Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234302e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: J42vyak5RChJ4/WFuosT4ToKDgoUqOUzit10LBYESuA=
Subject key identifier: 3E:1D:89:6A:25:01:5E:1D:BE:D3:E8:C9:8C:45:52:F8:9B:03:1C:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 06E23BC41CF7AE13142883469176B7D87E253BFE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
Signing time: Wed 01 May 2024 08:11:45 +0000
ROA not before: Wed 01 May 2024 08:06:45 +0000
ROA not after: Wed 30 Apr 2025 08:11:45 +0000
asID: 40021
IP address blocks: 195.26.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e2:3b:c4:1c:f7:ae:13:14:28:83:46:91:76:b7:d8:7e:25:3b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 08:06:45 2024 GMT
Not After : Apr 30 08:11:45 2025 GMT
Subject: CN=3E1D896A25015E1DBED3E8C98C4552F89B031C7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:76:27:68:23:6a:95:b9:95:26:b7:63:9c:82:
40:b8:b6:a1:45:e0:42:9d:e7:68:64:1c:df:83:05:
45:3a:52:3e:9d:9b:83:b7:86:e0:63:66:ae:40:98:
88:ac:e2:5f:bb:73:0d:35:38:8f:57:d6:9c:47:3c:
b0:12:c2:d8:8c:58:2b:9b:ce:b5:d7:34:52:b1:04:
cd:63:cd:ca:b7:2b:c9:ab:a0:0d:43:1a:be:37:b9:
a0:e5:60:50:68:e7:c1:95:a3:46:75:57:2d:50:40:
27:66:06:5d:b2:8a:fa:be:6f:58:ac:c2:62:2c:91:
e5:6c:e3:7c:f4:5b:39:5c:ea:d9:64:c1:7e:5a:71:
72:18:2e:f0:b7:f9:6d:23:44:d3:4c:3f:25:6f:a8:
67:86:0b:09:e4:75:32:b7:11:06:c5:0d:c7:d2:49:
a1:4f:89:14:f3:83:1d:b0:61:de:a6:19:e4:1d:2f:
3d:a3:d5:90:5e:13:08:0e:59:7d:19:b9:12:55:37:
7b:c8:2d:97:07:de:1f:c6:07:b7:e9:cb:3a:9d:6a:
6a:03:81:ab:4b:f9:2f:58:3a:51:a4:a5:3c:48:3d:
12:f2:a2:66:8f:cb:10:e7:e7:20:ae:31:42:43:f3:
f5:24:66:73:a3:82:3b:5a:f8:19:1a:aa:1d:90:87:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1D:89:6A:25:01:5E:1D:BE:D3:E8:C9:8C:45:52:F8:9B:03:1C:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.240.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:cf:31:36:37:80:49:cb:fc:3c:ce:62:2a:8d:31:8e:28:fa:
78:5f:a9:3a:e9:08:45:09:a6:78:42:f5:79:84:70:03:33:22:
6b:3c:78:8c:41:24:4b:fd:d1:a8:33:df:8a:60:c1:44:b6:84:
60:32:62:93:a5:3c:fe:4d:73:09:8e:e7:2f:93:f2:58:74:d7:
a6:73:54:7c:af:06:21:8d:3d:de:f9:3c:96:d3:0e:0e:29:24:
0a:d5:5f:66:84:ef:a0:2a:b0:f2:2d:26:84:f3:2f:2a:35:fa:
86:92:63:ec:89:b8:9b:57:a0:4c:ff:c6:36:a5:57:69:b5:c5:
5c:90:c6:f1:ee:94:3f:b0:d6:0a:49:c9:3d:74:4f:e1:1e:56:
78:aa:67:46:ff:79:6a:8d:de:3a:38:3c:e9:fa:50:d3:a6:ec:
a5:6d:10:ec:74:c1:99:78:f4:78:1f:2e:ed:3d:8e:86:bd:41:
21:46:06:03:05:38:22:89:12:9f:c1:98:21:55:8e:f7:12:83:
b2:36:4a:f1:5f:85:75:78:34:e8:c0:8d:17:f8:dc:05:c6:6c:
46:72:d5:5b:49:23:fd:73:4d:2e:dd:2c:c2:14:46:20:77:44:
f0:0b:4c:8e:f3:4b:a4:ac:db:a4:cc:a7:6b:36:91:bd:8e:28:
17:61:c1:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBuI7xBz3rhMUKINGkXa32H4lO/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDEwODA2NDVaFw0yNTA0MzAwODExNDVaMDMxMTAvBgNV
BAMTKDNFMUQ4OTZBMjUwMTVFMURCRUQzRThDOThDNDU1MkY4OUIwMzFDN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6didoI2qVuZUmt2OcgkC4tqFF
4EKd52hkHN+DBUU6Uj6dm4O3huBjZq5AmIis4l+7cw01OI9X1pxHPLASwtiMWCub
zrXXNFKxBM1jzcq3K8mroA1DGr43uaDlYFBo58GVo0Z1Vy1QQCdmBl2yivq+b1is
wmIskeVs43z0Wzlc6tlkwX5acXIYLvC3+W0jRNNMPyVvqGeGCwnkdTK3EQbFDcfS
SaFPiRTzgx2wYd6mGeQdLz2j1ZBeEwgOWX0ZuRJVN3vILZcH3h/GB7fpyzqdamoD
gatL+S9YOlGkpTxIPRLyomaPyxDn5yCuMUJD8/UkZnOjgjta+Bkaqh2Qh4pLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPh2JaiUBXh2+0+jJjEVS+JsDHHowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxrwMA0GCSqGSIb3DQEBCwUAA4IBAQCKzzE2N4BJy/w8zmIqjTGOKPp4X6k66QhF
CaZ4QvV5hHADMyJrPHiMQSRL/dGoM9+KYMFEtoRgMmKTpTz+TXMJjucvk/JYdNem
c1R8rwYhjT3e+TyW0w4OKSQK1V9mhO+gKrDyLSaE8y8qNfqGkmPsibibV6BM/8Y2
pVdptcVckMbx7pQ/sNYKSck9dE/hHlZ4qmdG/3lqjd46ODzp+lDTpuylbRDsdMGZ
ePR4Hy7tPY6GvUEhRgYDBTgiiRKfwZghVY73EoOyNkrxX4V1eDTowI0X+NwFxmxG
ctVbSSP9c00u3SzCFEYgd0TwC0yO80ukrNukzKdrNpG9jigXYcG3
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org