Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32342e302f32322d3232203d3e203437353833.roa
File: 3139352e33352e32342e302f32322d3232203d3e203437353833.roa (raw, json)
Hash identifier: ckFhhlst3/oWzThygcia7o40flbcZOxOG9i2YtH2szE=
Subject key identifier: DA:35:A4:39:09:8D:9D:CD:24:DC:AD:C4:35:BD:83:8A:31:C5:65:4A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 10675DC5A6A9D5A4CC07F5AFCAFC032E9CC0A957
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32342e302f32322d3232203d3e203437353833.roa
Signing time: Mon 06 Nov 2023 17:37:28 +0000
ROA not before: Mon 06 Nov 2023 17:32:28 +0000
ROA not after: Mon 04 Nov 2024 17:37:28 +0000
asID: 47583
IP address blocks: 195.35.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:67:5d:c5:a6:a9:d5:a4:cc:07:f5:af:ca:fc:03:2e:9c:c0:a9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 6 17:32:28 2023 GMT
Not After : Nov 4 17:37:28 2024 GMT
Subject: CN=DA35A439098D9DCD24DCADC435BD838A31C5654A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7e:69:c6:c2:96:07:ef:af:fc:61:4b:d5:06:
96:8f:35:12:a2:e8:b2:55:a2:e9:5f:b9:23:60:f8:
84:7d:9c:ad:f9:4d:04:51:27:08:b9:1a:c3:9a:95:
6c:6d:4e:38:c5:c4:4f:26:3b:7d:4a:b6:37:50:0f:
ea:d4:c9:44:f8:a1:09:39:40:e6:18:ed:a6:96:e4:
43:f4:1c:7e:4e:ee:40:63:a3:4d:b2:75:a7:8c:5d:
eb:e8:d1:4e:9a:99:f1:00:38:50:be:8f:02:e8:31:
fb:66:f5:e2:30:86:4f:33:1c:ff:e8:c1:0f:93:30:
e6:e6:97:94:20:c5:90:e3:d4:5b:f7:0b:01:df:9a:
4a:40:c9:1b:2e:74:d7:9b:0e:eb:60:12:28:59:64:
61:aa:d1:5a:5e:db:1e:9e:93:b5:1b:e3:4c:0e:25:
db:42:18:8d:ea:9f:15:0d:16:46:e9:5b:84:72:ff:
90:9d:ab:31:a6:e5:e1:73:c9:4c:db:66:3d:02:66:
ee:e5:22:2c:2d:e0:75:76:a5:9a:23:c6:8d:fa:2b:
ea:7d:a4:f7:cb:59:a4:13:cf:ec:5c:eb:17:4b:66:
b0:0c:02:14:93:ba:5a:87:b9:02:23:52:d2:55:75:
c0:51:c4:89:2c:9d:29:9e:74:18:75:72:14:ae:0e:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:35:A4:39:09:8D:9D:CD:24:DC:AD:C4:35:BD:83:8A:31:C5:65:4A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e32342e302f32322d3232203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.24.0/22
Signature Algorithm: sha256WithRSAEncryption
60:06:86:4e:3e:88:a2:e6:bb:5d:11:85:51:bf:2e:62:ce:ab:
42:8b:08:a6:14:54:c5:1a:6a:a2:54:4a:5c:aa:7e:c3:b0:be:
2f:e7:19:81:7b:c9:de:a1:cc:6d:97:79:2e:c0:1a:14:15:cd:
bb:67:69:ff:19:93:cc:08:b3:43:16:fd:fb:d2:cf:b4:fb:5f:
26:8c:3e:e0:c6:91:2a:a7:22:67:e6:54:64:10:ac:1f:d3:24:
b0:ed:81:7f:da:d6:72:d0:c1:14:7a:8b:6a:ed:99:ec:fd:e6:
2e:f8:80:65:b9:81:41:92:dc:4f:11:12:16:94:85:05:51:48:
19:95:91:20:34:bb:c7:12:78:2f:c3:06:c7:c1:b9:22:49:fd:
05:86:b0:8a:0b:02:07:49:e9:ce:34:86:31:ae:bb:46:ff:06:
1e:eb:4d:aa:0a:91:f9:5c:bc:33:97:0e:12:60:19:dd:d5:6e:
cd:ad:d4:7a:f6:3e:e0:e1:9a:cc:f7:e4:5b:81:50:dc:3e:72:
97:d2:39:e8:09:76:e1:50:80:6e:53:d8:f3:01:63:2d:b6:a9:
b7:3e:e6:4b:7b:a4:9e:1c:c5:87:d8:e2:ad:60:bf:d7:f6:fe:
c4:4b:41:79:c7:35:a3:d8:c8:f6:1b:32:a7:31:22:05:f0:da:
60:82:ba:f3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUEGddxaap1aTMB/WvyvwDLpzAqVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMDYxNzMyMjhaFw0yNDExMDQxNzM3MjhaMDMxMTAvBgNV
BAMTKERBMzVBNDM5MDk4RDlEQ0QyNERDQURDNDM1QkQ4MzhBMzFDNTY1NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIfmnGwpYH76/8YUvVBpaPNRKi
6LJVoulfuSNg+IR9nK35TQRRJwi5GsOalWxtTjjFxE8mO31KtjdQD+rUyUT4oQk5
QOYY7aaW5EP0HH5O7kBjo02ydaeMXevo0U6amfEAOFC+jwLoMftm9eIwhk8zHP/o
wQ+TMObml5QgxZDj1Fv3CwHfmkpAyRsudNebDutgEihZZGGq0Vpe2x6ek7Ub40wO
JdtCGI3qnxUNFkbpW4Ry/5CdqzGm5eFzyUzbZj0CZu7lIiwt4HV2pZojxo36K+p9
pPfLWaQTz+xc6xdLZrAMAhSTulqHuQIjUtJVdcBRxIksnSmedBh1chSuDikTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2jWkOQmNnc0k3K3ENb2DijHFZUowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMzM1MmUzMjM0
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsMj
GDANBgkqhkiG9w0BAQsFAAOCAQEAYAaGTj6Ioua7XRGFUb8uYs6rQosIphRUxRpq
olRKXKp+w7C+L+cZgXvJ3qHMbZd5LsAaFBXNu2dp/xmTzAizQxb9+9LPtPtfJow+
4MaRKqciZ+ZUZBCsH9MksO2Bf9rWctDBFHqLau2Z7P3mLviAZbmBQZLcTxESFpSF
BVFIGZWRIDS7xxJ4L8MGx8G5Ikn9BYawigsCB0npzjSGMa67Rv8GHutNqgqR+Vy8
M5cOEmAZ3dVuza3UevY+4OGazPfkW4FQ3D5yl9I56Al24VCAblPY8wFjLbaptz7m
S3uknhzFh9jirWC/1/b+xEtBecc1o9jI9hsypzEiBfDaYIK68w==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org