Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
File: 3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QLEuo2nrLE/VvCooig+XOgYYeGyV4ElQKgbUhoRi3jU=
Subject key identifier: 6B:B4:65:A3:D4:5A:01:07:39:B7:9B:84:0D:79:C2:CA:36:06:10:CA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6AA00198F99EFE1DEFE0F55A89155E29E9E49108
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Dec 2024 18:44:30 +0000
ROA not before: Sun 15 Dec 2024 18:39:30 +0000
ROA not after: Sun 14 Dec 2025 18:44:30 +0000
asID: 136787
IP address blocks: 194.32.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:a0:01:98:f9:9e:fe:1d:ef:e0:f5:5a:89:15:5e:29:e9:e4:91:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 15 18:39:30 2024 GMT
Not After : Dec 14 18:44:30 2025 GMT
Subject: CN=6BB465A3D45A010739B79B840D79C2CA360610CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:70:9f:42:09:a0:20:85:f1:62:be:d5:2d:b8:
6c:96:85:ea:d9:b2:b5:dd:2e:78:0b:0c:3b:9f:8b:
83:1b:d5:07:4f:18:32:76:35:d2:83:a2:66:f2:77:
a0:f3:a5:fa:e6:00:21:7e:0c:4d:81:3a:18:f5:e6:
00:fe:d7:46:0a:5c:8d:b3:92:9a:16:56:03:53:02:
9e:87:c2:89:0d:0a:b6:c8:63:a3:77:be:6a:95:3d:
39:78:ed:f4:2d:b6:80:3f:80:ab:34:fa:94:84:d8:
87:f4:9b:8c:aa:84:02:78:25:4d:b3:e0:45:12:64:
3e:9e:1b:3c:c1:c7:09:09:a5:26:b4:96:fe:e2:55:
48:06:f2:3b:0d:f4:0a:cd:7a:7d:3a:40:a2:84:00:
16:79:23:28:80:51:a0:bb:d3:b4:74:ff:1a:3c:f4:
53:23:cb:70:61:a6:94:34:9d:02:4a:04:ca:d2:9a:
06:8f:4f:91:29:30:68:e2:b4:73:fa:e4:58:4c:35:
bf:c8:99:c2:4c:08:ce:5a:3a:48:76:11:20:cd:de:
91:a5:2d:e8:c8:0e:81:24:93:55:a4:01:48:ab:92:
0e:05:41:fb:d2:fb:9d:ff:a1:ab:e6:29:3d:ae:b5:
f1:fb:5f:f3:e1:75:3c:c6:9a:b6:9a:a5:cd:9a:cc:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B4:65:A3:D4:5A:01:07:39:B7:9B:84:0D:79:C2:CA:36:06:10:CA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.233.0/24
Signature Algorithm: sha256WithRSAEncryption
39:bd:6a:d0:91:8a:e9:2d:6c:ad:43:c1:86:8b:4d:d5:6e:b4:
0a:a8:f7:3b:15:ff:68:91:ad:20:5d:92:27:29:45:39:24:36:
ae:2a:a2:72:92:ad:c6:dc:19:ee:ff:11:35:21:a5:d2:25:83:
3f:31:fa:15:c7:d4:3a:a2:2f:55:e5:3e:66:e3:08:66:2c:00:
61:5f:78:22:8e:08:85:4e:a9:3e:c1:76:42:7c:f1:e1:33:c5:
95:be:59:3b:7a:f0:b0:e1:2e:6a:a7:49:b4:99:40:f3:f2:62:
cf:9d:0e:08:4f:7e:87:f6:02:76:f5:ec:5f:4e:61:f6:d6:de:
a4:0c:ba:a6:aa:4a:a9:51:02:0a:ab:a0:25:c6:87:0f:3e:c9:
93:c7:c7:46:55:a4:4c:9e:05:44:f4:cd:24:59:0a:d5:a0:16:
c0:b0:28:39:6c:62:af:1f:5d:5b:80:c6:16:5c:7f:30:50:68:
fb:7c:4e:34:92:2a:d3:a6:dc:93:ea:c4:37:56:85:d5:49:8d:
5b:1c:5a:c4:0d:48:88:9c:9a:c8:56:fe:85:7e:05:28:ab:f1:
78:6c:66:b0:8c:29:b3:68:ae:5f:b6:95:d3:13:27:39:56:39:
93:ae:cc:4e:ef:93:34:e5:e4:e8:7f:0e:82:1b:1f:7b:bc:7c:
f3:15:bd:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaqABmPme/h3v4PVaiRVeKenkkQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMTUxODM5MzBaFw0yNTEyMTQxODQ0MzBaMDMxMTAvBgNV
BAMTKDZCQjQ2NUEzRDQ1QTAxMDczOUI3OUI4NDBENzlDMkNBMzYwNjEwQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmcJ9CCaAghfFivtUtuGyWherZ
srXdLngLDDufi4Mb1QdPGDJ2NdKDombyd6DzpfrmACF+DE2BOhj15gD+10YKXI2z
kpoWVgNTAp6HwokNCrbIY6N3vmqVPTl47fQttoA/gKs0+pSE2If0m4yqhAJ4JU2z
4EUSZD6eGzzBxwkJpSa0lv7iVUgG8jsN9ArNen06QKKEABZ5IyiAUaC707R0/xo8
9FMjy3BhppQ0nQJKBMrSmgaPT5EpMGjitHP65FhMNb/ImcJMCM5aOkh2ESDN3pGl
LejIDoEkk1WkAUirkg4FQfvS+53/oavmKT2utfH7X/PhdTzGmraapc2azGgbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUa7Rlo9RaAQc5t5uEDXnCyjYGEMowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMzMyMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIOkwDQYJKoZIhvcNAQELBQADggEBADm9atCRiuktbK1DwYaLTdVutAqo9zsV
/2iRrSBdkicpRTkkNq4qonKSrcbcGe7/ETUhpdIlgz8x+hXH1DqiL1XlPmbjCGYs
AGFfeCKOCIVOqT7BdkJ88eEzxZW+WTt68LDhLmqnSbSZQPPyYs+dDghPfof2Anb1
7F9OYfbW3qQMuqaqSqlRAgqroCXGhw8+yZPHx0ZVpEyeBUT0zSRZCtWgFsCwKDls
Yq8fXVuAxhZcfzBQaPt8TjSSKtOm3JPqxDdWhdVJjVscWsQNSIicmshW/oV+BSir
8XhsZrCMKbNorl+2ldMTJzlWOZOuzE7vkzTl5Oh/DoIbH3u8fPMVvfA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:43 2025 by rpki-client