Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e302e302f32302d3234203d3e20323034313730.roa
File: 3139342e3136332e302e302f32302d3234203d3e20323034313730.roa (raw, json)
Hash identifier: /+GhNd3ClKXCLdovcSwK6Pj3wBauMiwzG/EN9VZEl+U=
Subject key identifier: C2:75:DD:5F:55:BC:BC:4B:6C:89:2B:23:DA:BD:02:6A:13:54:E7:A9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4279DD788DE36DFEF32D47F376A07609080041EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e302e302f32302d3234203d3e20323034313730.roa
Signing time: Mon 27 Jan 2025 09:45:03 +0000
ROA not before: Mon 27 Jan 2025 09:40:03 +0000
ROA not after: Mon 26 Jan 2026 09:45:03 +0000
asID: 204170
IP address blocks: 194.163.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:79:dd:78:8d:e3:6d:fe:f3:2d:47:f3:76:a0:76:09:08:00:41:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:03 2025 GMT
Not After : Jan 26 09:45:03 2026 GMT
Subject: CN=C275DD5F55BCBC4B6C892B23DABD026A1354E7A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3f:63:cf:6f:83:14:b7:d0:d6:26:a7:0f:ca:
f1:f5:d2:f1:0a:c5:86:44:bf:0f:f6:56:c5:13:75:
ea:b3:e4:51:95:64:cc:f7:5a:a4:3d:29:3f:97:dd:
c3:d1:2e:8a:cb:87:7c:0a:f2:57:2f:0d:57:22:28:
64:82:0a:ca:f2:f9:f2:f5:1e:f3:3b:ab:71:d6:02:
01:c3:05:3d:f8:38:29:9b:39:72:4c:07:63:c4:59:
d0:1b:91:97:2a:62:53:97:fc:7a:17:68:bb:f6:4b:
38:7f:e5:a8:33:62:e4:f7:8e:1b:b9:09:03:23:35:
79:22:2f:18:b8:c4:85:15:ed:b9:37:f4:f3:0c:ea:
39:08:83:24:aa:7b:4c:9d:0e:dd:3b:30:a5:f7:8a:
37:a5:37:a6:e4:b5:2e:30:5c:b9:f1:0d:41:3b:10:
6a:e3:f8:a0:f9:c9:50:ec:71:dd:b6:97:e1:34:92:
dc:4a:d2:74:2b:20:c2:77:1d:f5:76:9a:b3:57:2a:
eb:d6:05:95:bc:db:cb:72:39:cd:c4:b8:de:8d:bc:
58:c5:09:bb:b9:4c:38:b0:e0:9a:5e:cc:f0:92:39:
35:ff:a8:80:47:6a:ec:4d:e2:cf:c0:a1:3d:ec:e2:
bc:7c:f5:51:60:e2:9f:9c:fc:90:6a:49:4d:0d:29:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:75:DD:5F:55:BC:BC:4B:6C:89:2B:23:DA:BD:02:6A:13:54:E7:A9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e302e302f32302d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.0.0/20
Signature Algorithm: sha256WithRSAEncryption
37:e0:73:c0:a4:99:b8:6e:77:0b:23:98:9c:07:54:4e:ba:d6:
53:c1:ed:a4:11:ed:70:d2:9f:8f:9c:cf:90:b6:b6:a6:98:67:
2b:a9:2c:08:7b:e2:1a:54:2c:af:20:c4:37:ff:0a:c8:00:1e:
1d:59:66:58:01:3b:13:08:c9:ea:64:fd:3a:b3:50:6d:b6:9f:
ea:c8:3a:6a:b9:3b:61:12:1b:d0:1b:12:cc:3a:41:14:12:91:
58:53:31:c4:ef:28:04:60:69:6a:ac:82:a3:7b:7e:b1:ec:27:
42:25:61:33:08:6c:42:f6:06:86:7c:53:a3:91:dc:06:75:f7:
84:bd:06:ea:14:41:d2:ab:c9:b2:08:be:4d:4d:22:ff:b5:15:
32:19:a9:a4:f0:c9:96:68:64:c3:f9:f9:07:40:bd:ee:a4:dd:
70:16:37:33:7c:c3:89:ef:12:40:ae:ef:d8:c5:28:7e:56:84:
95:6c:89:36:a1:18:ca:25:ba:d8:dd:6e:3d:d4:c7:0d:12:2a:
6f:62:f1:6a:86:91:0f:49:3b:15:50:bf:13:f1:60:52:f3:93:
05:f2:30:df:cb:b5:b1:0a:a0:5a:03:9f:a4:ba:55:e3:05:2b:
01:42:10:78:f3:85:23:c0:4e:75:df:13:b3:1e:a0:ba:3b:34:
5e:0e:3d:a5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQnndeI3jbf7zLUfzdqB2CQgAQeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDNaFw0yNjAxMjYwOTQ1MDNaMDMxMTAvBgNV
BAMTKEMyNzVERDVGNTVCQ0JDNEI2Qzg5MkIyM0RBQkQwMjZBMTM1NEU3QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjP2PPb4MUt9DWJqcPyvH10vEK
xYZEvw/2VsUTdeqz5FGVZMz3WqQ9KT+X3cPRLorLh3wK8lcvDVciKGSCCsry+fL1
HvM7q3HWAgHDBT34OCmbOXJMB2PEWdAbkZcqYlOX/HoXaLv2Szh/5agzYuT3jhu5
CQMjNXkiLxi4xIUV7bk39PMM6jkIgySqe0ydDt07MKX3ijelN6bktS4wXLnxDUE7
EGrj+KD5yVDscd22l+E0ktxK0nQrIMJ3HfV2mrNXKuvWBZW828tyOc3EuN6NvFjF
Cbu5TDiw4JpezPCSOTX/qIBHauxN4s/AoT3s4rx89VFg4p+c/JBqSU0NKQWDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwnXdX1W8vEtsiSsj2r0CahNU56kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM2MzMyZTMw
MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
wqMAMA0GCSqGSIb3DQEBCwUAA4IBAQA34HPApJm4bncLI5icB1ROutZTwe2kEe1w
0p+PnM+QtrammGcrqSwIe+IaVCyvIMQ3/wrIAB4dWWZYATsTCMnqZP06s1Bttp/q
yDpquTthEhvQGxLMOkEUEpFYUzHE7ygEYGlqrIKje36x7CdCJWEzCGxC9gaGfFOj
kdwGdfeEvQbqFEHSq8myCL5NTSL/tRUyGamk8MmWaGTD+fkHQL3upN1wFjczfMOJ
7xJAru/YxSh+VoSVbIk2oRjKJbrY3W491McNEipvYvFqhpEPSTsVUL8T8WBS85MF
8jDfy7WxCqBaA5+kulXjBSsBQhB484UjwE513xOzHqC6OzReDj2l
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:38 2025 by rpki-client