Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
File: 3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: UldVOknr2sgApEM9uBb2CD0OMT5yRGv2/PVxaWSuSXQ=
Subject key identifier: DD:7F:B8:79:D8:0F:F1:F2:D2:30:DF:8D:ED:8B:71:3B:4E:17:EB:24
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 44CE8AE02D1D4E2FCBBA35DE99B4356F06E389EA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
Signing time: Mon 26 Feb 2024 08:53:08 +0000
ROA not before: Mon 26 Feb 2024 08:48:08 +0000
ROA not after: Mon 24 Feb 2025 08:53:08 +0000
asID: 206092
IP address blocks: 194.195.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ce:8a:e0:2d:1d:4e:2f:cb:ba:35:de:99:b4:35:6f:06:e3:89:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:08 2024 GMT
Not After : Feb 24 08:53:08 2025 GMT
Subject: CN=DD7FB879D80FF1F2D230DF8DED8B713B4E17EB24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:78:89:2f:68:34:25:e1:df:13:16:b6:ea:e9:
1c:f1:3d:09:67:44:0a:0b:2e:02:a3:82:ee:dd:f7:
4f:d8:37:fa:a2:73:2f:24:74:bb:a7:85:1f:e7:dc:
3a:02:d1:6c:17:7c:9a:35:a0:f9:5d:32:b0:d0:85:
0a:55:a9:70:85:07:f9:d1:9f:28:5b:27:44:e8:52:
c5:cc:8e:28:0f:83:24:d4:da:a2:b3:22:b1:5d:01:
8b:5d:ac:62:04:be:ae:72:d3:b7:91:d5:1c:c8:ed:
e4:60:25:2a:41:d1:58:21:10:ea:b6:ce:00:25:55:
b8:14:ae:b6:cd:a1:b0:6e:13:a9:60:3f:fc:bd:4b:
4c:66:a8:0d:d5:f2:a3:1e:ee:cb:1c:c3:0c:ae:03:
01:a9:71:fd:81:6a:e4:5b:90:da:df:51:2d:56:c3:
be:95:f3:29:18:b9:4b:4b:e3:7f:ad:70:5e:84:7d:
a6:e5:0b:16:80:5c:06:bd:00:b6:63:ef:af:aa:0d:
27:99:5c:c4:ed:c8:de:fa:17:2b:ef:a0:42:ee:ff:
11:3e:03:f5:ea:21:6a:e9:d8:2f:b5:1c:fa:ea:8f:
74:f6:47:46:d6:f5:2a:87:4a:33:7b:cf:66:19:94:
66:81:85:46:e7:9f:ab:74:fc:b7:c2:e5:8f:8c:2f:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7F:B8:79:D8:0F:F1:F2:D2:30:DF:8D:ED:8B:71:3B:4E:17:EB:24
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.91.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0b:59:05:c0:55:f9:34:e5:92:7a:77:2a:97:62:fa:ca:24:
ce:8b:26:0b:13:66:11:53:ce:46:3b:8d:e9:a0:90:e1:37:3d:
ce:c8:ac:84:20:02:3f:90:de:ff:76:aa:82:ab:31:48:13:6d:
6b:43:b8:51:63:70:61:0b:3d:c2:da:34:3a:22:fe:99:73:2b:
d2:9d:42:ec:3f:f5:de:fb:74:af:30:41:1a:07:30:28:48:6e:
6c:12:05:f3:a4:29:7c:fc:ab:88:7c:5d:eb:b8:de:34:05:15:
b7:4e:21:be:35:44:2d:37:9b:07:1c:89:f8:6f:56:d6:94:4f:
c6:26:3d:07:dd:53:6a:45:f2:30:1f:ff:db:1b:6f:a0:95:f3:
6f:fa:41:b2:02:9e:0b:85:0a:b7:0e:e0:ec:0b:d7:c0:66:b9:
9b:6a:aa:ec:72:fa:65:3f:ed:3a:ff:6b:51:a7:fa:14:d3:8f:
3d:a7:80:3e:22:a8:25:97:4f:93:52:2c:a2:51:ce:0b:0e:f8:
7d:88:fc:7f:9c:c2:39:65:2c:1b:87:43:e7:2e:fa:bd:40:ea:
90:57:f9:70:f8:34:2c:0c:44:7c:48:d7:5e:35:db:37:a6:19:
04:35:e3:05:a6:fd:a6:be:af:4a:6b:8d:bc:fb:76:18:c4:54:
25:8e:15:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURM6K4C0dTi/LujXembQ1bwbjieowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDhaFw0yNTAyMjQwODUzMDhaMDMxMTAvBgNV
BAMTKEREN0ZCODc5RDgwRkYxRjJEMjMwREY4REVEOEI3MTNCNEUxN0VCMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxeIkvaDQl4d8TFrbq6RzxPQln
RAoLLgKjgu7d90/YN/qicy8kdLunhR/n3DoC0WwXfJo1oPldMrDQhQpVqXCFB/nR
nyhbJ0ToUsXMjigPgyTU2qKzIrFdAYtdrGIEvq5y07eR1RzI7eRgJSpB0VghEOq2
zgAlVbgUrrbNobBuE6lgP/y9S0xmqA3V8qMe7sscwwyuAwGpcf2BauRbkNrfUS1W
w76V8ykYuUtL43+tcF6EfablCxaAXAa9ALZj76+qDSeZXMTtyN76FyvvoELu/xE+
A/XqIWrp2C+1HPrqj3T2R0bW9SqHSjN7z2YZlGaBhUbnn6t0/LfC5Y+MLw5BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3X+4edgP8fLSMN+N7YtxO04X6yQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCw1swDQYJKoZIhvcNAQELBQADggEBADgLWQXAVfk05ZJ6dyqXYvrKJM6LJgsT
ZhFTzkY7jemgkOE3Pc7IrIQgAj+Q3v92qoKrMUgTbWtDuFFjcGELPcLaNDoi/plz
K9KdQuw/9d77dK8wQRoHMChIbmwSBfOkKXz8q4h8Xeu43jQFFbdOIb41RC03mwcc
ifhvVtaUT8YmPQfdU2pF8jAf/9sbb6CV82/6QbICnguFCrcO4OwL18BmuZtqquxy
+mU/7Tr/a1Gn+hTTjz2ngD4iqCWXT5NSLKJRzgsO+H2I/H+cwjllLBuHQ+cu+r1A
6pBX+XD4NCwMRHxI11412zemGQQ14wWm/aa+r0prjbz7dhjEVCWOFRo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org