Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e32342e302f32312d3332203d3e203430303231.roa
File: 3139342e3233382e32342e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: 6tpULUV+heQL8f1er2Z5Z0+rLl5qOabPJRsjxI1w920=
Subject key identifier: 57:CD:87:66:3D:75:E9:80:5A:11:50:21:CE:B8:51:EE:09:60:43:61
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5EAD99C72D8B2DC1AE8E973DCF2534452BA35BE0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e32342e302f32312d3332203d3e203430303231.roa
Signing time: Sat 04 May 2024 09:28:36 +0000
ROA not before: Sat 04 May 2024 09:23:36 +0000
ROA not after: Sat 03 May 2025 09:28:36 +0000
asID: 40021
IP address blocks: 194.238.24.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ad:99:c7:2d:8b:2d:c1:ae:8e:97:3d:cf:25:34:45:2b:a3:5b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 4 09:23:36 2024 GMT
Not After : May 3 09:28:36 2025 GMT
Subject: CN=57CD87663D75E9805A115021CEB851EE09604361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ac:68:0c:36:fb:9b:be:89:27:a4:58:e8:87:
99:47:be:14:86:e7:10:e0:00:44:4b:b4:5c:9c:2f:
aa:8e:e2:d6:7b:00:57:fd:de:11:c6:92:1d:48:c0:
90:c1:17:d6:f0:7e:18:91:da:78:dc:5c:cf:d2:2f:
31:f6:e9:9e:28:66:30:41:f4:7c:18:5c:74:eb:c7:
f7:75:80:18:11:a9:17:98:f7:c8:5c:f9:01:a2:b9:
00:f2:34:1e:1e:be:77:30:3a:55:f2:fa:d8:e0:f1:
ad:42:16:cb:18:4d:bd:f7:bd:86:94:cc:f3:4a:cc:
b7:02:3d:10:39:e9:61:fe:fa:6f:1d:15:8f:cb:80:
93:60:43:17:85:b2:98:a5:9a:29:3d:59:67:04:1a:
9b:3f:98:68:53:6b:1b:28:e3:be:1d:af:7c:8f:b5:
21:6f:80:ef:5f:d4:ad:3f:b1:35:20:73:b7:2f:52:
05:52:54:46:8d:d5:23:70:70:37:93:6c:91:4b:4c:
a9:90:20:8d:d5:db:70:aa:12:87:1c:6e:75:60:fa:
f9:73:0b:5e:db:03:45:66:e7:47:d9:ac:db:ee:66:
fa:a9:55:e3:2e:26:1c:41:8e:2b:83:01:9b:b6:6d:
70:3e:80:db:17:87:1b:f2:ad:98:d5:4d:6e:a6:a3:
50:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CD:87:66:3D:75:E9:80:5A:11:50:21:CE:B8:51:EE:09:60:43:61
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233382e32342e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.24.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:bc:93:94:00:0a:66:58:e9:1a:a9:8a:3b:d6:30:75:0d:5b:
c8:de:ec:7f:a5:f0:e6:9d:98:21:8b:72:c6:55:92:90:19:15:
9d:78:40:12:cd:81:14:e7:55:fa:06:b3:33:86:8d:a9:0b:3b:
e1:8b:3b:91:1f:f1:8f:3b:72:55:cf:f5:70:f5:13:d1:f5:93:
34:07:8e:0a:30:d1:5b:9f:9f:d3:e2:45:81:f5:7b:54:7f:10:
ee:9f:43:77:ba:8a:17:17:54:e8:bb:fd:4b:3d:ef:d8:43:4e:
29:3a:8a:ea:d8:52:86:16:ff:4d:82:01:a4:ea:4d:ab:4d:b4:
ed:f9:f2:e5:5a:e2:28:1f:fd:1e:9e:90:8c:e1:05:cf:3f:f4:
10:c6:fc:fd:e9:84:80:f5:7e:02:be:04:1b:e5:e6:b4:f0:94:
42:92:5a:28:b0:09:2c:7e:d3:e0:df:7d:a8:c6:03:b6:3c:ab:
13:bf:ca:27:37:31:06:80:8f:8e:4e:d1:65:c0:bc:d1:ef:1b:
99:05:24:c5:d1:9c:b4:b7:3c:24:1b:68:bd:01:8b:99:29:92:
6b:75:8b:d1:84:f7:ac:ea:dd:39:e8:dd:09:80:c5:4d:b8:dd:
77:51:51:3d:1c:aa:eb:9a:ef:bf:d0:90:b2:69:06:31:ac:89:
43:cf:e9:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXq2Zxy2LLcGujpc9zyU0RSujW+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDQwOTIzMzZaFw0yNTA1MDMwOTI4MzZaMDMxMTAvBgNV
BAMTKDU3Q0Q4NzY2M0Q3NUU5ODA1QTExNTAyMUNFQjg1MUVFMDk2MDQzNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClrGgMNvubvoknpFjoh5lHvhSG
5xDgAERLtFycL6qO4tZ7AFf93hHGkh1IwJDBF9bwfhiR2njcXM/SLzH26Z4oZjBB
9HwYXHTrx/d1gBgRqReY98hc+QGiuQDyNB4evncwOlXy+tjg8a1CFssYTb33vYaU
zPNKzLcCPRA56WH++m8dFY/LgJNgQxeFspilmik9WWcEGps/mGhTaxso474dr3yP
tSFvgO9f1K0/sTUgc7cvUgVSVEaN1SNwcDeTbJFLTKmQII3V23CqEoccbnVg+vlz
C17bA0Vm50fZrNvuZvqpVeMuJhxBjiuDAZu2bXA+gNsXhxvyrZjVTW6mo1DfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUV82HZj116YBaEVAhzrhR7glgQ2EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzgyZTMy
MzQyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wu4YMA0GCSqGSIb3DQEBCwUAA4IBAQArvJOUAApmWOkaqYo71jB1DVvI3ux/pfDm
nZghi3LGVZKQGRWdeEASzYEU51X6BrMzho2pCzvhizuRH/GPO3JVz/Vw9RPR9ZM0
B44KMNFbn5/T4kWB9XtUfxDun0N3uooXF1Tou/1LPe/YQ04pOorq2FKGFv9NggGk
6k2rTbTt+fLlWuIoH/0enpCM4QXPP/QQxvz96YSA9X4CvgQb5ea08JRCkloosAks
ftPg332oxgO2PKsTv8onNzEGgI+OTtFlwLzR7xuZBSTF0Zy0tzwkG2i9AYuZKZJr
dYvRhPes6t056N0JgMVNuN13UVE9HKrrmu+/0JCyaQYxrIlDz+mw
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org