Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39332e302f32342d3234203d3e20313336373837.roa
File: 3139342e3139352e39332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: b2Ih+rdB/4wtL+0NdsJaXLPTSy6WdRNWa0TDjHlKjc0=
Subject key identifier: 90:25:53:3D:21:0F:DC:07:8C:EF:1F:66:5C:FA:11:1E:93:2C:CC:D4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2C4DCA04EA2590A599EA09CA74030687A3F25F5D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39332e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:33 +0000
ROA not before: Mon 26 Feb 2024 08:48:33 +0000
ROA not after: Mon 24 Feb 2025 08:53:33 +0000
asID: 136787
IP address blocks: 194.195.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4d:ca:04:ea:25:90:a5:99:ea:09:ca:74:03:06:87:a3:f2:5f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:33 2024 GMT
Not After : Feb 24 08:53:33 2025 GMT
Subject: CN=9025533D210FDC078CEF1F665CFA111E932CCCD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:0a:5c:72:a4:2c:d2:be:94:64:61:1b:c3:
96:7b:21:f7:66:fd:82:97:38:71:c7:ab:fc:4a:94:
03:ad:52:25:71:38:75:53:0d:df:03:af:52:25:7b:
0e:34:77:07:6b:ea:49:0c:2e:6f:9a:ca:cf:41:b5:
74:16:d4:36:34:d8:67:50:15:6d:5e:c6:6f:6f:8c:
cc:b7:fd:4e:8f:37:7e:a5:07:ce:f2:17:0b:d6:6b:
65:1f:bc:4d:cd:87:84:20:68:61:68:04:7c:b6:7c:
da:1c:a3:3b:2a:80:f5:99:a0:f0:da:9e:60:27:ec:
4c:7b:48:99:d3:c2:8a:76:01:7e:65:10:b7:2c:80:
a8:74:cd:5e:98:ed:4d:c2:80:13:1e:d9:60:03:3c:
92:33:79:95:81:79:28:0c:a5:ac:4c:97:63:2d:60:
ca:e8:4e:02:5b:fe:91:48:e5:72:f0:a2:2e:3a:37:
67:07:4d:04:ba:b4:15:84:bd:43:e8:12:f9:dd:b9:
6e:ab:47:34:2d:5d:b4:b8:f2:67:73:a0:0c:83:c4:
25:d1:94:07:64:2d:c9:40:78:98:dd:25:69:5b:b3:
9d:02:e3:40:57:9d:a8:72:18:7f:76:fb:fc:d1:3f:
ec:b9:51:5d:00:9b:0f:9c:cf:be:07:a3:1a:2a:6a:
4d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:25:53:3D:21:0F:DC:07:8C:EF:1F:66:5C:FA:11:1E:93:2C:CC:D4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.93.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:33:d8:56:b0:6a:08:e0:1b:c9:04:20:37:31:e5:1e:59:0c:
60:a3:7e:a9:22:84:5d:b1:31:44:aa:83:e0:78:94:c2:0f:62:
bb:c9:90:24:2b:41:27:84:16:4e:64:99:37:37:00:1c:5b:38:
4f:34:95:7e:d4:36:d2:82:a7:fa:a0:4d:49:31:62:91:29:3e:
85:a6:23:d6:b5:40:e9:5e:ec:15:15:b4:e1:6f:9b:53:e1:a6:
45:5e:1b:b1:67:97:38:18:42:64:0a:b5:d5:f5:4c:96:65:90:
ab:9d:8f:c0:43:e8:36:cd:28:b7:32:1c:b6:01:27:90:33:44:
31:1b:5e:24:e0:0d:f9:9e:7a:90:c5:89:98:de:b4:a8:0e:92:
6d:9e:e7:cc:07:a7:25:64:9e:72:0f:18:f1:f0:20:89:2b:69:
ef:2e:53:f0:89:21:bb:8d:a3:46:6e:26:eb:09:24:4f:2e:8f:
da:14:15:b8:c9:15:20:06:dc:bc:b7:25:6a:98:c6:6d:5b:22:
6b:f8:f9:f7:4b:88:b5:ea:ea:4e:aa:79:f1:e9:cb:3b:8f:af:
ec:39:f8:73:b3:8d:a5:e3:de:5b:90:04:21:ac:ad:a7:e6:3e:
23:d6:b5:56:fd:34:f5:d6:18:9e:e1:3c:99:a3:c2:c3:04:f3:
db:17:7c:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULE3KBOolkKWZ6gnKdAMGh6PyX10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzNaFw0yNTAyMjQwODUzMzNaMDMxMTAvBgNV
BAMTKDkwMjU1MzNEMjEwRkRDMDc4Q0VGMUY2NjVDRkExMTFFOTMyQ0NDRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9GApccqQs0r6UZGEbw5Z7Ifdm
/YKXOHHHq/xKlAOtUiVxOHVTDd8Dr1Ilew40dwdr6kkMLm+ays9BtXQW1DY02GdQ
FW1exm9vjMy3/U6PN36lB87yFwvWa2UfvE3Nh4QgaGFoBHy2fNocozsqgPWZoPDa
nmAn7Ex7SJnTwop2AX5lELcsgKh0zV6Y7U3CgBMe2WADPJIzeZWBeSgMpaxMl2Mt
YMroTgJb/pFI5XLwoi46N2cHTQS6tBWEvUPoEvnduW6rRzQtXbS48mdzoAyDxCXR
lAdkLclAeJjdJWlbs50C40BXnahyGH92+/zRP+y5UV0Amw+cz74Hoxoqak1zAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkCVTPSEP3AeM7x9mXPoRHpMszNQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM5
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCw10wDQYJKoZIhvcNAQELBQADggEBAAoz2FawagjgG8kEIDcx5R5ZDGCjfqki
hF2xMUSqg+B4lMIPYrvJkCQrQSeEFk5kmTc3ABxbOE80lX7UNtKCp/qgTUkxYpEp
PoWmI9a1QOle7BUVtOFvm1PhpkVeG7FnlzgYQmQKtdX1TJZlkKudj8BD6DbNKLcy
HLYBJ5AzRDEbXiTgDfmeepDFiZjetKgOkm2e58wHpyVknnIPGPHwIIkrae8uU/CJ
IbuNo0ZuJusJJE8uj9oUFbjJFSAG3Ly3JWqYxm1bImv4+fdLiLXq6k6qefHpyzuP
r+w5+HOzjaXj3luQBCGsrafmPiPWtVb9NPXWGJ7hPJmjwsME89sXfGo=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:24 2024 by rpki-client on console-fra.rpki-client.org