Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234312e302f32342d3234203d3e20313336373837.roa
File: 3139352e3234322e3234312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NtyMqatmOrPi9wc4CeGcY07H0rzNYR394JtafcQrAo4=
Subject key identifier: 46:E1:D6:8E:D4:D6:32:FF:43:0F:3F:DC:92:F3:A1:AB:41:FE:60:33
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 759A272F5D94D7978390C1C7ACC2E281B599E748
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234312e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:36:39 +0000
ROA not before: Thu 14 Nov 2024 15:31:39 +0000
ROA not after: Thu 13 Nov 2025 15:36:39 +0000
asID: 136787
IP address blocks: 195.242.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:9a:27:2f:5d:94:d7:97:83:90:c1:c7:ac:c2:e2:81:b5:99:e7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:31:39 2024 GMT
Not After : Nov 13 15:36:39 2025 GMT
Subject: CN=46E1D68ED4D632FF430F3FDC92F3A1AB41FE6033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:14:ea:fc:0c:c7:2a:50:17:51:c8:31:05:42:
94:1d:df:55:4a:44:ec:22:bc:c9:12:e0:0f:90:e1:
12:5c:36:33:23:47:a4:e1:de:10:8c:b7:ec:d8:0d:
eb:bb:2c:09:64:f9:6e:83:e2:1b:b2:9f:38:57:21:
a7:d4:86:41:e0:4c:d3:72:ff:e3:c7:11:b6:a4:3f:
07:ef:09:bf:f9:d8:04:47:16:78:ee:5c:ea:42:49:
77:32:a1:76:69:1a:b9:05:2e:52:28:89:7c:c5:79:
19:6f:3f:3c:2f:f1:21:95:16:0d:7d:db:90:09:0e:
bd:e7:26:b8:e1:91:44:92:8c:3f:19:a1:44:94:ad:
03:e3:4f:d9:e1:6b:fa:f6:cf:c8:c0:f9:8d:a3:bb:
39:cb:c7:ec:81:44:7c:fc:c6:e0:77:64:e5:78:96:
b0:1d:c0:e7:22:23:64:ac:05:b9:8b:5f:61:a6:f3:
9d:7b:4d:5b:36:08:14:48:ef:7c:4c:f5:01:da:ac:
4f:3b:1d:f6:c5:5a:d0:d9:cf:7a:e8:2c:25:f2:13:
df:57:bb:49:e6:9f:48:44:d9:e0:b7:1f:6f:ab:d7:
43:ac:71:00:ad:7b:6d:c2:af:9c:61:5d:6e:1c:ff:
05:18:fa:c9:42:41:51:83:d6:6b:b2:0e:46:0a:4b:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E1:D6:8E:D4:D6:32:FF:43:0F:3F:DC:92:F3:A1:AB:41:FE:60:33
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.241.0/24
Signature Algorithm: sha256WithRSAEncryption
41:89:66:e2:96:66:69:6b:93:8e:1a:0d:f1:d8:67:d8:3b:e4:
48:3a:52:21:58:ba:9d:5f:91:10:39:1b:1f:30:68:49:55:d6:
64:e6:f4:2b:c1:58:7a:c2:98:6a:d2:3d:84:29:30:d9:01:22:
95:08:1f:e1:e6:ad:d9:3d:f5:a5:69:1f:f7:df:e6:20:4f:43:
92:7f:df:38:e2:0a:a3:f6:ff:57:a3:25:cf:1b:82:a4:a6:98:
29:5e:4a:c7:3a:76:67:0f:8c:e8:83:11:9b:79:b8:d9:2f:54:
ea:0f:73:05:ff:d7:34:e4:28:d5:00:b9:f8:c2:b7:64:77:5a:
88:c0:38:39:29:5f:41:b2:46:c3:eb:42:d6:85:e5:c5:90:92:
88:89:7c:72:e7:3d:63:f0:7a:dc:53:16:0e:20:77:87:0a:1e:
50:6f:a8:c6:45:16:50:a4:65:63:36:d8:85:8c:cb:16:ce:58:
b3:c6:2f:e5:3c:b5:57:80:31:ed:c9:f7:e2:13:54:e5:4d:92:
4f:e2:f2:c9:3c:8d:b9:97:74:0c:37:a5:ff:c8:72:40:56:fa:
70:30:8d:d5:c6:aa:f9:e3:74:7b:b0:d1:c6:b5:2d:b0:ba:fb:
92:e0:4e:2f:43:2d:24:fd:60:5e:f6:ab:ad:56:88:8c:c9:24:
64:cc:10:4c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdZonL12U15eDkMHHrMLigbWZ50gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMxMzlaFw0yNTExMTMxNTM2MzlaMDMxMTAvBgNV
BAMTKDQ2RTFENjhFRDRENjMyRkY0MzBGM0ZEQzkyRjNBMUFCNDFGRTYwMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVFOr8DMcqUBdRyDEFQpQd31VK
ROwivMkS4A+Q4RJcNjMjR6Th3hCMt+zYDeu7LAlk+W6D4huynzhXIafUhkHgTNNy
/+PHEbakPwfvCb/52ARHFnjuXOpCSXcyoXZpGrkFLlIoiXzFeRlvPzwv8SGVFg19
25AJDr3nJrjhkUSSjD8ZoUSUrQPjT9nha/r2z8jA+Y2juznLx+yBRHz8xuB3ZOV4
lrAdwOciI2SsBbmLX2Gm8517TVs2CBRI73xM9QHarE87HfbFWtDZz3roLCXyE99X
u0nmn0hE2eC3H2+r10OscQCte23Cr5xhXW4c/wUY+slCQVGD1muyDkYKS0w1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURuHWjtTWMv9DDz/ckvOhq0H+YDMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM0MzIyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPy8TANBgkqhkiG9w0BAQsFAAOCAQEAQYlm4pZmaWuTjhoN8dhn2DvkSDpS
IVi6nV+REDkbHzBoSVXWZOb0K8FYesKYatI9hCkw2QEilQgf4eat2T31pWkf99/m
IE9Dkn/fOOIKo/b/V6MlzxuCpKaYKV5Kxzp2Zw+M6IMRm3m42S9U6g9zBf/XNOQo
1QC5+MK3ZHdaiMA4OSlfQbJGw+tC1oXlxZCSiIl8cuc9Y/B63FMWDiB3hwoeUG+o
xkUWUKRlYzbYhYzLFs5Ys8Yv5Ty1V4Ax7cn34hNU5U2ST+LyyTyNuZd0DDel/8hy
QFb6cDCN1caq+eN0e7DRxrUtsLr7kuBOL0MtJP1gXvarrVaIjMkkZMwQTA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:57 2024 by rpki-client on console-fra.rpki-client.org