Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136342e36342e302f32312d3234203d3e203437353833.roa
File: 3139342e3136342e36342e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: aRLyziVoqWfdnqOsJElPzd+VP0Ft+dmkAg//w0GG5xQ=
Subject key identifier: F3:09:A9:35:17:44:B8:AB:CD:B6:3E:29:2D:BB:FC:17:85:FE:A3:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11BA4197C1A802FB612EFFF6FFBAB02E665124A2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136342e36342e302f32312d3234203d3e203437353833.roa
Signing time: Sat 04 May 2024 07:15:30 +0000
ROA not before: Sat 04 May 2024 07:10:30 +0000
ROA not after: Sat 03 May 2025 07:15:30 +0000
asID: 47583
IP address blocks: 194.164.64.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ba:41:97:c1:a8:02:fb:61:2e:ff:f6:ff:ba:b0:2e:66:51:24:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 4 07:10:30 2024 GMT
Not After : May 3 07:15:30 2025 GMT
Subject: CN=F309A9351744B8ABCDB63E292DBBFC1785FEA3FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c7:33:95:13:5f:e2:2e:71:1c:08:f5:6d:30:
d4:c5:ba:cb:48:81:d4:38:a4:1a:e1:3d:ab:7b:36:
61:b4:2c:e4:f4:69:27:a6:38:09:92:38:09:6a:40:
ac:dd:e2:26:3c:b3:90:1d:31:cc:f4:03:08:08:b0:
50:83:e1:04:ca:ce:d0:58:c0:5b:5f:93:37:bf:d6:
e7:86:f3:40:93:50:62:4c:6d:02:e7:36:9c:e4:d2:
4e:2d:c4:50:ce:07:09:70:19:a0:b2:87:f7:77:c1:
e4:ae:6a:59:fc:00:e1:a0:b3:64:99:ab:18:49:9d:
06:48:8d:81:85:ad:eb:d7:07:a8:7e:68:fd:3b:ce:
42:bd:e6:4c:fe:98:44:91:c6:f2:5f:26:24:f8:c1:
67:d7:eb:f2:de:36:b8:8a:ef:9f:85:da:1d:32:a1:
b9:44:14:98:f1:75:93:94:42:26:18:bd:44:10:49:
ae:5b:5c:86:9f:8a:bb:b9:8c:cc:97:f0:9d:0a:c2:
da:b0:24:bc:30:53:d5:82:8b:37:f8:d3:2a:06:da:
ad:f7:eb:4d:78:3b:f2:8a:15:de:9b:dd:e1:10:4b:
db:12:90:22:41:87:47:30:ec:04:f6:61:70:f9:ef:
c6:8b:d4:21:27:c5:e0:06:a1:11:ca:90:f8:ac:dc:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:09:A9:35:17:44:B8:AB:CD:B6:3E:29:2D:BB:FC:17:85:FE:A3:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136342e36342e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.64.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:63:c3:96:31:01:a4:78:57:75:b3:2e:67:1e:62:ef:9d:47:
58:2b:e4:90:75:9d:e8:21:cf:a7:09:06:c2:49:ac:11:ed:f7:
0b:71:8b:ce:32:f3:dc:4d:89:d9:cf:37:5e:81:8a:19:b1:01:
80:6e:f1:2b:92:43:5c:3e:7a:93:80:e5:24:1e:d2:bd:6a:60:
2e:cf:01:b6:a9:bc:ab:22:7e:00:a1:de:5a:92:40:92:81:e3:
6a:ec:b6:aa:1f:df:9d:9e:fc:25:4e:14:e8:ae:51:58:5e:37:
df:13:4b:83:c6:3c:be:73:cc:2c:66:ea:5b:b5:40:7f:1d:e0:
e7:52:c0:d5:21:b6:a8:fd:a0:d7:e6:37:29:9c:1d:0e:5e:12:
3a:49:4f:d2:78:2f:82:4c:ae:e9:b5:2a:2f:be:17:c3:37:b8:
25:34:f6:cf:10:f7:bb:20:79:3a:82:fc:82:85:04:3f:9b:17:
42:e7:d6:2e:b4:4d:4c:6a:23:ab:e0:66:fb:bf:d0:0c:d4:b4:
38:88:28:06:5e:2e:66:82:ec:6a:3d:72:46:98:bd:7d:42:61:
65:13:48:5d:1a:2a:83:a3:8a:de:61:6c:09:b2:20:4c:ac:62:
29:e0:f9:4d:33:f7:e2:41:94:05:9f:da:30:6e:bd:e7:69:17:
87:f3:6f:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEbpBl8GoAvthLv/2/7qwLmZRJKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDQwNzEwMzBaFw0yNTA1MDMwNzE1MzBaMDMxMTAvBgNV
BAMTKEYzMDlBOTM1MTc0NEI4QUJDREI2M0UyOTJEQkJGQzE3ODVGRUEzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCxzOVE1/iLnEcCPVtMNTFustI
gdQ4pBrhPat7NmG0LOT0aSemOAmSOAlqQKzd4iY8s5AdMcz0AwgIsFCD4QTKztBY
wFtfkze/1ueG80CTUGJMbQLnNpzk0k4txFDOBwlwGaCyh/d3weSualn8AOGgs2SZ
qxhJnQZIjYGFrevXB6h+aP07zkK95kz+mESRxvJfJiT4wWfX6/LeNriK75+F2h0y
oblEFJjxdZOUQiYYvUQQSa5bXIafiru5jMyX8J0KwtqwJLwwU9WCizf40yoG2q33
6014O/KKFd6b3eEQS9sSkCJBh0cw7AT2YXD578aL1CEnxeAGoRHKkPis3BUtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8wmpNRdEuKvNtj4pLbv8F4X+o/8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM2MzQyZTM2
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wqRAMA0GCSqGSIb3DQEBCwUAA4IBAQBbY8OWMQGkeFd1sy5nHmLvnUdYK+SQdZ3o
Ic+nCQbCSawR7fcLcYvOMvPcTYnZzzdegYoZsQGAbvErkkNcPnqTgOUkHtK9amAu
zwG2qbyrIn4Aod5akkCSgeNq7LaqH9+dnvwlThTorlFYXjffE0uDxjy+c8wsZupb
tUB/HeDnUsDVIbao/aDX5jcpnB0OXhI6SU/SeC+CTK7ptSovvhfDN7glNPbPEPe7
IHk6gvyChQQ/mxdC59YutE1MaiOr4Gb7v9AM1LQ4iCgGXi5mguxqPXJGmL19QmFl
E0hdGiqDo4reYWwJsiBMrGIp4PlNM/fiQZQFn9owbr3naReH82/T
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org