Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32342d3234203d3e20313336373837.roa
File: 3139342e33322e3233322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: qrcFjQO0agoBgnXGcpg09UHi9a2XGY5noDAqY4dsh+0=
Subject key identifier: 92:9C:1C:89:EC:E6:21:E2:3A:10:FE:F7:8D:BD:C7:E6:6C:AF:03:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1819C848B42F5138613DB4FD7C311D179434DB21
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:08:17 +0000
ROA not before: Sun 14 Jan 2024 18:03:17 +0000
ROA not after: Sun 12 Jan 2025 18:08:17 +0000
asID: 136787
IP address blocks: 194.32.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:19:c8:48:b4:2f:51:38:61:3d:b4:fd:7c:31:1d:17:94:34:db:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:03:17 2024 GMT
Not After : Jan 12 18:08:17 2025 GMT
Subject: CN=929C1C89ECE621E23A10FEF78DBDC7E66CAF035A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dd:d0:26:6d:70:17:0d:88:5c:4c:89:77:30:
b5:41:63:a7:f4:d1:d2:5e:50:63:ae:e9:72:bd:6d:
e5:4e:40:c6:6f:b8:19:4b:b7:2f:18:a6:51:50:5c:
30:41:ac:d7:6b:de:59:54:69:6c:b1:3c:c7:fd:60:
b8:cb:2d:aa:e9:64:84:cb:7c:57:ac:78:41:21:ff:
b6:b9:79:f5:96:2c:5e:60:fd:e2:ad:db:d0:1f:54:
b3:a9:d6:5b:28:5f:0f:6f:fa:3e:46:bb:4a:0e:cd:
07:d7:3f:0d:1b:ac:0a:0d:d3:54:aa:11:70:e0:ce:
3c:0f:d4:c8:ef:0e:e0:6b:54:4a:b1:6a:d5:6b:3b:
87:2a:cc:80:b6:06:cd:24:1d:e7:e7:76:36:10:e1:
a1:ee:72:9a:da:a3:db:b4:57:12:2f:d8:c2:96:5d:
e2:e0:51:67:da:13:05:3c:8f:c0:71:ff:c1:c0:cc:
60:b7:6d:18:8d:d4:7f:aa:28:f2:22:b6:6a:5d:cb:
24:1c:e9:d3:af:f7:3b:13:4e:11:1e:5e:9f:92:96:
c1:1e:f5:e9:74:42:c7:41:45:3c:6b:cf:09:13:95:
04:7e:52:c2:2e:53:02:e5:02:10:c2:92:4a:23:a2:
8a:31:70:65:83:a2:b5:99:10:c2:66:1e:8a:db:de:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9C:1C:89:EC:E6:21:E2:3A:10:FE:F7:8D:BD:C7:E6:6C:AF:03:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.232.0/24
Signature Algorithm: sha256WithRSAEncryption
59:a5:6a:0a:dd:4e:aa:cb:cf:6f:e9:d9:19:6f:99:5c:54:69:
c2:9d:a3:bc:99:6c:b3:b8:c8:50:ee:36:72:17:75:c2:22:24:
3a:75:88:a5:ac:f3:2f:6e:be:96:6e:e2:9a:12:67:0d:49:ce:
07:84:c5:2f:07:c1:44:2c:6d:ea:82:8b:15:69:8d:2f:fb:a7:
db:6d:cf:71:74:ed:d2:8e:99:aa:b1:f7:b7:15:9d:87:f5:d4:
16:19:10:0e:8b:56:5f:b9:0d:0d:12:d7:cf:8f:d0:6f:ae:0c:
bb:bf:9e:0d:85:92:dd:f4:eb:29:0c:26:0b:ea:c7:da:b8:b2:
b8:c3:f9:f9:2d:e1:03:8e:b9:88:43:a2:3e:18:9c:1a:52:ed:
97:99:a7:c3:e2:28:cc:b5:f0:6b:a4:9d:99:b9:9f:d8:a6:b9:
ba:b3:b4:bf:7e:52:78:5b:a1:48:98:68:cd:ee:e4:d8:bf:7b:
ad:68:ce:7d:36:2e:77:d0:3d:32:2d:29:b3:19:67:22:9e:7e:
f4:07:70:7c:62:ca:6a:63:f4:28:4a:3c:0b:a8:f8:21:dd:94:
f2:c4:99:b3:88:18:b9:29:5b:10:ca:f7:68:8d:37:c0:35:50:
ee:8e:75:2b:31:7b:9d:b8:69:8a:79:05:f5:7c:fa:f6:3f:3a:
50:e4:89:a5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGBnISLQvUThhPbT9fDEdF5Q02yEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODAzMTdaFw0yNTAxMTIxODA4MTdaMDMxMTAvBgNV
BAMTKDkyOUMxQzg5RUNFNjIxRTIzQTEwRkVGNzhEQkRDN0U2NkNBRjAzNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV3dAmbXAXDYhcTIl3MLVBY6f0
0dJeUGOu6XK9beVOQMZvuBlLty8YplFQXDBBrNdr3llUaWyxPMf9YLjLLarpZITL
fFeseEEh/7a5efWWLF5g/eKt29AfVLOp1lsoXw9v+j5Gu0oOzQfXPw0brAoN01Sq
EXDgzjwP1MjvDuBrVEqxatVrO4cqzIC2Bs0kHefndjYQ4aHucprao9u0VxIv2MKW
XeLgUWfaEwU8j8Bx/8HAzGC3bRiN1H+qKPIitmpdyyQc6dOv9zsTThEeXp+SlsEe
9el0QsdBRTxrzwkTlQR+UsIuUwLlAhDCkkojoooxcGWDorWZEMJmHorb3jkNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkpwciezmIeI6EP73jb3H5myvA1owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMzMyMmUzMjMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIOgwDQYJKoZIhvcNAQELBQADggEBAFmlagrdTqrLz2/p2RlvmVxUacKdo7yZ
bLO4yFDuNnIXdcIiJDp1iKWs8y9uvpZu4poSZw1JzgeExS8HwUQsbeqCixVpjS/7
p9ttz3F07dKOmaqx97cVnYf11BYZEA6LVl+5DQ0S18+P0G+uDLu/ng2Fkt306ykM
Jgvqx9q4srjD+fkt4QOOuYhDoj4YnBpS7ZeZp8PiKMy18GuknZm5n9imubqztL9+
UnhboUiYaM3u5Ni/e61ozn02LnfQPTItKbMZZyKefvQHcHxiympj9ChKPAuo+CHd
lPLEmbOIGLkpWxDK92iNN8A1UO6OdSsxe524aYp5BfV8+vY/OlDkiaU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:57 2024 by rpki-client on console-fra.rpki-client.org