Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3332203d3e20313336373837.roa
File: 3139352e3230302e3232312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: k3JGLZ03oTyneNzwz+jO9UGuZ76rZhB7MjIUz3UwyL8=
Subject key identifier: 12:28:69:7B:99:C6:86:62:C7:15:F9:C2:B2:43:5B:15:18:2F:D0:89
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03C1E38820B8DA22F168AA2DB2DA4E68B4E060D7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3332203d3e20313336373837.roa
Signing time: Wed 01 May 2024 12:03:34 +0000
ROA not before: Wed 01 May 2024 11:58:34 +0000
ROA not after: Wed 30 Apr 2025 12:03:34 +0000
asID: 136787
IP address blocks: 195.200.221.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c1:e3:88:20:b8:da:22:f1:68:aa:2d:b2:da:4e:68:b4:e0:60:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 11:58:34 2024 GMT
Not After : Apr 30 12:03:34 2025 GMT
Subject: CN=1228697B99C68662C715F9C2B2435B15182FD089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c2:7a:2b:69:f8:2a:5e:0a:c8:75:93:53:45:
72:2a:70:a5:f8:0d:f6:fb:7b:e9:2f:be:7c:3f:6c:
58:4a:1b:40:07:c8:68:8e:e0:7d:f5:8c:bc:17:21:
b0:13:1e:5d:02:60:f1:51:62:9f:b3:a9:62:01:15:
d1:5f:d1:14:d1:f2:82:f9:1e:c4:28:b6:71:76:1e:
f5:cb:c9:12:bb:9b:0b:c1:3d:fc:60:90:ac:6e:e2:
97:b8:7c:ea:60:2e:01:f8:61:af:66:4c:81:90:b6:
a7:f0:5a:cc:fe:21:d4:cc:bf:a4:01:02:61:31:cd:
23:8a:dd:b1:44:8b:d8:76:60:bd:8f:08:d6:e8:cf:
7d:eb:46:44:b1:63:d5:8c:d3:07:5d:85:88:44:78:
ff:2b:d6:aa:48:34:62:0d:33:c5:7b:aa:4b:08:a9:
d0:4e:22:d7:04:9a:12:16:ee:b1:be:09:96:09:61:
9c:7c:20:f3:75:59:35:ae:96:ae:51:4f:8f:65:b0:
16:5c:aa:53:0f:67:bf:75:e4:5d:0a:3d:0c:30:65:
12:17:8d:af:a7:94:ae:21:60:ce:47:cf:02:22:ea:
34:87:5e:92:26:33:43:50:e3:89:e7:c5:3e:a7:69:
6f:06:9f:44:ea:98:03:98:d8:84:20:40:5a:20:b0:
da:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:28:69:7B:99:C6:86:62:C7:15:F9:C2:B2:43:5B:15:18:2F:D0:89
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
06:b7:ca:93:6d:eb:01:63:b6:54:dc:c8:e5:a2:18:3c:12:59:
6e:7d:2f:a6:01:cd:27:aa:30:39:ce:f5:ab:5e:1c:22:3c:8f:
bb:78:5d:9b:c6:ed:7d:66:94:69:f3:e6:47:1e:82:47:c7:b0:
ff:bf:9b:09:15:08:e4:76:79:0b:dc:ac:cb:c2:6c:3c:16:b5:
21:e8:95:57:ec:48:a8:a5:89:62:31:45:e9:05:ab:50:c1:60:
c2:00:77:fe:33:f9:bf:df:87:a9:89:c1:54:cd:b8:d3:25:21:
3a:98:82:9c:94:34:8b:22:0a:c0:c2:f0:3c:c7:e8:23:8d:c5:
92:55:2f:f3:e7:0b:fc:c5:d3:c6:b7:03:62:74:37:6b:fb:1b:
41:ce:64:dc:d6:60:98:1c:ea:65:dc:a5:ae:16:4c:97:54:db:
65:3d:86:50:75:22:8c:06:3a:e1:bc:42:51:54:bb:64:53:1c:
1d:44:17:f2:61:89:8c:58:b4:61:8c:88:ae:77:a3:8a:63:69:
f0:3f:96:42:5b:5d:60:3a:b5:f8:1a:5b:4a:70:2d:ca:ad:fd:
fd:eb:fd:4b:91:db:57:8f:bb:fb:3d:e2:0e:8d:e0:df:28:23:
26:87:20:ba:47:55:58:cb:40:72:91:0f:ff:d2:25:84:19:29:
d8:d2:ac:cb
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUA8HjiCC42iLxaKotstpOaLTgYNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDExMTU4MzRaFw0yNTA0MzAxMjAzMzRaMDMxMTAvBgNV
BAMTKDEyMjg2OTdCOTlDNjg2NjJDNzE1RjlDMkIyNDM1QjE1MTgyRkQwODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDwnorafgqXgrIdZNTRXIqcKX4
Dfb7e+kvvnw/bFhKG0AHyGiO4H31jLwXIbATHl0CYPFRYp+zqWIBFdFf0RTR8oL5
HsQotnF2HvXLyRK7mwvBPfxgkKxu4pe4fOpgLgH4Ya9mTIGQtqfwWsz+IdTMv6QB
AmExzSOK3bFEi9h2YL2PCNboz33rRkSxY9WM0wddhYhEeP8r1qpINGINM8V7qksI
qdBOItcEmhIW7rG+CZYJYZx8IPN1WTWulq5RT49lsBZcqlMPZ7915F0KPQwwZRIX
ja+nlK4hYM5HzwIi6jSHXpImM0NQ44nnxT6naW8Gn0TqmAOY2IQgQFogsNpbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUEihpe5nGhmLHFfnCskNbFRgv0IkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzIzMTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI3TANBgkqhkiG9w0BAQsFAAOCAQEABrfKk23rAWO2VNzI5aIYPBJZbn0v
pgHNJ6owOc71q14cIjyPu3hdm8btfWaUafPmRx6CR8ew/7+bCRUI5HZ5C9ysy8Js
PBa1IeiVV+xIqKWJYjFF6QWrUMFgwgB3/jP5v9+HqYnBVM240yUhOpiCnJQ0iyIK
wMLwPMfoI43FklUv8+cL/MXTxrcDYnQ3a/sbQc5k3NZgmBzqZdylrhZMl1TbZT2G
UHUijAY64bxCUVS7ZFMcHUQX8mGJjFi0YYyIrnejimNp8D+WQltdYDq1+BpbSnAt
yq39/ev9S5HbV4+7+z3iDo3g3ygjJocgukdVWMtAcpEP/9IlhBkp2NKsyw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org