Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
File: 3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: M98LQL3hBhkc5lTg9UEy85hOBvbduOBkMb0HlsElKC8=
Subject key identifier: 15:F0:DF:D8:9D:B0:22:5C:19:D7:2C:9E:5B:F7:12:B4:EB:C1:D4:E5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3041F4617DDABF85215C3A936015B4F4A84BBD2B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:08:28 +0000
ROA not before: Sun 14 Jan 2024 18:03:28 +0000
ROA not after: Sun 12 Jan 2025 18:08:28 +0000
asID: 136787
IP address blocks: 194.32.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:41:f4:61:7d:da:bf:85:21:5c:3a:93:60:15:b4:f4:a8:4b:bd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:03:28 2024 GMT
Not After : Jan 12 18:08:28 2025 GMT
Subject: CN=15F0DFD89DB0225C19D72C9E5BF712B4EBC1D4E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:22:f0:ca:47:91:d3:9c:e5:41:a8:67:00:
fe:71:0c:fd:f5:40:46:2a:0d:ed:1e:a1:8e:66:c2:
49:c3:4b:a9:ee:3e:6e:70:03:96:b4:50:71:05:5e:
f5:69:bf:4a:94:00:c0:df:73:dc:e1:25:eb:32:11:
ea:9b:a5:9d:f9:9e:3f:d3:b0:d3:9d:9f:77:ff:28:
e3:0d:92:5a:64:87:13:f9:0e:88:31:37:b9:1c:63:
6b:24:de:09:70:d4:b1:f1:83:0b:ac:0d:f2:a2:76:
07:9c:d1:4d:2e:36:22:0a:94:88:e9:7b:da:81:16:
cc:74:44:51:95:89:76:34:87:34:04:2c:26:ea:93:
d4:c0:e2:9e:42:69:5c:72:5b:10:7e:a9:b8:ca:4a:
6f:a2:6a:1d:3c:dd:16:4e:17:d0:96:a0:f5:ce:20:
ab:3d:26:92:3c:44:fe:4f:e9:6e:64:2f:fc:c9:18:
c3:5a:33:91:89:e3:1e:66:73:cf:25:69:60:e0:9f:
5a:61:cd:8d:20:92:2e:7b:4e:31:b0:bd:56:37:e3:
e6:40:ac:5d:7c:5b:de:60:e9:35:a0:f9:f1:de:61:
7b:14:eb:32:d3:b9:6c:37:58:c6:84:41:c0:a8:db:
73:e5:2e:0f:e0:99:f8:42:b2:83:4a:57:31:b2:96:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F0:DF:D8:9D:B0:22:5C:19:D7:2C:9E:5B:F7:12:B4:EB:C1:D4:E5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.233.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a0:67:2a:ca:09:8f:be:60:51:f8:f2:ee:e2:12:b7:05:05:
86:09:27:fb:5f:b5:53:f7:c9:97:ef:62:c4:04:f9:77:47:07:
49:6d:32:35:28:8c:75:37:e7:1b:2b:db:b3:21:fb:65:2e:3b:
4b:38:46:9c:bb:bc:b2:92:b7:5b:a7:c7:c1:3c:7d:f3:0e:25:
8a:4b:f5:10:ea:64:a1:e2:4a:31:2c:7a:03:29:82:5c:51:35:
be:b1:f9:31:79:1a:c7:f2:56:c0:4e:12:ad:4a:76:01:06:9e:
22:3d:aa:f3:37:dc:74:8b:c1:af:29:70:ff:36:4e:b4:1c:57:
25:8b:ec:d6:39:e7:e0:a5:76:12:ad:fd:63:f3:ae:95:c8:45:
c6:c0:4d:1f:1c:07:bc:55:35:12:5b:a7:90:3d:36:1d:3f:61:
68:d9:fa:29:00:ec:84:66:5c:6f:e1:29:ad:a9:d6:00:c1:a4:
92:b8:dd:ac:ca:9b:4d:26:bc:0f:0f:47:88:5d:6a:cb:c8:21:
98:7a:28:d3:91:e1:cb:43:81:8f:52:0c:e0:09:94:c1:45:76:
0f:e0:89:c9:4c:35:cd:25:1c:2c:6a:90:17:87:bd:a7:58:df:
86:25:99:d3:da:95:ec:36:2d:0f:36:25:1e:19:3b:b6:c5:1c:
fa:42:4b:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMEH0YX3av4UhXDqTYBW09KhLvSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODAzMjhaFw0yNTAxMTIxODA4MjhaMDMxMTAvBgNV
BAMTKDE1RjBERkQ4OURCMDIyNUMxOUQ3MkM5RTVCRjcxMkI0RUJDMUQ0RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ6yLwykeR05zlQahnAP5xDP31
QEYqDe0eoY5mwknDS6nuPm5wA5a0UHEFXvVpv0qUAMDfc9zhJesyEeqbpZ35nj/T
sNOdn3f/KOMNklpkhxP5DogxN7kcY2sk3glw1LHxgwusDfKidgec0U0uNiIKlIjp
e9qBFsx0RFGViXY0hzQELCbqk9TA4p5CaVxyWxB+qbjKSm+iah083RZOF9CWoPXO
IKs9JpI8RP5P6W5kL/zJGMNaM5GJ4x5mc88laWDgn1phzY0gki57TjGwvVY34+ZA
rF18W95g6TWg+fHeYXsU6zLTuWw3WMaEQcCo23PlLg/gmfhCsoNKVzGyltm5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFfDf2J2wIlwZ1yyeW/cStOvB1OUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMzMyMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIOkwDQYJKoZIhvcNAQELBQADggEBAACgZyrKCY++YFH48u7iErcFBYYJJ/tf
tVP3yZfvYsQE+XdHB0ltMjUojHU35xsr27Mh+2UuO0s4Rpy7vLKSt1unx8E8ffMO
JYpL9RDqZKHiSjEsegMpglxRNb6x+TF5GsfyVsBOEq1KdgEGniI9qvM33HSLwa8p
cP82TrQcVyWL7NY55+CldhKt/WPzrpXIRcbATR8cB7xVNRJbp5A9Nh0/YWjZ+ikA
7IRmXG/hKa2p1gDBpJK43azKm00mvA8PR4hdasvIIZh6KNOR4ctDgY9SDOAJlMFF
dg/giclMNc0lHCxqkBeHvadY34YlmdPalew2LQ82JR4ZO7bFHPpCS+Y=
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org