Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32302e302f32322d3232203d3e203437353833.roa
File: 3139352e33352e32302e302f32322d3232203d3e203437353833.roa (raw, json)
Hash identifier: O7MMuR2NxOSJSld9ybRakb2tds18+teP8nsLR0qGlXw=
Subject key identifier: 39:01:8F:04:4A:AC:A3:45:CA:4F:C5:EA:BB:5F:79:DF:78:4E:35:A6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7A096FF479C3E35D813288BF5FE21A0EA4C57D62
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32302e302f32322d3232203d3e203437353833.roa
Signing time: Mon 06 Nov 2023 17:37:12 +0000
ROA not before: Mon 06 Nov 2023 17:32:12 +0000
ROA not after: Mon 04 Nov 2024 17:37:12 +0000
asID: 47583
IP address blocks: 195.35.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:09:6f:f4:79:c3:e3:5d:81:32:88:bf:5f:e2:1a:0e:a4:c5:7d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 6 17:32:12 2023 GMT
Not After : Nov 4 17:37:12 2024 GMT
Subject: CN=39018F044AACA345CA4FC5EABB5F79DF784E35A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a3:b9:e6:a0:c8:fd:9f:0a:68:e1:77:54:83:
41:11:d5:50:b9:0b:cc:3d:aa:c6:04:7c:47:a0:79:
d4:3e:28:d2:32:31:7f:aa:a2:11:63:fa:b7:f7:7e:
4a:8e:d0:0a:70:2b:c0:51:c8:22:25:c9:a4:2a:d7:
0f:8a:bc:c1:ca:65:e3:e1:2e:8d:4c:0d:31:44:f6:
73:5c:35:e6:ee:46:99:48:99:f0:56:a0:94:bf:b3:
38:5f:6a:9d:74:03:4d:99:a1:13:d3:5f:59:70:17:
68:6c:32:92:a7:39:a1:21:02:60:11:d8:d4:f7:19:
ac:34:1e:06:03:7d:a3:89:6e:7b:30:4f:82:ab:fd:
a7:d5:e7:53:a2:dd:1b:b3:3d:43:1e:fc:e5:f4:49:
5c:f0:32:1a:26:42:d5:9b:54:1a:64:31:19:8a:49:
b0:25:b6:f7:cf:35:40:49:fc:63:cc:59:5c:15:93:
54:55:c8:7b:44:24:06:a9:7c:b3:9c:df:0b:02:9d:
85:6a:9b:f1:52:fc:01:ca:65:ec:9c:54:8a:7a:95:
31:e5:76:44:c1:af:b7:8c:6b:b3:8d:64:85:45:da:
7b:90:4d:23:c8:4d:47:4c:46:12:a8:61:52:8d:10:
a1:b1:15:16:14:c2:76:08:6d:cb:ed:71:93:3a:f2:
1b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:01:8F:04:4A:AC:A3:45:CA:4F:C5:EA:BB:5F:79:DF:78:4E:35:A6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32302e302f32322d3232203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:19:ac:4c:89:5b:05:a5:c2:af:4d:d2:f7:82:9c:29:60:01:
2c:76:1b:f0:b7:e9:53:eb:90:01:72:f3:c2:28:f3:c4:84:61:
27:81:5e:06:2f:64:db:3a:49:28:a9:b5:55:06:07:1a:fd:77:
f2:43:c0:a9:9a:71:49:0a:0b:d7:21:2a:6d:5f:6d:ff:3b:fc:
6b:5d:05:80:e5:88:00:24:54:87:87:59:36:e1:45:e2:5f:e9:
fa:e7:17:a0:20:10:f8:11:fc:7c:4f:40:42:76:8a:65:e4:ef:
9f:ac:0a:b2:33:07:ff:ff:21:31:81:87:64:e9:76:51:71:00:
c0:63:fe:b5:84:33:0f:d0:04:6c:8e:f9:3a:ca:cd:43:c5:31:
e4:e2:a8:06:63:b7:2e:7e:56:09:4a:9a:30:80:7e:87:67:9a:
9a:e4:27:f9:19:5c:f1:4c:b4:7d:8d:1b:53:38:27:3a:db:2f:
1b:73:1e:a4:35:b1:e1:20:25:99:02:86:c4:03:9f:36:ee:a5:
9e:00:29:57:b2:2a:ee:43:50:55:0a:5a:ba:fa:0f:05:29:e7:
2d:75:ee:cd:4f:51:66:eb:e2:85:0a:1c:e7:7c:0f:ed:41:d5:
a5:61:07:0c:03:ad:33:ce:81:e8:da:ba:16:e3:e5:05:9c:88:
51:57:e6:aa
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeglv9HnD412BMoi/X+IaDqTFfWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMDYxNzMyMTJaFw0yNDExMDQxNzM3MTJaMDMxMTAvBgNV
BAMTKDM5MDE4RjA0NEFBQ0EzNDVDQTRGQzVFQUJCNUY3OURGNzg0RTM1QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuo7nmoMj9nwpo4XdUg0ER1VC5
C8w9qsYEfEegedQ+KNIyMX+qohFj+rf3fkqO0ApwK8BRyCIlyaQq1w+KvMHKZePh
Lo1MDTFE9nNcNebuRplImfBWoJS/szhfap10A02ZoRPTX1lwF2hsMpKnOaEhAmAR
2NT3Gaw0HgYDfaOJbnswT4Kr/afV51Oi3RuzPUMe/OX0SVzwMhomQtWbVBpkMRmK
SbAltvfPNUBJ/GPMWVwVk1RVyHtEJAapfLOc3wsCnYVqm/FS/AHKZeycVIp6lTHl
dkTBr7eMa7ONZIVF2nuQTSPITUdMRhKoYVKNEKGxFRYUwnYIbcvtcZM68huDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOQGPBEqso0XKT8Xqu19533hONaYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMzM1MmUzMjMw
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsMj
FDANBgkqhkiG9w0BAQsFAAOCAQEAHBmsTIlbBaXCr03S94KcKWABLHYb8LfpU+uQ
AXLzwijzxIRhJ4FeBi9k2zpJKKm1VQYHGv138kPAqZpxSQoL1yEqbV9t/zv8a10F
gOWIACRUh4dZNuFF4l/p+ucXoCAQ+BH8fE9AQnaKZeTvn6wKsjMH//8hMYGHZOl2
UXEAwGP+tYQzD9AEbI75OsrNQ8Ux5OKoBmO3Ln5WCUqaMIB+h2eamuQn+Rlc8Uy0
fY0bUzgnOtsvG3MepDWx4SAlmQKGxAOfNu6lngApV7Iq7kNQVQpauvoPBSnnLXXu
zU9RZuvihQoc53wP7UHVpWEHDAOtM86B6Nq6FuPlBZyIUVfmqg==
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org