Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
File: 3139342e3139352e38352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: tDIzC7/KeC5BOjNlo+OnWay2sj2g40d68LF+41ozBNo=
Subject key identifier: 20:2D:7D:0E:E4:8B:1B:74:87:D4:14:FE:D4:6A:C9:09:C3:B6:63:5D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6132CB63D16E95B3E56D9743623FE5A856673CDB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:08 +0000
ROA not before: Mon 26 Feb 2024 08:48:08 +0000
ROA not after: Mon 24 Feb 2025 08:53:08 +0000
asID: 51167
IP address blocks: 194.195.85.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:32:cb:63:d1:6e:95:b3:e5:6d:97:43:62:3f:e5:a8:56:67:3c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:08 2024 GMT
Not After : Feb 24 08:53:08 2025 GMT
Subject: CN=202D7D0EE48B1B7487D414FED46AC909C3B6635D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:1c:a1:65:55:87:cb:4d:c2:12:9a:0f:a6:
19:da:ba:3b:bc:57:d8:25:fe:50:7e:36:86:aa:b3:
52:b6:b2:c4:f9:50:ea:eb:2a:a7:13:75:fb:62:ec:
9a:4a:fa:f6:b5:84:54:3a:3f:f2:f2:22:d3:d4:26:
e3:5a:37:00:37:86:88:fe:85:dd:e8:df:5a:76:03:
ab:20:54:d1:06:77:84:65:53:f2:b2:07:45:6b:d8:
61:9f:9d:96:9a:b9:67:04:d3:ce:82:10:6f:aa:ee:
16:e3:3e:83:95:29:9f:fe:57:b2:5c:50:08:8b:78:
1f:cd:08:7d:51:56:fe:5f:eb:a6:86:65:58:ea:e4:
1e:05:cc:e3:b8:8e:ab:23:58:f2:44:73:83:01:fb:
c5:3e:cd:d7:2b:d7:7a:b9:26:db:d3:07:5c:d9:65:
fb:0a:d4:3f:68:53:27:74:c7:90:73:5b:23:c7:df:
92:37:be:29:96:47:a9:b7:17:39:79:b3:bc:ba:f4:
8a:9d:b7:d0:22:d1:df:43:35:da:9d:e3:41:d6:86:
91:33:8b:bb:b5:c0:a6:11:41:ee:c8:54:87:93:a7:
0f:70:cb:28:cd:70:76:d4:34:12:14:08:21:ca:17:
71:df:13:7e:f4:a6:49:38:da:4b:62:db:84:f6:2e:
75:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2D:7D:0E:E4:8B:1B:74:87:D4:14:FE:D4:6A:C9:09:C3:B6:63:5D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.85.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:60:35:ca:44:39:6c:f9:d7:0e:d7:7e:84:b3:f7:4e:1a:05:
ce:b2:86:55:dc:0e:20:06:a8:43:6b:46:71:0c:9b:d5:4d:e7:
32:52:b1:c6:42:08:c5:92:3b:aa:13:d5:68:87:f8:8c:c9:e5:
89:72:67:e6:dc:b4:3f:2f:6c:49:c5:61:77:71:34:f8:bb:a6:
2c:e3:9b:d0:18:ae:e0:f8:14:29:20:ea:ff:21:e0:f3:fe:9c:
01:96:96:9f:34:87:17:3d:86:cf:51:4e:38:bf:87:89:c1:d9:
70:16:7b:d7:36:28:8a:05:1c:5d:0e:8d:3c:1e:c5:82:7c:32:
64:d7:2f:04:26:c0:e1:64:37:81:6a:1d:47:41:af:be:2f:31:
b2:2b:e4:be:4b:db:08:39:a4:ea:ed:da:15:d4:7b:e6:b1:f6:
b3:21:36:b0:ab:e6:66:41:bd:5c:25:73:51:24:0f:65:25:3a:
51:c4:08:79:63:bf:d0:c3:85:09:be:0f:a4:05:b1:08:77:20:
0a:d6:53:61:49:44:b5:6b:e0:d6:50:ed:82:f0:74:f5:0d:78:
db:39:a8:e6:22:d9:93:00:aa:00:97:a8:a7:c7:c3:52:e5:f2:
d0:8d:27:4f:f1:34:0a:23:f2:ad:0f:9c:49:eb:48:c7:15:88:
64:34:26:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYTLLY9FulbPlbZdDYj/lqFZnPNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDhaFw0yNTAyMjQwODUzMDhaMDMxMTAvBgNV
BAMTKDIwMkQ3RDBFRTQ4QjFCNzQ4N0Q0MTRGRUQ0NkFDOTA5QzNCNjYzNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoOByhZVWHy03CEpoPphnauju8
V9gl/lB+Noaqs1K2ssT5UOrrKqcTdfti7JpK+va1hFQ6P/LyItPUJuNaNwA3hoj+
hd3o31p2A6sgVNEGd4RlU/KyB0Vr2GGfnZaauWcE086CEG+q7hbjPoOVKZ/+V7Jc
UAiLeB/NCH1RVv5f66aGZVjq5B4FzOO4jqsjWPJEc4MB+8U+zdcr13q5JtvTB1zZ
ZfsK1D9oUyd0x5BzWyPH35I3vimWR6m3Fzl5s7y69Iqdt9Ai0d9DNdqd40HWhpEz
i7u1wKYRQe7IVIeTpw9wyyjNcHbUNBIUCCHKF3HfE370pkk42kti24T2LnXHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIC19DuSLG3SH1BT+1GrJCcO2Y10wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzUyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wsNVMA0GCSqGSIb3DQEBCwUAA4IBAQCcYDXKRDls+dcO136Es/dOGgXOsoZV3A4g
BqhDa0ZxDJvVTecyUrHGQgjFkjuqE9Voh/iMyeWJcmfm3LQ/L2xJxWF3cTT4u6Ys
45vQGK7g+BQpIOr/IeDz/pwBlpafNIcXPYbPUU44v4eJwdlwFnvXNiiKBRxdDo08
HsWCfDJk1y8EJsDhZDeBah1HQa++LzGyK+S+S9sIOaTq7doV1HvmsfazITawq+Zm
Qb1cJXNRJA9lJTpRxAh5Y7/Qw4UJvg+kBbEIdyAK1lNhSUS1a+DWUO2C8HT1DXjb
OajmItmTAKoAl6inx8NS5fLQjSdP8TQKI/KtD5xJ60jHFYhkNCYO
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org