz2ysbzF52mVUI1mm9N4X/eLHdAKGQWjnHDI9sc+fGFkqsq
PG8AuQaQbf1uIvHNhCRnSvVy3hQUgPBnM96lwUT3PiEPINr5lBAicgk=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org