Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: FyFkye5dUCO9qyxM94bSmZp/j2R9IW46CxlfMjkNzJ4=
Subject key identifier: E9:CE:46:38:B6:12:96:4A:F1:D9:CD:99:0C:55:4F:0F:66:C4:4E:D6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 396D0AC78AD8D940D297807251E19A8244508A34
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:34 +0000
ROA not before: Tue 25 Jun 2024 21:42:34 +0000
ROA not after: Tue 24 Jun 2025 21:47:34 +0000
asID: 204170
IP address blocks: 195.200.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:6d:0a:c7:8a:d8:d9:40:d2:97:80:72:51:e1:9a:82:44:50:8a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:34 2024 GMT
Not After : Jun 24 21:47:34 2025 GMT
Subject: CN=E9CE4638B612964AF1D9CD990C554F0F66C44ED6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ca:44:51:54:7b:42:1d:94:14:f6:44:56:77:
cb:c3:c3:66:47:99:72:8e:7d:e1:01:f3:eb:68:25:
ae:cd:87:1c:8a:55:c9:33:64:9a:32:f9:da:9a:d2:
cf:14:f3:75:6c:a5:6c:01:80:a4:c8:17:ac:78:fd:
a0:8b:2d:cf:78:4e:ef:03:5e:2f:06:79:6b:c2:1d:
33:b2:7f:3c:22:11:68:ec:af:5e:d3:6a:3c:cc:b5:
bc:49:1c:1b:7d:2d:54:53:ce:f2:f1:da:e5:f3:30:
5c:63:28:13:c9:fd:fa:a5:50:73:90:84:29:16:27:
d1:2d:ed:b0:ee:7b:a0:84:d8:4e:3e:a0:9d:67:21:
ee:4b:2b:be:d6:3b:f2:be:b1:05:5a:9a:cc:ae:1f:
a2:20:67:85:b8:32:42:25:ae:38:29:84:74:f5:90:
60:85:80:dd:4a:3c:17:5c:23:24:91:8c:b8:1c:c7:
f2:4c:27:14:85:31:7a:20:b1:75:bd:2e:bf:11:37:
96:7c:d5:de:96:b9:21:92:73:70:5f:a8:b5:cd:b8:
7a:f3:f5:d3:b9:92:cc:fb:23:34:a5:df:22:53:08:
3f:7c:82:71:8a:1e:59:cb:ca:00:cc:a2:29:7b:e1:
53:0d:a4:07:52:ad:f4:31:d0:c2:b9:56:35:e3:96:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CE:46:38:B6:12:96:4A:F1:D9:CD:99:0C:55:4F:0F:66:C4:4E:D6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.215.0/24
Signature Algorithm: sha256WithRSAEncryption
82:19:c1:92:76:90:54:3c:bc:33:40:ce:d4:1c:c3:7b:99:ee:
ef:95:f8:89:d3:26:ca:cf:19:0a:5a:ed:56:16:07:31:c4:a1:
f7:60:86:9a:f4:19:12:eb:c2:93:6f:03:b3:68:58:6a:f3:03:
3a:3e:48:aa:f0:e0:d8:00:9a:4d:22:cf:06:59:55:b4:9d:56:
49:b3:ea:a2:da:6f:85:5d:c2:09:ae:4f:d8:59:f4:a3:c2:8e:
7b:9d:86:ae:f9:fa:76:37:ba:40:01:fa:14:86:ef:f9:a7:c3:
6a:74:c2:ee:23:e6:ab:d0:44:de:a3:6a:4e:d1:f8:9a:13:dd:
83:8f:ea:5e:f1:6d:81:48:12:68:57:23:86:59:c8:a8:f3:7b:
8a:0d:5f:3b:c2:fc:5c:b1:6d:59:f9:a9:e0:da:43:2d:33:25:
8c:89:d6:eb:17:cb:b6:67:99:d5:db:d1:8f:c9:18:03:bb:c8:
71:6e:76:b6:99:e5:98:5a:8c:d2:72:30:cf:4e:23:15:b9:6e:
1b:22:69:d5:83:c3:83:b4:90:60:cd:c5:16:48:6c:83:62:36:
8e:d3:bb:56:4b:ad:9f:88:d4:a4:bf:fd:79:74:93:b9:d2:89:
6c:d3:0c:e5:75:0f:88:32:99:4a:6c:d0:26:47:0e:0a:56:62:
15:65:6c:1f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOW0Kx4rY2UDSl4ByUeGagkRQijQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMzRaFw0yNTA2MjQyMTQ3MzRaMDMxMTAvBgNV
BAMTKEU5Q0U0NjM4QjYxMjk2NEFGMUQ5Q0Q5OTBDNTU0RjBGNjZDNDRFRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAykRRVHtCHZQU9kRWd8vDw2ZH
mXKOfeEB8+toJa7NhxyKVckzZJoy+dqa0s8U83VspWwBgKTIF6x4/aCLLc94Tu8D
Xi8GeWvCHTOyfzwiEWjsr17TajzMtbxJHBt9LVRTzvLx2uXzMFxjKBPJ/fqlUHOQ
hCkWJ9Et7bDue6CE2E4+oJ1nIe5LK77WO/K+sQVamsyuH6IgZ4W4MkIlrjgphHT1
kGCFgN1KPBdcIySRjLgcx/JMJxSFMXogsXW9Lr8RN5Z81d6WuSGSc3BfqLXNuHrz
9dO5ksz7IzSl3yJTCD98gnGKHlnLygDMoil74VMNpAdSrfQx0MK5VjXjlrR5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU6c5GOLYSlkrx2c2ZDFVPD2bETtYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI1zANBgkqhkiG9w0BAQsFAAOCAQEAghnBknaQVDy8M0DO1BzDe5nu75X4
idMmys8ZClrtVhYHMcSh92CGmvQZEuvCk28Ds2hYavMDOj5IqvDg2ACaTSLPBllV
tJ1WSbPqotpvhV3CCa5P2Fn0o8KOe52Grvn6dje6QAH6FIbv+afDanTC7iPmq9BE
3qNqTtH4mhPdg4/qXvFtgUgSaFcjhlnIqPN7ig1fO8L8XLFtWfmp4NpDLTMljInW
6xfLtmeZ1dvRj8kYA7vIcW52tpnlmFqM0nIwz04jFbluGyJp1YPDg7SQYM3FFkhs
g2I2jtO7Vkutn4jUpL/9eXSTudKJbNMM5XUPiDKZSmzQJkcOClZiFWVsHw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org