Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
File: 3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa (raw, json)
Hash identifier: 6FLuTnVqzlgdut6BlN1UqUvPaDq06PCWgCg8o7T1MOs=
Subject key identifier: 00:1B:36:84:8E:94:3C:23:75:61:92:AC:26:1C:66:6E:11:B3:18:20
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 66B6CEC723861DFB361F186BC73AEF766E4A3B9E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
Signing time: Wed 01 May 2024 09:03:31 +0000
ROA not before: Wed 01 May 2024 08:58:31 +0000
ROA not after: Wed 30 Apr 2025 09:03:31 +0000
asID: 207594
IP address blocks: 195.179.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:b6:ce:c7:23:86:1d:fb:36:1f:18:6b:c7:3a:ef:76:6e:4a:3b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 08:58:31 2024 GMT
Not After : Apr 30 09:03:31 2025 GMT
Subject: CN=001B36848E943C23756192AC261C666E11B31820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8d:10:ce:6b:50:1f:d9:df:0f:db:e3:66:3c:
2e:40:10:af:e2:17:e2:77:e6:69:95:b2:73:ae:16:
89:e1:9e:cb:b1:94:bd:fb:6f:be:81:f1:a4:30:5b:
f2:37:4a:cc:12:e6:ca:e4:72:ca:ea:8e:a7:c8:9b:
dd:c6:b9:52:21:bb:c7:c5:bd:52:36:0a:f8:bf:40:
fc:6c:7d:ab:2f:27:65:c4:a8:57:6e:ec:ba:65:0d:
73:47:21:c7:09:8c:f3:7d:5c:0c:e3:95:ac:68:b3:
33:bb:7e:36:7c:51:79:a5:7b:f1:17:4e:f1:dc:73:
33:42:af:49:0e:f5:d5:71:d8:67:72:96:21:fb:5e:
f3:8a:b4:79:f8:86:c6:0d:30:04:86:a5:88:f9:90:
a8:35:7d:fe:5f:39:60:a4:88:d7:ff:bc:b9:85:b4:
65:47:29:5d:15:25:fa:17:7c:7b:4b:6f:27:90:e8:
a9:6e:41:61:68:b0:fa:75:d9:d1:ea:ee:23:e2:b4:
ae:97:60:c9:f0:25:8d:89:61:08:77:3f:26:de:c2:
e0:08:10:22:15:46:07:86:98:21:fb:48:04:45:62:
54:da:2f:b5:11:64:de:d0:48:f1:53:18:41:e1:8b:
80:9f:97:53:1a:78:76:96:22:67:1e:75:a5:19:55:
53:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1B:36:84:8E:94:3C:23:75:61:92:AC:26:1C:66:6E:11:B3:18:20
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:52:81:65:44:13:2f:41:21:52:fa:b8:85:e3:6f:e4:80:c7:
1b:15:fa:f9:00:5c:be:2e:65:43:8b:c2:7c:0b:e9:6b:2c:3c:
66:31:11:e7:af:bb:f7:f6:b9:85:44:c3:6d:42:a5:81:77:48:
1d:47:d7:f9:31:93:0a:08:52:1a:d2:a3:e8:1a:76:5f:33:c3:
42:72:a2:c7:a9:f1:19:6f:00:15:24:0b:09:23:a0:8c:81:4f:
ee:7c:1d:b4:99:04:bb:4a:5e:ac:cd:fd:83:f4:b7:cf:ac:b5:
3d:c8:3e:20:55:f5:15:b3:e6:9d:e5:27:08:7d:e5:30:ae:4f:
89:02:fc:3f:8b:ed:fc:8f:90:f8:9c:1e:39:86:c5:1c:7b:65:
04:4a:25:34:cf:11:e0:ef:98:b9:f7:85:fa:1f:7e:d6:3c:3d:
e2:f9:87:3e:3b:84:dc:0f:4f:15:d6:4d:cf:a4:c3:88:cc:4d:
9b:fa:cb:bf:6d:0c:cf:88:2d:bc:6f:cd:01:84:85:1f:2e:78:
1c:73:09:50:06:05:1f:4c:2e:73:1e:b6:e8:c3:97:fd:9d:04:
35:92:c5:60:74:53:c7:a6:22:1d:21:51:49:f5:c3:86:c7:e7:
c0:5a:71:66:34:27:26:e5:4d:74:6c:94:a3:a4:3c:44:2d:e5:
6d:54:b9:2b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZrbOxyOGHfs2Hxhrxzrvdm5KO54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDEwODU4MzFaFw0yNTA0MzAwOTAzMzFaMDMxMTAvBgNV
BAMTKDAwMUIzNjg0OEU5NDNDMjM3NTYxOTJBQzI2MUM2NjZFMTFCMzE4MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrjRDOa1Af2d8P2+NmPC5AEK/i
F+J35mmVsnOuFonhnsuxlL37b76B8aQwW/I3SswS5srkcsrqjqfIm93GuVIhu8fF
vVI2Cvi/QPxsfasvJ2XEqFdu7LplDXNHIccJjPN9XAzjlaxoszO7fjZ8UXmle/EX
TvHcczNCr0kO9dVx2GdyliH7XvOKtHn4hsYNMASGpYj5kKg1ff5fOWCkiNf/vLmF
tGVHKV0VJfoXfHtLbyeQ6KluQWFosPp12dHq7iPitK6XYMnwJY2JYQh3PybewuAI
ECIVRgeGmCH7SARFYlTaL7URZN7QSPFTGEHhi4Cfl1MaeHaWImcedaUZVVMPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUABs2hI6UPCN1YZKsJhxmbhGzGCAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzMzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNzM1MzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsOz6DANBgkqhkiG9w0BAQsFAAOCAQEATFKBZUQTL0EhUvq4heNv5IDHGxX6
+QBcvi5lQ4vCfAvpayw8ZjER56+79/a5hUTDbUKlgXdIHUfX+TGTCghSGtKj6Bp2
XzPDQnKix6nxGW8AFSQLCSOgjIFP7nwdtJkEu0perM39g/S3z6y1Pcg+IFX1FbPm
neUnCH3lMK5PiQL8P4vt/I+Q+JweOYbFHHtlBEolNM8R4O+YufeF+h9+1jw94vmH
PjuE3A9PFdZNz6TDiMxNm/rLv20Mz4gtvG/NAYSFHy54HHMJUAYFH0wucx626MOX
/Z0ENZLFYHRTx6YiHSFRSfXDhsfnwFpxZjQnJuVNdGyUo6Q8RC3lbVS5Kw==
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org