Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234382e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: kS3GiQgjWxd+sS3hwi3Igl2OXqxMuTDJAhkpkIPz/7E=
Subject key identifier: AA:00:56:B0:24:D8:41:97:7C:E4:C2:68:EF:E2:B9:4A:0C:EB:62:9D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 65F69ACF2EDAA7EB23C9BE3AAA6BCBDCF99A66C7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
Signing time: Wed 01 May 2024 08:12:02 +0000
ROA not before: Wed 01 May 2024 08:07:02 +0000
ROA not after: Wed 30 Apr 2025 08:12:02 +0000
asID: 40021
IP address blocks: 195.26.248.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f6:9a:cf:2e:da:a7:eb:23:c9:be:3a:aa:6b:cb:dc:f9:9a:66:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 08:07:02 2024 GMT
Not After : Apr 30 08:12:02 2025 GMT
Subject: CN=AA0056B024D841977CE4C268EFE2B94A0CEB629D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4e:ee:ee:02:99:3b:b2:98:f8:88:83:ef:a8:
02:f2:4c:85:6c:6d:a9:d4:79:c0:ea:88:cf:4e:e0:
63:cd:6b:3b:a4:a0:88:3f:db:e8:c4:03:e5:b6:a0:
27:b2:9b:ce:63:ab:9e:eb:00:2f:79:3c:29:b9:4b:
c0:f2:45:98:0f:ae:09:61:94:3f:b5:c2:18:25:02:
df:31:fe:bd:95:05:2e:b3:04:07:b3:24:cb:e2:9a:
be:47:83:59:87:f6:9b:74:62:a0:81:bb:f1:0e:93:
4e:84:d5:24:52:02:f1:2a:c5:9a:f8:f0:a0:96:1f:
e9:86:68:e6:46:af:eb:85:ee:f0:08:89:a3:48:2a:
13:54:74:e1:75:94:c1:8e:5d:67:18:5e:9b:99:28:
4f:71:a0:4e:f8:c2:14:be:26:77:12:89:83:52:cd:
ad:d8:fe:60:90:47:22:4f:4d:e0:e2:3f:2d:cc:3b:
ea:f0:da:53:42:cc:6f:93:23:3e:7f:d6:44:60:12:
bb:ca:23:58:48:39:15:c2:f2:92:6d:94:d7:23:01:
33:9a:95:e4:cc:87:b7:f4:c4:34:b6:38:31:f8:72:
ef:b5:49:97:33:b2:94:4c:04:7f:67:30:6c:a4:d9:
fb:0c:48:a5:6b:cd:16:0b:d3:0d:b7:5f:f0:a5:4c:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:00:56:B0:24:D8:41:97:7C:E4:C2:68:EF:E2:B9:4A:0C:EB:62:9D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.248.0/21
Signature Algorithm: sha256WithRSAEncryption
52:00:49:94:24:68:c8:e0:87:20:35:d5:e5:fe:a9:77:c6:0a:
26:11:69:fa:56:21:a0:a2:56:0a:ce:b9:0f:f5:bc:c5:33:f7:
4b:aa:3b:e1:23:2f:be:65:89:68:5a:48:42:81:83:5f:68:55:
a5:e5:10:e6:f1:25:49:1d:1c:f9:6f:7a:30:fc:3d:34:79:08:
f0:a5:fa:84:56:98:40:8f:7a:ed:18:f3:68:ca:be:c4:ec:38:
bb:56:53:c0:34:29:8a:15:42:1b:cc:0c:0a:47:98:b3:b2:38:
8b:1d:78:33:a2:50:a6:34:19:be:94:68:52:cb:cf:c3:a1:c1:
fa:31:9f:19:cd:9e:b5:19:f6:38:fe:27:73:2d:66:18:63:2b:
f9:ac:f8:71:80:7e:72:3e:44:16:0d:d1:d8:ef:38:f1:2f:ea:
de:7c:cf:8d:71:fc:15:78:03:35:6e:f3:6e:b3:e1:17:af:3a:
28:ea:af:6f:c8:04:a0:59:c0:61:49:cd:92:d3:77:14:83:43:
ca:10:b7:da:01:60:2f:86:80:b1:70:2c:d3:0b:f4:e9:8a:18:
eb:89:a2:13:bf:a0:81:2c:0c:ee:73:57:b5:85:aa:41:53:64:
a3:a3:5e:00:75:2d:57:f7:fe:2c:9c:32:fc:74:28:16:1b:f0:
0c:cc:70:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZfaazy7ap+sjyb46qmvL3PmaZscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDEwODA3MDJaFw0yNTA0MzAwODEyMDJaMDMxMTAvBgNV
BAMTKEFBMDA1NkIwMjREODQxOTc3Q0U0QzI2OEVGRTJCOTRBMENFQjYyOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRTu7uApk7spj4iIPvqALyTIVs
banUecDqiM9O4GPNazukoIg/2+jEA+W2oCeym85jq57rAC95PCm5S8DyRZgPrglh
lD+1whglAt8x/r2VBS6zBAezJMvimr5Hg1mH9pt0YqCBu/EOk06E1SRSAvEqxZr4
8KCWH+mGaOZGr+uF7vAIiaNIKhNUdOF1lMGOXWcYXpuZKE9xoE74whS+JncSiYNS
za3Y/mCQRyJPTeDiPy3MO+rw2lNCzG+TIz5/1kRgErvKI1hIORXC8pJtlNcjATOa
leTMh7f0xDS2ODH4cu+1SZczspRMBH9nMGyk2fsMSKVrzRYL0w23X/ClTLDlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqgBWsCTYQZd85MJo7+K5SgzrYp0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzgyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxr4MA0GCSqGSIb3DQEBCwUAA4IBAQBSAEmUJGjI4IcgNdXl/ql3xgomEWn6ViGg
olYKzrkP9bzFM/dLqjvhIy++ZYloWkhCgYNfaFWl5RDm8SVJHRz5b3ow/D00eQjw
pfqEVphAj3rtGPNoyr7E7Di7VlPANCmKFUIbzAwKR5izsjiLHXgzolCmNBm+lGhS
y8/DocH6MZ8ZzZ61GfY4/idzLWYYYyv5rPhxgH5yPkQWDdHY7zjxL+refM+NcfwV
eAM1bvNus+EXrzoo6q9vyASgWcBhSc2S03cUg0PKELfaAWAvhoCxcCzTC/Tpihjr
iaITv6CBLAzuc1e1hapBU2Sjo14AdS1X9/4snDL8dCgWG/AMzHAe
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:14 2024 by rpki-client on console-ams.rpki-client.org