Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233342e302f32342d3234203d3e20313336373837.roa
File: 3139342e33322e3233342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +oxkK3gYsWJDy9FsvgrU62YSLM5zrVJxA24BSpX/gfA=
Subject key identifier: 28:E2:57:74:60:B8:BA:94:96:0B:84:70:7C:C7:73:58:84:AD:B9:8A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4EF63770246B535C9D4E31047696DE9591AF7C2F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:08:37 +0000
ROA not before: Sun 14 Jan 2024 18:03:37 +0000
ROA not after: Sun 12 Jan 2025 18:08:37 +0000
asID: 136787
IP address blocks: 194.32.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f6:37:70:24:6b:53:5c:9d:4e:31:04:76:96:de:95:91:af:7c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:03:37 2024 GMT
Not After : Jan 12 18:08:37 2025 GMT
Subject: CN=28E2577460B8BA94960B84707CC7735884ADB98A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b9:5d:c9:c3:ce:37:2a:75:d7:ec:19:54:fb:
fd:84:5e:bd:2b:e8:34:3d:d5:9b:ed:82:b5:c6:db:
55:3c:b0:30:1b:ab:2d:95:58:c3:ac:57:1a:ad:91:
5c:50:59:f0:90:22:7b:a1:1e:20:40:88:8a:7d:67:
b6:dc:60:7f:9a:52:0a:3a:e0:e2:e8:41:2c:87:2e:
78:9d:8b:12:a1:e0:64:be:c9:45:82:6c:c7:37:01:
3b:4b:58:0a:96:5e:e3:42:2f:ca:7c:65:44:98:5f:
40:1c:24:c4:4b:2e:ab:9b:7c:0a:ba:a0:77:6f:35:
b5:36:1f:41:e0:80:07:79:6c:6e:07:72:5e:15:0e:
56:26:76:87:97:c7:dd:9c:cb:62:ec:44:bf:43:d8:
b3:bb:65:0d:ad:99:bc:de:29:63:4b:d8:4e:cc:59:
e8:3d:1a:d2:a8:d7:5e:15:b0:b8:15:d1:eb:f3:ae:
3a:55:b4:ee:7d:33:ce:ed:a4:f0:20:43:ac:52:0c:
47:17:f4:4f:70:b7:f1:6a:c9:52:d2:a8:fa:25:a4:
e9:7d:25:4a:d4:9f:ec:97:51:6f:2c:13:5c:bd:cf:
fe:ec:53:ce:88:83:49:7f:2d:c4:46:a7:5c:47:1b:
6d:10:e2:59:98:0f:b5:b0:91:59:f7:63:92:37:d7:
04:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E2:57:74:60:B8:BA:94:96:0B:84:70:7C:C7:73:58:84:AD:B9:8A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.234.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a5:a7:3a:7d:4c:c3:c7:15:32:f3:86:58:dc:f8:39:57:d0:
47:fe:3d:05:62:79:20:44:18:e4:ab:2e:44:71:cc:7f:b8:3c:
a1:b4:27:92:66:60:fe:a8:af:f1:be:f4:bf:ad:5f:ff:08:33:
fd:2f:3d:66:ca:7b:83:fb:32:1b:7e:e5:27:01:b7:f4:68:9e:
07:c4:5a:66:ea:74:df:ff:84:f3:f6:9b:3b:bd:68:32:cf:a5:
08:f2:1d:e1:3b:2b:fd:b5:0b:ad:69:68:47:15:92:43:13:1d:
d9:4a:5c:c4:56:f9:94:0d:65:db:10:16:57:65:08:af:03:ab:
56:16:dd:b3:2e:68:82:f8:91:e9:79:05:92:f3:8b:05:14:68:
b4:ee:7f:b9:9c:e9:3e:ed:85:10:9e:54:61:ca:1a:12:e6:01:
59:f9:28:20:94:cb:cd:0e:ee:ba:15:23:86:29:08:68:fd:5a:
22:82:d5:31:30:43:a0:e6:c0:d2:53:f5:53:9b:07:cf:a8:14:
0d:f0:4a:c5:78:cb:5c:8a:01:ce:fb:c7:cd:96:60:35:b3:43:
1f:1a:cd:80:d8:7e:ce:1e:07:6a:c6:b9:b7:5b:73:33:78:5f:
11:0f:18:c9:4e:02:dc:4f:7a:6d:aa:74:7f:29:0c:73:46:e7:
a1:de:a6:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTvY3cCRrU1ydTjEEdpbelZGvfC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODAzMzdaFw0yNTAxMTIxODA4MzdaMDMxMTAvBgNV
BAMTKDI4RTI1Nzc0NjBCOEJBOTQ5NjBCODQ3MDdDQzc3MzU4ODRBREI5OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHuV3Jw843KnXX7BlU+/2EXr0r
6DQ91ZvtgrXG21U8sDAbqy2VWMOsVxqtkVxQWfCQInuhHiBAiIp9Z7bcYH+aUgo6
4OLoQSyHLnidixKh4GS+yUWCbMc3ATtLWAqWXuNCL8p8ZUSYX0AcJMRLLqubfAq6
oHdvNbU2H0HggAd5bG4Hcl4VDlYmdoeXx92cy2LsRL9D2LO7ZQ2tmbzeKWNL2E7M
Weg9GtKo114VsLgV0evzrjpVtO59M87tpPAgQ6xSDEcX9E9wt/FqyVLSqPolpOl9
JUrUn+yXUW8sE1y9z/7sU86Ig0l/LcRGp1xHG20Q4lmYD7WwkVn3Y5I31wRnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKOJXdGC4upSWC4RwfMdzWIStuYowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMzMyMmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIOowDQYJKoZIhvcNAQELBQADggEBADalpzp9TMPHFTLzhljc+DlX0Ef+PQVi
eSBEGOSrLkRxzH+4PKG0J5JmYP6or/G+9L+tX/8IM/0vPWbKe4P7Mht+5ScBt/Ro
ngfEWmbqdN//hPP2mzu9aDLPpQjyHeE7K/21C61paEcVkkMTHdlKXMRW+ZQNZdsQ
FldlCK8Dq1YW3bMuaIL4kel5BZLziwUUaLTuf7mc6T7thRCeVGHKGhLmAVn5KCCU
y80O7roVI4YpCGj9WiKC1TEwQ6DmwNJT9VObB8+oFA3wSsV4y1yKAc77x82WYDWz
Qx8azYDYfs4eB2rGubdbczN4XxEPGMlOAtxPem2qdH8pDHNG56HephI=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:24 2024 by rpki-client on console-fra.rpki-client.org