Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e33302e302f32332d3233203d3e203437353833.roa
File: 3139352e33352e33302e302f32332d3233203d3e203437353833.roa (raw, json)
Hash identifier: HsjL+5dhmxUyWty6LY0qF0HQG1xRtPXvoqFh5W3zkTM=
Subject key identifier: 7C:59:72:06:39:F4:E6:24:97:53:99:97:C4:76:C3:F7:C9:9D:F3:44
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 78D61304E567F9B004E8D2EAD361F2E0E913BE79
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e33302e302f32332d3233203d3e203437353833.roa
Signing time: Mon 06 Nov 2023 17:37:51 +0000
ROA not before: Mon 06 Nov 2023 17:32:51 +0000
ROA not after: Mon 04 Nov 2024 17:37:51 +0000
asID: 47583
IP address blocks: 195.35.30.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:d6:13:04:e5:67:f9:b0:04:e8:d2:ea:d3:61:f2:e0:e9:13:be:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 6 17:32:51 2023 GMT
Not After : Nov 4 17:37:51 2024 GMT
Subject: CN=7C59720639F4E62497539997C476C3F7C99DF344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3a:3e:d4:f3:77:21:0f:65:40:46:c1:4c:cb:
0e:cb:68:da:a7:88:d4:46:19:1c:9a:52:2d:12:91:
81:b5:ca:1a:d5:42:91:57:47:5a:81:28:e9:1e:7a:
77:69:29:96:f7:e4:0d:f7:c0:9d:2a:03:c7:9a:65:
73:cd:b8:2c:10:05:00:1f:5e:06:ab:fb:fd:2f:e1:
ab:84:a4:f1:ed:57:05:c0:10:3d:db:17:9e:cf:9e:
49:9b:bd:13:b9:c7:00:d4:cb:c9:8d:69:72:ec:83:
59:fc:2c:e4:9d:c8:30:7d:1e:aa:95:78:42:85:4d:
82:2f:76:e0:47:70:3e:7a:9a:fb:24:7e:ee:99:1b:
4d:8d:b8:6a:f6:99:4e:2c:c0:8c:e8:c4:6b:12:a7:
83:2f:81:a6:ba:dc:39:cd:02:ff:ef:fc:5b:0c:ad:
0f:de:48:37:52:a2:a7:fc:24:09:aa:11:bc:3f:a9:
74:64:b2:3d:66:7e:1a:62:83:e5:a9:73:a1:73:a0:
d2:53:8f:29:f4:d8:43:72:ee:3c:33:d6:e5:a7:07:
7f:86:5e:83:59:01:7a:0a:b6:af:73:8e:14:4c:f4:
72:d0:a6:d8:e3:17:11:08:28:19:c9:af:ee:8e:4d:
2b:4f:29:e4:ad:7c:50:01:13:d4:69:6d:34:5c:9f:
55:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:59:72:06:39:F4:E6:24:97:53:99:97:C4:76:C3:F7:C9:9D:F3:44
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e33352e33302e302f32332d3233203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.30.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:96:90:d7:fb:20:de:66:ff:c2:21:f4:ee:41:b3:f4:e0:ca:
33:29:29:04:27:c1:63:f8:68:e8:87:f9:89:6e:cf:78:b1:11:
04:b4:dd:bd:0d:40:aa:d6:0e:00:7e:f5:45:85:a4:b9:69:29:
18:ad:90:ec:21:60:e9:b9:d2:07:6f:ab:ba:c9:03:8e:be:2c:
68:cf:7e:89:6b:a7:36:3e:cc:12:fb:07:6c:31:29:cd:82:ba:
12:86:9a:ca:31:94:0e:a2:76:3c:60:23:af:58:0e:b7:0f:05:
d8:34:d0:9b:18:4d:5e:84:52:d2:06:6d:ad:1b:d3:b4:54:b2:
f4:12:65:d7:58:88:43:06:24:bb:72:ab:07:ec:7e:ef:1b:70:
b6:33:20:e5:ad:65:72:bf:06:09:81:0b:45:94:a3:9e:e2:ae:
f3:fe:d6:fc:59:2b:4e:e1:bd:df:06:33:d2:7c:2b:5b:c3:3a:
c7:fa:43:70:1b:6e:d7:9c:c0:e2:a1:ae:de:db:2a:c8:a7:35:
36:8b:d3:38:f6:07:32:6c:83:1b:a4:a9:eb:ac:6c:83:c7:05:
12:68:05:10:10:5b:2e:ed:9e:cc:e7:e9:d5:6a:9e:d2:25:2a:
32:de:41:61:1c:e0:20:6e:34:e6:c8:ec:7e:b4:54:81:64:60:
91:b8:ad:99
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeNYTBOVn+bAE6NLq02Hy4OkTvnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMDYxNzMyNTFaFw0yNDExMDQxNzM3NTFaMDMxMTAvBgNV
BAMTKDdDNTk3MjA2MzlGNEU2MjQ5NzUzOTk5N0M0NzZDM0Y3Qzk5REYzNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfOj7U83chD2VARsFMyw7LaNqn
iNRGGRyaUi0SkYG1yhrVQpFXR1qBKOkeendpKZb35A33wJ0qA8eaZXPNuCwQBQAf
Xgar+/0v4auEpPHtVwXAED3bF57PnkmbvRO5xwDUy8mNaXLsg1n8LOSdyDB9HqqV
eEKFTYIvduBHcD56mvskfu6ZG02NuGr2mU4swIzoxGsSp4Mvgaa63DnNAv/v/FsM
rQ/eSDdSoqf8JAmqEbw/qXRksj1mfhpig+Wpc6FzoNJTjyn02ENy7jwz1uWnB3+G
XoNZAXoKtq9zjhRM9HLQptjjFxEIKBnJr+6OTStPKeStfFABE9RpbTRcn1XNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUfFlyBjn05iSXU5mXxHbD98md80QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMzM1MmUzMzMw
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMj
HjANBgkqhkiG9w0BAQsFAAOCAQEAHZaQ1/sg3mb/wiH07kGz9ODKMykpBCfBY/ho
6If5iW7PeLERBLTdvQ1AqtYOAH71RYWkuWkpGK2Q7CFg6bnSB2+ruskDjr4saM9+
iWunNj7MEvsHbDEpzYK6EoaayjGUDqJ2PGAjr1gOtw8F2DTQmxhNXoRS0gZtrRvT
tFSy9BJl11iIQwYku3KrB+x+7xtwtjMg5a1lcr8GCYELRZSjnuKu8/7W/FkrTuG9
3wYz0nwrW8M6x/pDcBtu15zA4qGu3tsqyKc1NovTOPYHMmyDG6Sp66xsg8cFEmgF
EBBbLu2ezOfp1Wqe0iUqMt5BYRzgIG405sjsfrRUgWRgkbitmQ==
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org