Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NmBSRZh8Ci24HWWXK0cZ+4W71R+UEScme9qVhe0nNr4=
Subject key identifier: 3A:D9:6F:17:C6:A7:C6:D9:9E:EE:B0:F3:87:28:E4:8A:34:1B:6B:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BFA546103BDC8676D5CD6ACB3DFCB844F2AF1F5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:25 +0000
ROA not before: Mon 27 Jan 2025 09:40:25 +0000
ROA not after: Mon 26 Jan 2026 09:45:25 +0000
asID: 136787
IP address blocks: 194.195.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:fa:54:61:03:bd:c8:67:6d:5c:d6:ac:b3:df:cb:84:4f:2a:f1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:25 2025 GMT
Not After : Jan 26 09:45:25 2026 GMT
Subject: CN=3AD96F17C6A7C6D99EEEB0F38728E48A341B6BAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3a:7a:5e:98:a5:ed:87:82:10:e4:f8:f0:f1:
9f:3e:ba:53:74:bf:67:9e:f8:e4:ac:00:05:c7:78:
7a:24:71:a5:d2:b9:4b:76:0f:a9:6c:dd:ff:df:47:
ff:0f:f0:2d:28:fd:c5:d9:08:b2:c9:f1:f3:72:8d:
ec:3f:cf:c8:ba:56:91:ec:b6:9a:eb:e8:b8:54:ca:
49:43:99:96:77:ce:65:68:e6:dc:31:be:76:10:3e:
21:d8:5d:52:6f:d5:a7:31:57:48:79:23:ca:90:89:
77:2e:60:fc:dc:7a:1c:7a:67:c6:35:04:6c:c7:13:
93:a6:1b:25:4b:1e:9f:f4:93:dd:c8:e0:35:20:30:
df:a0:2b:f0:59:6c:28:c1:a3:b0:d4:3c:cc:2e:b8:
c6:6b:0e:c5:52:13:33:d0:7f:81:90:48:c9:be:d8:
12:b2:43:cd:6a:93:94:a8:f1:cb:ef:cd:9c:da:0a:
43:60:5e:ba:fa:1f:2f:f9:64:98:64:d0:9d:1d:17:
e0:93:78:c7:0a:a0:dc:65:61:bd:60:34:e9:27:39:
e8:bd:84:24:05:92:bd:22:50:a6:96:ca:76:64:d6:
3b:fb:d3:6b:5a:dc:98:12:a2:20:d6:08:7f:f2:d1:
e5:4d:5c:e2:11:c8:9e:52:b7:dd:c5:6b:ee:6f:41:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:6F:17:C6:A7:C6:D9:9E:EE:B0:F3:87:28:E4:8A:34:1B:6B:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.88.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3f:11:59:7b:2c:2f:48:3d:f3:0c:6e:76:be:d2:d0:60:61:
86:6b:12:48:18:cb:44:e3:a5:31:8a:74:99:58:00:cb:e5:42:
23:a7:fd:0c:fc:f0:40:89:d4:63:d2:c3:c1:c2:e0:10:d0:78:
7e:f6:8c:db:04:7f:40:34:45:5e:28:98:81:f9:77:e3:b6:ed:
99:47:27:e2:68:0d:3e:bf:6f:00:ed:f4:72:71:de:1c:80:20:
12:a1:7d:a1:70:e7:01:f9:2a:46:a2:97:03:91:26:3d:08:5d:
2d:c5:a7:91:50:2f:7a:ae:7a:05:b9:f5:41:86:0a:97:c5:0e:
5d:47:b5:e8:81:a3:5e:3c:77:a4:2e:92:75:65:7e:af:a5:48:
43:4e:b4:9a:e9:dd:45:f7:cb:23:a3:00:14:09:be:0b:73:93:
5f:47:46:c3:d5:ca:82:a9:75:97:79:91:59:77:bb:c1:3f:69:
5b:18:25:18:08:49:1d:af:f0:09:e4:98:73:1b:84:15:40:b3:
b6:dc:d0:91:ea:36:29:a5:24:06:cf:2f:9f:ca:43:4d:b7:44:
aa:b6:45:d5:b4:a5:85:4d:e5:03:8e:72:4a:05:0a:5a:58:a0:
69:ba:c1:5c:75:dd:77:71:18:29:bf:f6:00:08:fa:0b:11:93:
f4:66:51:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS/pUYQO9yGdtXNass9/LhE8q8fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjVaFw0yNjAxMjYwOTQ1MjVaMDMxMTAvBgNV
BAMTKDNBRDk2RjE3QzZBN0M2RDk5RUVFQjBGMzg3MjhFNDhBMzQxQjZCQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkOnpemKXth4IQ5Pjw8Z8+ulN0
v2ee+OSsAAXHeHokcaXSuUt2D6ls3f/fR/8P8C0o/cXZCLLJ8fNyjew/z8i6VpHs
tprr6LhUyklDmZZ3zmVo5twxvnYQPiHYXVJv1acxV0h5I8qQiXcuYPzcehx6Z8Y1
BGzHE5OmGyVLHp/0k93I4DUgMN+gK/BZbCjBo7DUPMwuuMZrDsVSEzPQf4GQSMm+
2BKyQ81qk5So8cvvzZzaCkNgXrr6Hy/5ZJhk0J0dF+CTeMcKoNxlYb1gNOknOei9
hCQFkr0iUKaWynZk1jv702ta3JgSoiDWCH/y0eVNXOIRyJ5St93Fa+5vQZCxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOtlvF8anxtme7rDzhyjkijQba6swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCw1gwDQYJKoZIhvcNAQELBQADggEBAEk/EVl7LC9IPfMMbna+0tBgYYZrEkgY
y0TjpTGKdJlYAMvlQiOn/Qz88ECJ1GPSw8HC4BDQeH72jNsEf0A0RV4omIH5d+O2
7ZlHJ+JoDT6/bwDt9HJx3hyAIBKhfaFw5wH5KkailwORJj0IXS3Fp5FQL3quegW5
9UGGCpfFDl1HteiBo148d6QuknVlfq+lSENOtJrp3UX3yyOjABQJvgtzk19HRsPV
yoKpdZd5kVl3u8E/aVsYJRgISR2v8AnkmHMbhBVAs7bc0JHqNimlJAbPL5/KQ023
RKq2RdW0pYVN5QOOckoFClpYoGm6wVx13XdxGCm/9gAI+gsRk/RmUdw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:21 2025 by rpki-client