Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 0EJRXKI4un8Xjb5Z5RC2ooiyMv0T7IQPOZKHC6wBdlo=
Subject key identifier: A5:D1:1A:40:5F:6F:9A:C4:31:3C:61:44:E4:53:14:02:A7:0A:39:CB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5FBEE2A8D62D9C308D423536511A06B2768F99BB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:36 +0000
ROA not before: Tue 25 Jun 2024 21:42:36 +0000
ROA not after: Tue 24 Jun 2025 21:47:36 +0000
asID: 204170
IP address blocks: 195.200.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:be:e2:a8:d6:2d:9c:30:8d:42:35:36:51:1a:06:b2:76:8f:99:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:36 2024 GMT
Not After : Jun 24 21:47:36 2025 GMT
Subject: CN=A5D11A405F6F9AC4313C6144E4531402A70A39CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:64:09:0a:4c:1d:f0:c3:eb:56:44:ec:9f:69:
5f:b9:33:69:a4:9f:5f:6e:9c:25:8d:0d:d2:27:90:
c0:d2:6e:0b:9c:da:5f:d9:de:9f:80:e2:e3:9a:95:
29:77:66:2d:88:2c:0b:cf:3a:6a:8e:cb:0b:47:7e:
80:e5:6b:93:0d:29:b4:12:6e:b3:66:7c:7a:c9:86:
8d:5f:ba:0c:41:ef:49:e3:8c:cb:9d:e6:e9:3f:44:
4c:e4:cf:9b:f3:37:b0:23:6e:24:3e:85:02:88:00:
18:5d:16:e0:e7:bc:45:4c:2f:e6:36:80:34:8d:d2:
2e:a9:ee:47:dc:a0:4e:36:92:65:26:e5:e3:aa:ad:
99:07:3d:19:a6:7c:e0:c5:71:75:43:11:a5:a0:31:
1a:d7:94:87:4b:d2:81:c3:66:7d:a9:aa:6e:71:d0:
59:17:14:17:4b:4d:fc:96:6e:e3:ac:a2:00:32:e9:
6e:33:6b:a3:86:32:4a:7f:e0:cf:be:49:6d:7e:6e:
ed:3a:87:39:a9:cf:68:37:77:6d:8f:47:2c:97:11:
e8:91:16:9b:1b:89:d3:92:f9:32:30:fa:e0:73:67:
2d:5d:68:e1:90:af:3f:ac:fa:9e:ac:69:cc:3f:46:
a4:e5:19:fe:9a:b4:29:ac:3c:38:83:5f:78:50:2d:
0e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D1:1A:40:5F:6F:9A:C4:31:3C:61:44:E4:53:14:02:A7:0A:39:CB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5a:0e:25:36:a5:2a:19:d5:a2:e6:4c:77:3f:2a:3a:85:3d:
ad:57:b6:2c:36:3a:1a:07:8d:88:a0:22:7e:76:15:fb:4e:ca:
86:0c:6e:db:24:4f:94:f6:09:65:5e:e5:43:ff:ac:ef:15:03:
e8:d2:2f:d1:00:54:f8:8a:a9:cf:5a:eb:95:ad:4c:41:1f:98:
af:bc:fd:9a:96:44:1c:70:54:80:9d:d4:82:f6:2c:0b:67:bf:
83:eb:49:5d:54:06:6d:7b:02:2e:9f:ce:d2:a9:61:00:a2:f6:
37:82:e3:a6:5a:20:31:c0:15:e7:fd:59:ba:c2:10:4e:e2:12:
f2:cb:11:0f:b4:25:aa:9f:43:a4:b2:23:db:0d:04:e2:ed:45:
1a:79:ed:83:61:54:14:f4:19:1d:3f:d8:26:eb:09:50:72:ce:
eb:92:4a:a9:d6:7c:ac:4f:5b:9f:7a:be:b8:b9:e9:0f:c2:8d:
b7:f7:17:41:53:a7:b0:56:88:e9:3a:d6:1c:0d:54:0e:1b:27:
0b:02:1f:fc:75:45:32:0d:dc:73:e4:33:9f:28:eb:dd:9c:f9:
98:d3:b2:b1:5b:81:7e:ca:f7:da:1f:f5:c0:d9:c7:b5:41:53:
08:a8:9f:5f:0a:34:85:a8:67:c6:35:ff:25:9a:15:2d:67:f6:
31:b9:df:21
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUX77iqNYtnDCNQjU2URoGsnaPmbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMzZaFw0yNTA2MjQyMTQ3MzZaMDMxMTAvBgNV
BAMTKEE1RDExQTQwNUY2RjlBQzQzMTNDNjE0NEU0NTMxNDAyQTcwQTM5Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ZAkKTB3ww+tWROyfaV+5M2mk
n19unCWNDdInkMDSbguc2l/Z3p+A4uOalSl3Zi2ILAvPOmqOywtHfoDla5MNKbQS
brNmfHrJho1fugxB70njjMud5uk/REzkz5vzN7AjbiQ+hQKIABhdFuDnvEVML+Y2
gDSN0i6p7kfcoE42kmUm5eOqrZkHPRmmfODFcXVDEaWgMRrXlIdL0oHDZn2pqm5x
0FkXFBdLTfyWbuOsogAy6W4za6OGMkp/4M++SW1+bu06hzmpz2g3d22PRyyXEeiR
FpsbidOS+TIw+uBzZy1daOGQrz+s+p6sacw/RqTlGf6atCmsPDiDX3hQLQ5RAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpdEaQF9vmsQxPGFE5FMUAqcKOcswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI3TANBgkqhkiG9w0BAQsFAAOCAQEAjFoOJTalKhnVouZMdz8qOoU9rVe2
LDY6GgeNiKAifnYV+07Khgxu2yRPlPYJZV7lQ/+s7xUD6NIv0QBU+Iqpz1rrla1M
QR+Yr7z9mpZEHHBUgJ3UgvYsC2e/g+tJXVQGbXsCLp/O0qlhAKL2N4LjplogMcAV
5/1ZusIQTuIS8ssRD7Qlqp9DpLIj2w0E4u1FGnntg2FUFPQZHT/YJusJUHLO65JK
qdZ8rE9bn3q+uLnpD8KNt/cXQVOnsFaI6TrWHA1UDhsnCwIf/HVFMg3cc+Qznyjr
3Zz5mNOysVuBfsr32h/1wNnHtUFTCKifXwo0hahnxjX/JZoVLWf2MbnfIQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org