Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
File: 3139352e38382e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ey0E/40j6GWWSVp/7+JnQ+G38a0cTq9CujnXcTAof6g=
Subject key identifier: 0B:F0:7D:EE:73:A6:CB:F4:24:D6:8E:3C:C6:26:79:F2:21:A8:E6:9C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 420336F2569B58C31A4B3CBA2DF43347307B32BA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:32 +0000
ROA not before: Mon 26 Feb 2024 08:48:32 +0000
ROA not after: Mon 24 Feb 2025 08:53:32 +0000
asID: 136787
IP address blocks: 195.88.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:03:36:f2:56:9b:58:c3:1a:4b:3c:ba:2d:f4:33:47:30:7b:32:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:32 2024 GMT
Not After : Feb 24 08:53:32 2025 GMT
Subject: CN=0BF07DEE73A6CBF424D68E3CC62679F221A8E69C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:c9:6b:b7:25:c9:29:f6:0b:0a:9b:85:ae:
35:4d:93:d0:dc:9b:ed:67:0b:fc:c0:47:c6:4b:14:
6d:bd:19:81:83:d2:e0:e4:a8:37:62:e8:05:44:6a:
b2:13:04:a0:38:e3:77:bb:56:ca:cb:f1:51:79:e3:
9b:bb:fa:a4:e9:4c:54:f0:b4:49:de:b5:63:6f:f6:
83:db:02:76:eb:9f:9a:85:07:fd:24:9c:e2:22:84:
da:a0:31:46:29:5a:e1:e1:b3:fb:ab:97:b1:b0:ad:
30:bc:46:90:02:85:4a:06:1c:a2:22:b5:61:df:3f:
60:7b:f5:9c:6c:17:fe:33:35:28:56:42:0b:9f:68:
b8:03:ba:cd:d0:78:9a:ae:22:40:5e:d7:ee:b6:9e:
d9:71:94:6d:ff:6f:4e:d6:9a:37:5c:61:52:46:58:
85:8b:ab:3c:b9:6d:6a:18:0c:e4:a1:a3:07:61:28:
c6:2f:71:f9:c4:bb:7f:7b:0b:06:80:13:71:64:16:
f3:ee:b9:d8:89:68:cc:cf:ef:d2:90:79:11:be:d5:
dd:49:5f:1a:a6:c4:d5:b8:20:e3:01:65:67:f4:fb:
12:e0:d8:a8:fe:4d:00:8c:bd:c3:00:08:7f:35:4a:
79:eb:ce:05:82:b4:f7:98:ea:c1:74:06:77:24:c8:
28:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F0:7D:EE:73:A6:CB:F4:24:D6:8E:3C:C6:26:79:F2:21:A8:E6:9C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.86.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:bd:23:c1:86:22:fc:95:2a:01:d1:97:22:af:21:36:de:28:
53:dc:56:24:98:12:fd:78:81:31:f3:57:e5:89:5d:8b:83:7a:
d9:b6:b3:79:15:f0:ce:99:69:9a:59:53:ce:cd:6f:43:05:d7:
aa:82:d7:01:0b:56:3d:46:94:d7:35:a3:e1:a0:60:4b:8e:5f:
8e:e4:52:c4:84:55:cf:df:d0:0c:95:ff:09:7b:be:66:e4:85:
48:5a:d0:a3:48:90:d1:e7:40:0a:cd:54:73:fe:6c:a0:31:48:
99:09:57:28:00:37:c9:01:bc:14:9b:d2:d5:30:bb:bd:b8:35:
7f:5c:be:10:87:e0:56:e9:6b:f9:0d:fc:97:ea:fc:ba:d4:03:
48:6a:a6:47:6b:8f:b2:c1:a8:cd:48:94:41:a7:5f:ca:91:28:
d6:02:a1:9c:0d:11:61:6a:e4:43:55:19:5b:79:d0:37:e7:9c:
ee:85:6a:29:a1:e6:5d:4c:bc:27:0a:61:e7:46:79:a4:da:f5:
47:40:b7:eb:ac:bd:59:ba:d3:07:4a:bb:ed:2c:b0:7a:bc:77:
e1:a9:51:b6:88:bb:db:74:a0:3e:17:ab:9c:d2:fa:53:f9:7b:
cc:db:12:59:0d:51:f3:a5:fd:b9:10:61:fa:4c:33:ca:1f:c5:
9f:ff:58:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQgM28labWMMaSzy6LfQzRzB7MrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzJaFw0yNTAyMjQwODUzMzJaMDMxMTAvBgNV
BAMTKDBCRjA3REVFNzNBNkNCRjQyNEQ2OEUzQ0M2MjY3OUYyMjFBOEU2OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHtslrtyXJKfYLCpuFrjVNk9Dc
m+1nC/zAR8ZLFG29GYGD0uDkqDdi6AVEarITBKA443e7VsrL8VF545u7+qTpTFTw
tEnetWNv9oPbAnbrn5qFB/0knOIihNqgMUYpWuHhs/url7GwrTC8RpAChUoGHKIi
tWHfP2B79ZxsF/4zNShWQgufaLgDus3QeJquIkBe1+62ntlxlG3/b07WmjdcYVJG
WIWLqzy5bWoYDOShowdhKMYvcfnEu397CwaAE3FkFvPuudiJaMzP79KQeRG+1d1J
XxqmxNW4IOMBZWf0+xLg2Kj+TQCMvcMACH81SnnrzgWCtPeY6sF0BnckyCgjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUC/B97nOmy/Qk1o48xiZ58iGo5pwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzODM4MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w1hWMA0GCSqGSIb3DQEBCwUAA4IBAQA6vSPBhiL8lSoB0ZciryE23ihT3FYkmBL9
eIEx81fliV2Lg3rZtrN5FfDOmWmaWVPOzW9DBdeqgtcBC1Y9RpTXNaPhoGBLjl+O
5FLEhFXP39AMlf8Je75m5IVIWtCjSJDR50AKzVRz/mygMUiZCVcoADfJAbwUm9LV
MLu9uDV/XL4Qh+BW6Wv5DfyX6vy61ANIaqZHa4+ywajNSJRBp1/KkSjWAqGcDRFh
auRDVRlbedA355zuhWopoeZdTLwnCmHnRnmk2vVHQLfrrL1ZutMHSrvtLLB6vHfh
qVG2iLvbdKA+F6uc0vpT+XvM2xJZDVHzpf25EGH6TDPKH8Wf/1iI
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org