Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234332e302f32342d3234203d3e20313336373837.roa
File: 3139352e3234322e3234332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: H/tfKWE/wnNpnHf1BMYiTskr4xjykFKKB6VIGhZyO4Y=
Subject key identifier: 02:9E:26:95:F2:64:64:01:FD:8D:03:2E:E3:91:20:8C:56:50:69:26
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 348C70C88AC8DA7DCB9DCB754ECDA13F099CB5BF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234332e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Nov 2024 15:36:42 +0000
ROA not before: Thu 14 Nov 2024 15:31:42 +0000
ROA not after: Thu 13 Nov 2025 15:36:42 +0000
asID: 136787
IP address blocks: 195.242.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:8c:70:c8:8a:c8:da:7d:cb:9d:cb:75:4e:cd:a1:3f:09:9c:b5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 14 15:31:42 2024 GMT
Not After : Nov 13 15:36:42 2025 GMT
Subject: CN=029E2695F2646401FD8D032EE391208C56506926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:99:3a:b7:3f:83:33:81:af:bb:04:94:71:55:
31:e3:c5:1f:27:39:44:37:37:4e:0d:fa:83:a0:fe:
1e:07:70:93:ec:11:2c:e8:1c:1e:bc:b8:38:e3:a7:
bd:b1:b4:d3:02:4c:de:95:03:9d:6c:0b:47:49:56:
02:83:7f:24:b0:ce:f9:2f:17:41:5b:fa:44:f3:7c:
ea:28:bd:0c:76:86:83:d4:80:f5:6f:90:72:1b:c0:
ed:f1:54:2e:80:67:5b:ef:f1:29:d8:bf:42:c5:4e:
a3:2f:c6:30:a9:bc:7e:27:7e:7d:15:96:27:25:69:
01:c4:6a:ab:0a:71:37:d6:16:ff:a6:9e:c9:fa:3e:
58:e0:e7:d1:a0:2a:de:fe:92:21:4d:e6:b0:d7:da:
78:53:b6:ef:cd:75:5d:0d:ba:85:8b:e3:26:e0:91:
93:89:35:a1:62:8b:23:cc:fc:a7:a1:39:b5:66:c8:
03:ed:b1:57:b1:2e:3f:2a:a7:18:e7:2e:18:bc:7b:
5a:9e:76:bb:e6:fe:fd:d7:04:5e:53:94:78:83:16:
e7:f5:5e:5a:0c:c5:77:c5:82:05:c5:35:f1:69:fb:
c8:14:83:58:09:bf:d6:5d:18:9b:e6:b6:e2:29:97:
a5:4a:6a:86:11:de:27:de:af:0e:74:08:1c:a4:31:
17:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9E:26:95:F2:64:64:01:FD:8D:03:2E:E3:91:20:8C:56:50:69:26
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3234322e3234332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
16:bd:c2:f4:f8:bb:df:25:68:6d:31:94:d2:13:6b:43:a3:a8:
6f:72:5c:23:53:f1:2f:f2:5c:8c:be:b4:27:96:38:3f:c4:f7:
db:1c:a8:32:0c:1f:e1:76:75:11:ba:bc:64:2c:bf:a7:5f:3a:
58:9c:b3:ea:e1:49:1e:e2:b2:35:d0:18:e1:86:d0:53:29:be:
f0:f9:91:4c:e9:10:50:f6:7a:a5:5f:d1:e9:1c:ec:1d:4a:57:
67:cb:62:01:bf:85:10:98:8e:94:b6:c7:12:c4:77:0f:5e:ef:
b1:16:09:17:23:d2:0d:38:39:c4:5f:13:aa:f3:8e:b8:8a:2a:
73:40:65:80:16:b4:3d:32:52:a2:61:41:af:7d:33:b0:21:74:
d0:a7:67:ba:b6:c7:1f:14:12:1a:72:99:5a:aa:c6:4e:3c:93:
d7:02:0f:b6:bb:00:99:d2:1e:68:fc:46:53:9b:d0:d2:5d:cc:
af:40:34:94:2f:a9:55:29:32:59:5e:ee:82:1d:6f:f3:b7:88:
c9:cf:b6:5f:a6:72:d8:07:37:cf:42:87:13:90:20:17:ed:01:
d3:cc:e9:d7:0d:41:52:12:50:0e:6a:5c:a5:26:c5:c9:6a:03:
a0:d3:07:97:b4:0a:3f:48:1a:07:fe:72:1c:c8:fc:22:3c:bc:
b2:01:cd:e6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNIxwyIrI2n3Lnct1Ts2hPwmctb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMTQxNTMxNDJaFw0yNTExMTMxNTM2NDJaMDMxMTAvBgNV
BAMTKDAyOUUyNjk1RjI2NDY0MDFGRDhEMDMyRUUzOTEyMDhDNTY1MDY5MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZmTq3P4Mzga+7BJRxVTHjxR8n
OUQ3N04N+oOg/h4HcJPsESzoHB68uDjjp72xtNMCTN6VA51sC0dJVgKDfySwzvkv
F0Fb+kTzfOoovQx2hoPUgPVvkHIbwO3xVC6AZ1vv8SnYv0LFTqMvxjCpvH4nfn0V
liclaQHEaqsKcTfWFv+mnsn6Pljg59GgKt7+kiFN5rDX2nhTtu/NdV0NuoWL4ybg
kZOJNaFiiyPM/KehObVmyAPtsVexLj8qpxjnLhi8e1qedrvm/v3XBF5TlHiDFuf1
XloMxXfFggXFNfFp+8gUg1gJv9ZdGJvmtuIpl6VKaoYR3iferw50CBykMRcHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAp4mlfJkZAH9jQMu45EgjFZQaSYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM0MzIyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPy8zANBgkqhkiG9w0BAQsFAAOCAQEAFr3C9Pi73yVobTGU0hNrQ6Oob3Jc
I1PxL/JcjL60J5Y4P8T32xyoMgwf4XZ1Ebq8ZCy/p186WJyz6uFJHuKyNdAY4YbQ
Uym+8PmRTOkQUPZ6pV/R6RzsHUpXZ8tiAb+FEJiOlLbHEsR3D17vsRYJFyPSDTg5
xF8TqvOOuIoqc0BlgBa0PTJSomFBr30zsCF00KdnurbHHxQSGnKZWqrGTjyT1wIP
trsAmdIeaPxGU5vQ0l3Mr0A0lC+pVSkyWV7ugh1v87eIyc+2X6Zy2Ac3z0KHE5Ag
F+0B08zp1w1BUhJQDmpcpSbFyWoDoNMHl7QKP0gaB/5yHMj8Ijy8sgHN5g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:57 2025 by rpki-client