Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
File: 3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jni0CpGxvUdrkHqfJMq4PHAKsaZbFAxjDT+n+WD73fU=
Subject key identifier: 91:92:2C:D6:0F:0D:7A:13:C5:97:39:56:F0:C1:8F:33:F7:01:D9:8F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5E1ABD9B4FCA6318E134FBB217AD4D5E2D7A2C4D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:23 +0000
ROA not before: Sat 02 Mar 2024 21:49:23 +0000
ROA not after: Sat 01 Mar 2025 21:54:23 +0000
asID: 136787
IP address blocks: 195.210.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:1a:bd:9b:4f:ca:63:18:e1:34:fb:b2:17:ad:4d:5e:2d:7a:2c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:23 2024 GMT
Not After : Mar 1 21:54:23 2025 GMT
Subject: CN=91922CD60F0D7A13C5973956F0C18F33F701D98F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4f:cb:70:35:7a:38:43:24:e9:e9:11:03:80:
58:bf:5f:5f:fe:0e:65:40:b9:91:d3:00:d0:8c:b0:
91:33:67:af:d3:79:5a:06:f7:b4:fa:45:69:3f:e2:
b8:90:5a:00:fc:dd:7d:ca:e4:1f:3a:01:be:f1:0d:
f1:12:bd:a4:61:84:51:0e:d7:72:4e:ad:2c:14:f9:
56:4e:78:2d:6a:ff:5b:02:54:76:34:06:f8:a5:1a:
81:25:0c:89:3f:9e:69:af:7c:48:5e:98:d3:34:75:
d3:7c:d2:b0:c3:e1:c6:05:19:26:cf:e4:46:6b:5f:
68:2b:10:d3:19:76:b5:55:69:44:2a:d3:26:4e:fb:
a9:36:2e:44:87:58:67:ea:c0:54:ae:e3:c2:d4:33:
fb:2e:8b:b6:bd:ef:b1:1f:f0:eb:37:5a:83:5e:1c:
38:8f:90:47:8e:c1:8b:96:20:e1:1f:20:86:8d:5b:
2e:58:c6:23:45:1f:2b:13:03:d8:de:06:b0:39:3a:
1c:d6:7b:eb:56:fe:fc:c0:fe:98:b8:a7:95:d1:c0:
5c:a4:1c:d9:24:bd:e6:43:10:75:9e:c3:b7:73:45:
ab:75:08:09:6e:78:50:71:2d:cb:1d:43:b1:f1:f9:
d4:59:0f:c5:03:40:73:6d:83:c1:72:1e:91:10:57:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:92:2C:D6:0F:0D:7A:13:C5:97:39:56:F0:C1:8F:33:F7:01:D9:8F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.59.0/24
Signature Algorithm: sha256WithRSAEncryption
45:77:22:7e:fb:54:41:d7:1d:ba:ae:5d:70:9b:76:82:a0:2f:
32:a2:72:1f:c3:7e:1d:3f:cc:78:c8:3d:98:df:c6:f0:f2:d2:
11:93:7e:0d:68:84:68:49:ac:3c:a6:1b:c0:05:17:63:03:95:
59:7c:f5:de:2b:aa:5d:0c:dc:a7:39:62:2c:58:dc:4b:2a:57:
a0:9e:14:0d:42:3c:85:7d:d2:15:15:93:d6:81:fb:9d:54:6d:
e5:af:4f:29:a5:d2:46:45:05:9c:f4:73:46:5b:12:62:9a:6b:
07:7e:f5:af:d1:43:10:e9:62:01:94:4b:d8:20:96:6b:e2:f8:
df:36:09:59:35:5b:07:7d:e9:3e:c1:bb:4e:2c:c8:5a:5e:e4:
26:60:b8:f7:51:9a:1c:7a:55:79:20:b7:8b:62:c1:32:2c:7e:
36:5a:34:44:f2:df:cb:14:d0:06:34:94:65:2a:98:65:98:52:
3c:1c:f4:45:66:13:e5:6c:19:49:c2:36:38:23:d9:18:09:56:
37:ba:55:60:4e:bb:35:b9:dd:41:b6:47:00:88:b8:42:43:e6:
58:5f:40:0b:23:31:d0:0e:66:65:fa:70:8b:4a:32:5c:6b:2f:
43:1a:c1:69:1c:aa:6e:54:2b:6d:51:32:99:c3:36:72:eb:37:
30:bb:b2:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXhq9m0/KYxjhNPuyF61NXi16LE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MjNaFw0yNTAzMDEyMTU0MjNaMDMxMTAvBgNV
BAMTKDkxOTIyQ0Q2MEYwRDdBMTNDNTk3Mzk1NkYwQzE4RjMzRjcwMUQ5OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2T8twNXo4QyTp6REDgFi/X1/+
DmVAuZHTANCMsJEzZ6/TeVoG97T6RWk/4riQWgD83X3K5B86Ab7xDfESvaRhhFEO
13JOrSwU+VZOeC1q/1sCVHY0BvilGoElDIk/nmmvfEhemNM0ddN80rDD4cYFGSbP
5EZrX2grENMZdrVVaUQq0yZO+6k2LkSHWGfqwFSu48LUM/sui7a977Ef8Os3WoNe
HDiPkEeOwYuWIOEfIIaNWy5YxiNFHysTA9jeBrA5OhzWe+tW/vzA/pi4p5XRwFyk
HNkkveZDEHWew7dzRat1CAlueFBxLcsdQ7Hx+dRZD8UDQHNtg8FyHpEQV4QnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkZIs1g8NehPFlzlW8MGPM/cB2Y8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMxMzAyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADD0jswDQYJKoZIhvcNAQELBQADggEBAEV3In77VEHXHbquXXCbdoKgLzKich/D
fh0/zHjIPZjfxvDy0hGTfg1ohGhJrDymG8AFF2MDlVl89d4rql0M3Kc5YixY3Esq
V6CeFA1CPIV90hUVk9aB+51UbeWvTyml0kZFBZz0c0ZbEmKaawd+9a/RQxDpYgGU
S9gglmvi+N82CVk1Wwd96T7Bu04syFpe5CZguPdRmhx6VXkgt4tiwTIsfjZaNETy
38sU0AY0lGUqmGWYUjwc9EVmE+VsGUnCNjgj2RgJVje6VWBOuzW53UG2RwCIuEJD
5lhfQAsjMdAOZmX6cItKMlxrL0MawWkcqm5UK21RMpnDNnLrNzC7sik=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:57 2024 by rpki-client on console-fra.rpki-client.org