Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
File: 39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kDDPDzhGODRpOF8gc6XfGM16854eMeCuduO0cmrQr2w=
Subject key identifier: 8A:01:0A:97:56:7E:78:92:ED:EB:EE:FB:E4:FD:CE:03:75:B5:3E:AE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C3EAA4369A204594AD8BAC29851C95F35188C05
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 27 Sep 2023 13:40:12 +0000
ROA not before: Wed 27 Sep 2023 13:35:12 +0000
ROA not after: Wed 25 Sep 2024 13:40:12 +0000
asID: 136787
IP address blocks: 91.229.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:3e:aa:43:69:a2:04:59:4a:d8:ba:c2:98:51:c9:5f:35:18:8c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:12 2023 GMT
Not After : Sep 25 13:40:12 2024 GMT
Subject: CN=8A010A97567E7892EDEBEEFBE4FDCE0375B53EAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:93:fa:05:bb:c1:ab:7f:2b:ed:7f:db:49:33:
06:ee:01:72:26:59:71:4e:4e:b5:68:c5:d3:38:29:
77:81:bc:21:d2:a6:0f:dc:c2:bb:e1:c1:86:48:5d:
65:71:38:ff:0a:e3:7f:c6:7a:d5:09:86:74:53:d3:
1f:4d:3c:87:a3:fd:7a:9c:d6:1d:a6:cc:3c:00:75:
fb:35:23:4b:8c:da:b3:65:bd:60:4f:9a:5e:75:e4:
76:d2:07:3f:21:77:a3:84:9f:53:2f:90:e4:b2:6a:
c3:d0:af:14:74:8a:bb:15:e3:09:12:b7:64:e6:8b:
09:60:e3:0d:95:f3:49:d9:ee:8e:c2:35:47:56:41:
9c:19:ab:1e:40:f3:ef:c4:73:16:3e:eb:aa:e3:eb:
48:cc:55:73:0d:42:54:99:c7:d2:c9:65:66:99:05:
3e:f6:88:7c:78:10:59:ab:b3:ec:d7:38:58:31:34:
f0:d7:5e:7f:0d:73:9f:34:4a:60:b0:72:46:92:86:
6e:11:88:1b:d2:97:d5:dd:8d:0c:eb:7e:37:06:78:
5c:9c:3f:36:a3:54:4d:68:e6:64:1d:ff:dc:b5:df:
35:ec:8c:34:e7:56:57:dd:52:dc:ec:44:16:f1:e5:
c8:61:15:4f:cd:4d:85:62:fc:94:cf:b4:ed:17:16:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:01:0A:97:56:7E:78:92:ED:EB:EE:FB:E4:FD:CE:03:75:B5:3E:AE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:3e:3d:c7:07:b1:14:47:75:41:71:df:8a:9f:34:ff:95:85:
8b:cd:32:2f:63:5c:9d:2f:99:18:90:70:00:85:cf:3d:25:73:
af:6a:cc:cb:3f:1f:03:22:c6:9e:49:e4:31:b9:c2:f1:0b:69:
88:94:cc:07:c8:55:95:09:fe:70:63:51:cc:2c:f2:db:c3:18:
af:a2:ba:91:b3:ea:1a:5e:38:93:99:cb:30:ad:a4:36:24:43:
10:9f:c2:0a:6d:c8:a1:8b:09:cd:e9:de:6e:87:46:95:96:d9:
ca:dc:24:eb:3e:1d:1c:e2:fc:0c:6a:33:bd:35:bf:dc:7b:d7:
79:90:25:49:6a:7b:36:b9:34:df:73:17:9d:ea:ca:85:7a:30:
f4:af:8f:48:f3:5b:3c:37:a8:44:c2:01:d0:d3:67:ae:41:b4:
93:36:b6:b8:6a:03:ad:2a:d7:eb:cf:ae:26:e3:09:1a:06:cc:
a0:d8:49:19:22:01:40:1a:13:90:56:59:25:c6:f2:7d:9e:1b:
ab:19:81:d6:eb:2f:e1:bc:1c:10:3a:e3:ad:15:77:fd:19:69:
f5:c1:b8:f1:06:9c:1b:24:52:bd:f0:08:03:5c:fd:d7:b7:f6:
eb:f0:3e:39:d7:46:63:b1:f8:0d:3f:8f:c6:2d:00:d0:cb:9a:
39:6f:3d:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPD6qQ2miBFlK2LrCmFHJXzUYjAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTJaFw0yNDA5MjUxMzQwMTJaMDMxMTAvBgNV
BAMTKDhBMDEwQTk3NTY3RTc4OTJFREVCRUVGQkU0RkRDRTAzNzVCNTNFQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTk/oFu8Grfyvtf9tJMwbuAXIm
WXFOTrVoxdM4KXeBvCHSpg/cwrvhwYZIXWVxOP8K43/GetUJhnRT0x9NPIej/Xqc
1h2mzDwAdfs1I0uM2rNlvWBPml515HbSBz8hd6OEn1MvkOSyasPQrxR0irsV4wkS
t2Tmiwlg4w2V80nZ7o7CNUdWQZwZqx5A8+/EcxY+66rj60jMVXMNQlSZx9LJZWaZ
BT72iHx4EFmrs+zXOFgxNPDXXn8Nc580SmCwckaShm4RiBvSl9XdjQzrfjcGeFyc
PzajVE1o5mQd/9y13zXsjDTnVlfdUtzsRBbx5chhFU/NTYVi/JTPtO0XFg+5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUigEKl1Z+eJLt6+775P3OA3W1Pq4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzMjM5MmUzMjM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABb5fQwDQYJKoZIhvcNAQELBQADggEBAJo+PccHsRRHdUFx34qfNP+VhYvNMi9j
XJ0vmRiQcACFzz0lc69qzMs/HwMixp5J5DG5wvELaYiUzAfIVZUJ/nBjUcws8tvD
GK+iupGz6hpeOJOZyzCtpDYkQxCfwgptyKGLCc3p3m6HRpWW2crcJOs+HRzi/Axq
M701v9x713mQJUlqeza5NN9zF53qyoV6MPSvj0jzWzw3qETCAdDTZ65BtJM2trhq
A60q1+vPribjCRoGzKDYSRkiAUAaE5BWWSXG8n2eG6sZgdbrL+G8HBA6460Vd/0Z
afXBuPEGnBskUr3wCANc/de39uvwPjnXRmOx+A0/j8YtANDLmjlvPeU=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:59 2024 by rpki-client on console-ams.rpki-client.org