Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
File: 3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Ey8/7QNGJhqh8npcKykN6Vs0Ce5fOYybifQEXuzXNII=
Subject key identifier: A4:88:FF:55:01:15:0A:CA:16:91:B3:15:72:14:FE:5A:70:F1:00:9C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4431321A54A662E4BBA68A0B3A52762410F2DCFD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:32 +0000
ROA not before: Mon 26 Feb 2024 08:48:32 +0000
ROA not after: Mon 24 Feb 2025 08:53:32 +0000
asID: 136787
IP address blocks: 194.233.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:31:32:1a:54:a6:62:e4:bb:a6:8a:0b:3a:52:76:24:10:f2:dc:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:32 2024 GMT
Not After : Feb 24 08:53:32 2025 GMT
Subject: CN=A488FF5501150ACA1691B3157214FE5A70F1009C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fa:98:65:0e:97:5a:91:9d:e3:6a:55:f9:b6:
fa:f3:d2:25:b9:08:e4:0b:2d:7b:d0:f3:73:e5:f0:
19:36:a2:25:8a:d5:c1:6d:4e:0f:e9:f2:65:a4:31:
85:1b:74:8e:a5:1c:2b:0c:b8:e0:ba:f0:36:45:98:
a0:49:17:63:a9:37:22:61:52:83:86:ab:3c:91:f4:
66:24:49:6a:eb:ff:92:05:5d:b7:df:5e:51:80:a5:
df:9e:91:e7:bc:6b:12:f8:0a:81:29:06:68:86:8e:
a7:9c:e1:66:4d:87:c2:fb:f0:49:83:b1:d3:62:a9:
22:c9:0f:c6:91:e6:d2:6e:e3:2c:d8:ba:4c:85:fa:
2e:cd:ba:9c:3a:1f:c2:cc:31:32:31:e6:c3:39:57:
6a:ac:f5:56:f7:5b:ce:3a:b2:5a:1e:fe:65:aa:03:
2f:8c:16:9d:40:17:46:ae:05:0a:41:8e:19:c6:11:
3d:39:ef:ff:d8:bc:04:68:c0:d6:52:c8:45:ba:b5:
92:3a:0e:ac:ec:c5:11:13:fe:0e:29:86:1d:04:13:
89:4f:65:bb:1d:6b:98:c5:7a:62:9d:6d:39:cc:66:
58:31:76:38:99:df:2e:e6:c4:d4:5c:11:b7:14:8f:
04:98:c4:fc:2d:28:8a:8b:cc:c7:ca:b9:1d:6d:22:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:88:FF:55:01:15:0A:CA:16:91:B3:15:72:14:FE:5A:70:F1:00:9C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.99.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:85:d2:55:e8:b9:72:ab:c3:55:f9:e6:0a:ab:db:3a:45:80:
d0:25:a4:e7:cc:4a:a9:68:20:dd:e2:7f:39:bb:58:da:c0:bd:
f5:05:84:2a:68:1b:ec:1e:72:7c:06:12:84:c6:d0:d1:bd:dc:
67:56:12:44:c4:81:72:53:b3:b0:94:2f:0b:78:0d:ef:fb:4a:
91:ba:e6:aa:c5:b1:da:8a:75:f5:d0:91:55:25:74:a3:22:a5:
57:72:ee:04:50:f5:8b:d8:7e:1f:77:fc:b1:f6:17:d9:f4:67:
6e:2e:c5:46:13:e9:e1:ee:09:cb:d3:d4:e1:4b:2f:1e:57:2c:
c4:6f:64:30:60:b4:b0:44:b5:79:38:c3:92:82:c1:83:cf:83:
c1:1f:01:ff:2c:f4:82:79:6a:87:88:59:f0:67:02:9a:22:25:
d0:ab:19:3d:ea:71:ad:fe:11:33:08:35:15:66:de:99:f9:26:
dc:cf:0f:13:98:7c:e8:fc:51:8a:ca:6f:ed:46:8e:c6:74:81:
4b:93:91:10:21:a4:a9:74:92:9f:7b:2c:9d:9f:ca:9f:c9:ce:
07:a2:05:61:4b:5c:f6:e6:ff:2e:49:1e:4f:c4:ae:a3:5f:6f:
19:ee:01:44:8d:32:16:a8:40:86:79:a0:1f:57:92:8b:34:ff:
e9:05:16:b4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURDEyGlSmYuS7pooLOlJ2JBDy3P0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzJaFw0yNTAyMjQwODUzMzJaMDMxMTAvBgNV
BAMTKEE0ODhGRjU1MDExNTBBQ0ExNjkxQjMxNTcyMTRGRTVBNzBGMTAwOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9+phlDpdakZ3jalX5tvrz0iW5
COQLLXvQ83Pl8Bk2oiWK1cFtTg/p8mWkMYUbdI6lHCsMuOC68DZFmKBJF2OpNyJh
UoOGqzyR9GYkSWrr/5IFXbffXlGApd+ekee8axL4CoEpBmiGjqec4WZNh8L78EmD
sdNiqSLJD8aR5tJu4yzYukyF+i7Nupw6H8LMMTIx5sM5V2qs9Vb3W846sloe/mWq
Ay+MFp1AF0auBQpBjhnGET057//YvARowNZSyEW6tZI6DqzsxRET/g4phh0EE4lP
Zbsda5jFemKdbTnMZlgxdjiZ3y7mxNRcEbcUjwSYxPwtKIqLzMfKuR1tIvjRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpIj/VQEVCsoWkbMVchT+WnDxAJwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzMyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADC6WMwDQYJKoZIhvcNAQELBQADggEBAB6F0lXouXKrw1X55gqr2zpFgNAlpOfM
SqloIN3ifzm7WNrAvfUFhCpoG+wecnwGEoTG0NG93GdWEkTEgXJTs7CULwt4De/7
SpG65qrFsdqKdfXQkVUldKMipVdy7gRQ9YvYfh93/LH2F9n0Z24uxUYT6eHuCcvT
1OFLLx5XLMRvZDBgtLBEtXk4w5KCwYPPg8EfAf8s9IJ5aoeIWfBnApoiJdCrGT3q
ca3+ETMINRVm3pn5JtzPDxOYfOj8UYrKb+1GjsZ0gUuTkRAhpKl0kp97LJ2fyp/J
zgeiBWFLXPbm/y5JHk/ErqNfbxnuAUSNMhaoQIZ5oB9Xkos0/+kFFrQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org