Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e31362e302f32312d3231203d3e203437353833.roa
File: 3139342e3233382e31362e302f32312d3231203d3e203437353833.roa (raw, json)
Hash identifier: DnrAp6MYqtAI2DwwU643WG6l7iT5553c0MOZ7yHrIpY=
Subject key identifier: 3A:CA:D9:02:27:E2:D3:20:03:92:C4:CB:0F:67:D5:5F:5E:5B:EF:C0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A3E58FDFF59031AA1734786DC86CF4679979273
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e31362e302f32312d3231203d3e203437353833.roa
Signing time: Wed 15 May 2024 19:15:54 +0000
ROA not before: Wed 15 May 2024 19:10:54 +0000
ROA not after: Wed 14 May 2025 19:15:54 +0000
asID: 47583
IP address blocks: 194.238.16.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3e:58:fd:ff:59:03:1a:a1:73:47:86:dc:86:cf:46:79:97:92:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 15 19:10:54 2024 GMT
Not After : May 14 19:15:54 2025 GMT
Subject: CN=3ACAD90227E2D3200392C4CB0F67D55F5E5BEFC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:60:f8:e5:88:b9:a4:48:28:37:b8:ae:2d:d4:
fd:9c:71:5b:a1:a4:95:86:de:b2:59:b9:96:d0:b0:
37:92:f1:7d:b9:bb:ad:63:aa:ed:98:38:20:4b:6f:
a6:18:93:1c:90:24:59:d6:e8:61:b4:4d:fd:1e:d5:
be:38:91:96:aa:60:14:d2:1b:5d:34:41:c7:b2:5a:
45:cd:b0:3c:04:ba:1a:17:16:f1:f1:36:d7:76:3f:
e8:ea:d4:2d:89:6b:3f:c7:79:d4:7f:1a:fc:2e:96:
c8:5b:2a:10:9a:15:88:45:dd:82:43:d1:64:60:cf:
96:45:89:b1:39:eb:8a:04:c0:04:df:33:91:d6:6c:
db:de:0a:04:41:22:41:51:2a:f4:b6:4c:3a:2f:97:
78:66:17:1c:81:89:b7:cd:f3:1d:e5:1f:95:9a:04:
02:7b:89:9b:15:37:d3:3e:48:37:ff:ba:f3:69:8b:
f4:56:65:48:cf:7e:f4:67:b3:ed:50:89:26:8c:98:
d0:e1:35:72:70:af:f9:26:9d:33:28:20:e9:e5:83:
86:a5:1f:ee:8a:6f:fa:eb:81:df:6b:c3:41:5f:bd:
43:0f:cd:de:69:51:ea:98:48:01:24:a5:62:5f:cd:
f5:27:50:cb:bf:95:12:d6:5f:28:a7:0a:0a:68:eb:
3f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CA:D9:02:27:E2:D3:20:03:92:C4:CB:0F:67:D5:5F:5E:5B:EF:C0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e31362e302f32312d3231203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.16.0/21
Signature Algorithm: sha256WithRSAEncryption
50:79:6e:b7:37:a0:35:f7:f5:eb:f2:ec:67:b1:c2:25:22:94:
c6:6d:19:25:f1:2c:53:5a:51:62:6c:85:8e:2c:e6:6a:f7:c4:
43:1c:4e:04:37:ea:42:3d:b5:44:fc:bc:ac:3c:e0:3a:a6:98:
48:88:33:fb:93:fe:e9:cb:ca:95:e9:dc:4a:4f:be:1c:38:a9:
a7:51:d9:f0:4a:49:15:a2:01:6d:d9:fd:b8:52:40:d5:a4:df:
db:c5:2a:17:ea:00:83:41:1d:ad:67:7d:72:ab:db:15:5c:62:
51:1f:a4:cc:dc:45:fb:11:3a:b6:cc:2e:78:c7:a5:d9:70:2d:
b9:16:32:95:36:5b:4d:84:32:9b:aa:db:41:6b:e7:53:0c:1c:
14:e0:c8:1f:8e:f4:59:43:b7:da:45:7a:e2:85:74:ae:53:1d:
0e:ac:52:02:e9:19:bc:93:25:63:b6:42:f8:f0:bd:51:d8:43:
2c:d7:69:dc:e7:0c:b9:69:3a:20:c7:4b:51:79:54:82:36:29:
51:a3:83:ea:15:e4:bf:13:ca:a0:a3:8b:3e:be:fb:bb:df:84:
10:a9:df:63:70:ef:fd:18:56:92:65:b8:73:54:30:6c:fc:0b:
7a:80:13:ba:29:d8:a4:89:dc:43:15:48:01:00:ec:4f:97:70:
ca:7b:83:b1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWj5Y/f9ZAxqhc0eG3IbPRnmXknMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MTUxOTEwNTRaFw0yNTA1MTQxOTE1NTRaMDMxMTAvBgNV
BAMTKDNBQ0FEOTAyMjdFMkQzMjAwMzkyQzRDQjBGNjdENTVGNUU1QkVGQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9YPjliLmkSCg3uK4t1P2ccVuh
pJWG3rJZuZbQsDeS8X25u61jqu2YOCBLb6YYkxyQJFnW6GG0Tf0e1b44kZaqYBTS
G100QceyWkXNsDwEuhoXFvHxNtd2P+jq1C2Jaz/HedR/GvwulshbKhCaFYhF3YJD
0WRgz5ZFibE564oEwATfM5HWbNveCgRBIkFRKvS2TDovl3hmFxyBibfN8x3lH5Wa
BAJ7iZsVN9M+SDf/uvNpi/RWZUjPfvRns+1QiSaMmNDhNXJwr/kmnTMoIOnlg4al
H+6Kb/rrgd9rw0FfvUMPzd5pUeqYSAEkpWJfzfUnUMu/lRLWXyinCgpo6z+lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOsrZAifi0yADksTLD2fVX15b78AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzgyZTMx
MzYyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wu4QMA0GCSqGSIb3DQEBCwUAA4IBAQBQeW63N6A19/Xr8uxnscIlIpTGbRkl8SxT
WlFibIWOLOZq98RDHE4EN+pCPbVE/LysPOA6pphIiDP7k/7py8qV6dxKT74cOKmn
UdnwSkkVogFt2f24UkDVpN/bxSoX6gCDQR2tZ31yq9sVXGJRH6TM3EX7ETq2zC54
x6XZcC25FjKVNltNhDKbqttBa+dTDBwU4MgfjvRZQ7faRXrihXSuUx0OrFIC6Rm8
kyVjtkL48L1R2EMs12nc5wy5aTogx0tReVSCNilRo4PqFeS/E8qgo4s+vvu734QQ
qd9jcO/9GFaSZbhzVDBs/At6gBO6KdikidxDFUgBAOxPl3DKe4Ox
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:39:59 2024 by rpki-client on console-ams.rpki-client.org