Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: rOm9i/8nGKcmNSqtMuVu/Ivg/PzvkEZumi8l6leDz80=
Subject key identifier: 4C:F7:E1:F6:A5:A2:41:CF:21:09:F7:10:80:8B:08:8D:B2:6B:B8:BD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 68FA1811DC94C70BDC46E68AC1BC6514F96BD8CC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:33 +0000
ROA not before: Tue 25 Jun 2024 21:42:33 +0000
ROA not after: Tue 24 Jun 2025 21:47:33 +0000
asID: 204170
IP address blocks: 195.200.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:fa:18:11:dc:94:c7:0b:dc:46:e6:8a:c1:bc:65:14:f9:6b:d8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:33 2024 GMT
Not After : Jun 24 21:47:33 2025 GMT
Subject: CN=4CF7E1F6A5A241CF2109F710808B088DB26BB8BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c7:a8:be:2a:68:2d:ac:29:fd:30:da:3a:3f:
d2:a7:f5:cc:0f:1e:b7:07:76:7c:1c:17:b0:14:ae:
bf:d1:1c:ae:71:43:fd:96:2c:43:00:14:eb:64:14:
23:6f:b1:a7:36:e8:b3:79:9c:81:65:c0:71:3a:92:
57:65:df:53:45:4a:80:02:81:bb:90:4b:7e:82:22:
ae:a5:48:63:f1:f7:a0:67:ed:73:0c:4d:ba:bf:63:
a0:47:b9:69:8b:5e:e6:66:98:5e:44:a9:f0:39:0d:
40:8d:d2:01:5d:d8:9b:aa:d4:9a:0d:d8:6f:dd:27:
69:5d:97:c8:8d:12:76:65:11:fe:53:a3:7f:ad:45:
f2:d3:66:9f:42:7f:6e:e0:0f:85:c3:66:18:21:1f:
a5:ce:e6:80:88:22:43:b4:7d:da:af:fd:dd:ca:ed:
b7:f2:69:77:75:11:ef:e9:2a:8e:11:7d:eb:1f:06:
f8:be:6f:ff:a1:a9:1f:42:a7:77:17:02:f5:ad:b8:
7a:3b:fc:7b:ce:7f:28:ed:47:54:d0:af:b4:e8:02:
41:8b:2a:67:cd:19:97:d6:d5:c6:97:8f:15:53:c5:
5e:4b:5a:a1:8b:47:6e:77:42:76:b9:4f:1d:7a:fd:
38:85:8c:3a:b7:ef:91:61:47:37:ec:53:da:4f:95:
6f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F7:E1:F6:A5:A2:41:CF:21:09:F7:10:80:8B:08:8D:B2:6B:B8:BD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.210.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ee:6d:22:ea:64:90:44:c5:41:78:fe:15:78:cd:a6:79:62:
62:34:54:80:fe:7f:c4:2b:4d:1d:b3:7a:b5:ec:d8:2e:59:9a:
39:dd:5f:f5:bd:a9:a6:4a:12:64:63:38:2e:77:01:11:84:13:
9e:5b:f6:93:34:38:64:87:cf:d7:ab:7e:8a:48:9f:eb:b5:e9:
7e:69:97:52:bd:c4:0a:98:64:4f:c2:e2:20:ef:1e:2c:af:89:
14:93:51:91:0f:e8:f3:71:86:c2:76:c1:1e:aa:7f:66:91:d2:
74:35:37:fb:e3:18:17:02:f4:42:46:12:80:ce:cc:d5:3c:35:
9b:4d:2e:29:cc:98:64:45:ae:6d:cd:fb:d5:b7:f5:68:67:94:
f9:43:44:2b:45:46:24:26:b6:48:47:0c:a4:e5:30:35:08:a7:
8f:f1:33:12:14:37:bf:be:a5:af:56:ef:d2:ff:dc:93:3a:51:
5f:55:40:34:df:46:6d:c0:c5:e4:aa:6e:53:9b:ff:f7:7b:37:
e3:58:6c:a2:de:89:5b:49:78:c9:ef:6b:63:e0:f9:ef:c9:04:
0e:ce:b5:32:f7:53:d8:c5:92:77:4b:63:08:1d:73:07:fe:0f:
1f:0d:cc:49:ea:b6:ee:9b:13:e9:39:b9:20:23:53:59:ef:6a:
f3:7a:60:a6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaPoYEdyUxwvcRuaKwbxlFPlr2MwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMzNaFw0yNTA2MjQyMTQ3MzNaMDMxMTAvBgNV
BAMTKDRDRjdFMUY2QTVBMjQxQ0YyMTA5RjcxMDgwOEIwODhEQjI2QkI4QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3x6i+KmgtrCn9MNo6P9Kn9cwP
HrcHdnwcF7AUrr/RHK5xQ/2WLEMAFOtkFCNvsac26LN5nIFlwHE6kldl31NFSoAC
gbuQS36CIq6lSGPx96Bn7XMMTbq/Y6BHuWmLXuZmmF5EqfA5DUCN0gFd2Juq1JoN
2G/dJ2ldl8iNEnZlEf5To3+tRfLTZp9Cf27gD4XDZhghH6XO5oCIIkO0fdqv/d3K
7bfyaXd1Ee/pKo4RfesfBvi+b/+hqR9Cp3cXAvWtuHo7/HvOfyjtR1TQr7ToAkGL
KmfNGZfW1caXjxVTxV5LWqGLR253Qna5Tx16/TiFjDq375FhRzfsU9pPlW8BAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTPfh9qWiQc8hCfcQgIsIjbJruL0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI0jANBgkqhkiG9w0BAQsFAAOCAQEAlO5tIupkkETFQXj+FXjNpnliYjRU
gP5/xCtNHbN6tezYLlmaOd1f9b2ppkoSZGM4LncBEYQTnlv2kzQ4ZIfP16t+ikif
67XpfmmXUr3ECphkT8LiIO8eLK+JFJNRkQ/o83GGwnbBHqp/ZpHSdDU3++MYFwL0
QkYSgM7M1Tw1m00uKcyYZEWubc371bf1aGeU+UNEK0VGJCa2SEcMpOUwNQinj/Ez
EhQ3v76lr1bv0v/ckzpRX1VANN9GbcDF5KpuU5v/93s341hsot6JW0l4ye9rY+D5
78kEDs61MvdT2MWSd0tjCB1zB/4PHw3MSeq27psT6Tm5ICNTWe9q83pgpg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org