Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
File: 3139342e3136332e34342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: +bo7163g5O4M3+IJallzppMD63h51xI10n218uaH1mc=
Subject key identifier: 3A:68:9F:4F:95:B2:20:EC:74:DA:15:7A:F8:A8:74:82:FC:47:23:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D9FB76BA42C4B7A908ED9959DA7CF6FD679AA29
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:03 +0000
ROA not before: Mon 26 Feb 2024 08:48:03 +0000
ROA not after: Mon 24 Feb 2025 08:53:03 +0000
asID: 47583
IP address blocks: 194.163.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:9f:b7:6b:a4:2c:4b:7a:90:8e:d9:95:9d:a7:cf:6f:d6:79:aa:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:03 2024 GMT
Not After : Feb 24 08:53:03 2025 GMT
Subject: CN=3A689F4F95B220EC74DA157AF8A87482FC472381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bb:07:d8:b5:b3:54:ea:67:e5:61:f1:09:3e:
30:13:a1:56:d6:65:ac:a1:7c:3c:d4:3e:d4:f3:4c:
73:b3:ba:49:91:8f:65:fa:f5:17:2d:ef:44:3b:64:
74:2c:7f:75:70:64:bf:aa:3a:b6:e0:e1:61:ce:6c:
e9:84:da:44:e5:47:96:e6:95:e5:da:f1:4f:ed:f2:
9b:05:b3:f9:6d:91:a0:86:b3:da:42:d9:4c:4c:9a:
a9:7c:ae:3f:e4:22:aa:55:a8:e3:e6:2c:88:1e:08:
d6:a9:1c:2b:87:20:b5:c3:12:5b:7a:50:59:b7:c3:
93:0a:33:84:73:d3:54:f9:89:14:81:e4:31:a2:98:
d3:ff:52:e4:2d:1b:eb:56:f6:0d:16:39:3f:2d:8c:
f1:fc:27:10:4a:c9:db:c9:e0:01:e0:dd:ea:93:93:
90:92:5c:f9:4c:ea:47:2c:26:eb:ed:ee:ee:b4:55:
88:4d:75:52:e5:b6:b2:4e:97:ed:bd:4a:46:88:66:
0b:47:66:67:2c:b2:87:be:f5:6f:17:92:96:ef:2b:
d2:b2:14:00:11:50:21:14:53:e8:d9:e8:23:4e:d3:
21:1f:c2:e4:b4:92:8f:84:a7:de:80:8d:3a:09:8c:
e6:2f:25:a6:63:02:ef:4e:d9:0e:b2:66:32:d6:9d:
5f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:68:9F:4F:95:B2:20:EC:74:DA:15:7A:F8:A8:74:82:FC:47:23:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.44.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:9a:8d:69:bf:1e:80:9a:af:36:1c:08:6d:70:40:91:8d:e6:
8d:65:4e:2c:a9:1d:86:b5:54:80:b4:a1:d9:55:0c:2f:08:cd:
66:db:f7:03:16:1b:e3:89:39:36:0d:21:46:2a:f3:8b:fd:71:
a1:a7:0c:a3:7f:10:c2:55:f9:46:21:27:92:02:05:21:58:d2:
1a:7f:3a:cf:4b:84:11:1f:99:df:57:b3:be:7c:89:9e:be:ed:
98:b2:e4:e1:4f:c4:0d:3a:4f:aa:93:50:1e:4e:5f:fd:96:52:
66:2e:f9:a8:c0:a5:4e:a4:74:03:1c:7a:1b:41:6b:cf:5b:0a:
16:9a:07:c3:08:f6:4a:89:80:7b:e9:60:46:de:b1:a4:f6:1c:
62:6b:22:a8:dc:03:75:55:fd:6a:34:63:c9:11:d8:ac:20:a7:
df:50:50:ca:fc:83:1b:82:a8:29:0d:f0:0f:ab:7e:bc:68:f8:
d6:27:c3:3c:72:e4:68:19:37:72:09:82:25:c6:2c:6a:ac:26:
fc:54:a9:24:b8:c2:97:35:2e:75:6c:cb:40:5b:52:80:38:09:
eb:af:7a:cd:1c:9c:71:7b:55:d2:eb:85:6d:dd:ce:b5:47:d5:
d0:0e:db:85:18:4a:0e:f6:74:49:10:e4:b1:6a:31:cd:a7:88:
12:30:68:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDZ+3a6QsS3qQjtmVnafPb9Z5qikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDNaFw0yNTAyMjQwODUzMDNaMDMxMTAvBgNV
BAMTKDNBNjg5RjRGOTVCMjIwRUM3NERBMTU3QUY4QTg3NDgyRkM0NzIzODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0uwfYtbNU6mflYfEJPjAToVbW
ZayhfDzUPtTzTHOzukmRj2X69Rct70Q7ZHQsf3VwZL+qOrbg4WHObOmE2kTlR5bm
leXa8U/t8psFs/ltkaCGs9pC2UxMmql8rj/kIqpVqOPmLIgeCNapHCuHILXDElt6
UFm3w5MKM4Rz01T5iRSB5DGimNP/UuQtG+tW9g0WOT8tjPH8JxBKydvJ4AHg3eqT
k5CSXPlM6kcsJuvt7u60VYhNdVLltrJOl+29SkaIZgtHZmcssoe+9W8XkpbvK9Ky
FAARUCEUU+jZ6CNO0yEfwuS0ko+Ep96AjToJjOYvJaZjAu9O2Q6yZjLWnV+rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOmifT5WyIOx02hV6+Kh0gvxHI4EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM2MzMyZTM0
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
wqMsMA0GCSqGSIb3DQEBCwUAA4IBAQBLmo1pvx6Amq82HAhtcECRjeaNZU4sqR2G
tVSAtKHZVQwvCM1m2/cDFhvjiTk2DSFGKvOL/XGhpwyjfxDCVflGISeSAgUhWNIa
fzrPS4QRH5nfV7O+fImevu2YsuThT8QNOk+qk1AeTl/9llJmLvmowKVOpHQDHHob
QWvPWwoWmgfDCPZKiYB76WBG3rGk9hxiayKo3AN1Vf1qNGPJEdisIKffUFDK/IMb
gqgpDfAPq368aPjWJ8M8cuRoGTdyCYIlxixqrCb8VKkkuMKXNS51bMtAW1KAOAnr
r3rNHJxxe1XS64Vt3c61R9XQDtuFGEoO9nRJEOSxajHNp4gSMGiB
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org