Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: t8TrmXHMbSnSB8SY/gu0wz74EqN9OsZSjOkQyOgj4iU=
Subject key identifier: FC:1D:80:23:A9:07:B1:AA:9E:16:E1:2E:23:A9:EB:B2:A7:77:E4:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 29345C504240F2A080AEA03B4A095882EE3BB2A6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:09 +0000
ROA not before: Mon 26 Feb 2024 08:48:09 +0000
ROA not after: Mon 24 Feb 2025 08:53:09 +0000
asID: 136787
IP address blocks: 194.195.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:34:5c:50:42:40:f2:a0:80:ae:a0:3b:4a:09:58:82:ee:3b:b2:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:09 2024 GMT
Not After : Feb 24 08:53:09 2025 GMT
Subject: CN=FC1D8023A907B1AA9E16E12E23A9EBB2A777E41A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:be:84:94:cd:e7:21:3d:5a:16:98:3e:7f:9b:
9e:00:a8:2b:bf:75:a3:d7:7c:4a:8a:75:03:bc:75:
39:09:04:8c:16:70:51:b9:e2:f6:5b:d2:6a:03:4b:
43:dd:53:03:ec:9d:c7:e7:a2:0a:21:8a:a4:fd:88:
f5:f6:28:60:09:ba:ca:3b:a8:d3:43:21:bb:8e:64:
60:4b:03:38:4c:51:28:d5:aa:57:71:fb:20:5b:cb:
b4:25:d4:43:2e:56:b8:2d:60:36:e5:32:e9:40:b3:
a4:0a:98:86:34:1c:fe:50:87:e4:50:6e:8e:3a:8c:
8a:74:b4:52:db:3d:3a:ae:05:21:98:81:ca:c5:f4:
a2:d6:7a:7d:65:ed:2d:f2:a1:e7:d6:89:07:5e:f4:
ac:b4:4e:82:ef:5e:1d:8e:f0:81:40:91:05:1a:96:
80:6e:13:91:08:c4:80:4c:00:f4:65:f8:18:2b:03:
ed:ee:14:6f:c0:59:a0:44:4b:78:16:09:be:1c:1f:
8f:41:cb:93:b0:66:b7:0b:db:bb:be:b8:5b:17:4f:
65:83:3c:7d:0a:b4:26:ba:f1:bd:2d:d6:ef:4b:12:
0d:b9:fb:51:2a:25:8a:63:7c:5b:69:6f:b0:ef:eb:
f0:78:8e:c2:36:77:91:8e:c8:9c:f7:45:ed:b0:b4:
f2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1D:80:23:A9:07:B1:AA:9E:16:E1:2E:23:A9:EB:B2:A7:77:E4:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.88.0/24
Signature Algorithm: sha256WithRSAEncryption
51:83:42:ba:6b:eb:50:ce:a3:81:92:c8:f6:34:97:7b:eb:a8:
f5:c8:3f:01:51:7c:54:b2:4f:76:7f:6e:ef:90:f2:9a:0e:7a:
58:14:2a:0f:24:43:78:fc:06:d4:37:04:e7:0e:b5:86:3f:56:
ff:5a:55:f8:7d:31:c6:f9:25:90:dc:88:16:58:86:66:a5:43:
8b:21:06:1f:c6:e3:38:22:ee:15:c4:92:b0:13:9b:83:cf:8f:
c1:fb:aa:8c:bd:c8:34:08:5c:dd:e7:89:31:36:a3:54:7c:e6:
19:50:c3:37:bc:b5:f3:85:ae:6c:db:f7:59:f5:31:4b:80:f3:
2e:0e:7b:88:33:a8:0f:c8:51:56:a6:b7:87:ea:8d:62:f2:a3:
8a:42:68:8c:37:51:b4:2e:a0:49:24:1f:dd:e0:17:99:c8:50:
dc:93:a3:40:93:92:6f:b7:49:09:b6:dd:be:3d:6e:fd:80:34:
e1:9f:f1:af:c8:2f:36:c1:62:d5:07:c8:ff:8f:1c:db:f6:b6:
36:2e:e4:8b:46:ed:b1:14:59:ff:4d:18:4e:b9:c9:e0:33:e3:
e3:ad:e4:74:db:06:9d:6f:3e:96:1f:d9:38:b4:3a:b4:e7:ef:
6d:2b:f6:59:83:b4:2a:d4:a8:7b:c7:bd:fc:ef:4b:b4:9a:88:
0a:b6:43:fd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKTRcUEJA8qCArqA7SglYgu47sqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDlaFw0yNTAyMjQwODUzMDlaMDMxMTAvBgNV
BAMTKEZDMUQ4MDIzQTkwN0IxQUE5RTE2RTEyRTIzQTlFQkIyQTc3N0U0MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvvoSUzechPVoWmD5/m54AqCu/
daPXfEqKdQO8dTkJBIwWcFG54vZb0moDS0PdUwPsncfnogohiqT9iPX2KGAJuso7
qNNDIbuOZGBLAzhMUSjVqldx+yBby7Ql1EMuVrgtYDblMulAs6QKmIY0HP5Qh+RQ
bo46jIp0tFLbPTquBSGYgcrF9KLWen1l7S3yoefWiQde9Ky0ToLvXh2O8IFAkQUa
loBuE5EIxIBMAPRl+BgrA+3uFG/AWaBES3gWCb4cH49By5OwZrcL27u+uFsXT2WD
PH0KtCa68b0t1u9LEg25+1EqJYpjfFtpb7Dv6/B4jsI2d5GOyJz3Re2wtPJZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/B2AI6kHsaqeFuEuI6nrsqd35BowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCw1gwDQYJKoZIhvcNAQELBQADggEBAFGDQrpr61DOo4GSyPY0l3vrqPXIPwFR
fFSyT3Z/bu+Q8poOelgUKg8kQ3j8BtQ3BOcOtYY/Vv9aVfh9Mcb5JZDciBZYhmal
Q4shBh/G4zgi7hXEkrATm4PPj8H7qoy9yDQIXN3niTE2o1R85hlQwze8tfOFrmzb
91n1MUuA8y4Oe4gzqA/IUVamt4fqjWLyo4pCaIw3UbQuoEkkH93gF5nIUNyTo0CT
km+3SQm23b49bv2ANOGf8a/ILzbBYtUHyP+PHNv2tjYu5ItG7bEUWf9NGE65yeAz
4+Ot5HTbBp1vPpYf2Ti0OrTn720r9lmDtCrUqHvHvfzvS7SaiAq2Q/0=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org