Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
File: 39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zDyAg04Ia5gE4rWvrpXZax9PklEcnWjgHHYUowS2Jes=
Subject key identifier: 34:B7:6A:5D:5E:69:5D:DB:4D:93:F8:DB:39:00:42:82:B8:A5:34:61
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 17D75F0D481A55CB985B1C1CFD4FEF336BA85B56
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 28 Aug 2024 14:04:44 +0000
ROA not before: Wed 28 Aug 2024 13:59:44 +0000
ROA not after: Wed 27 Aug 2025 14:04:44 +0000
asID: 136787
IP address blocks: 91.229.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d7:5f:0d:48:1a:55:cb:98:5b:1c:1c:fd:4f:ef:33:6b:a8:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:44 2024 GMT
Not After : Aug 27 14:04:44 2025 GMT
Subject: CN=34B76A5D5E695DDB4D93F8DB39004282B8A53461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:65:e1:fd:4c:98:22:64:fe:4a:ac:cb:50:
74:d7:91:02:93:7f:07:66:aa:ef:57:22:1c:3f:1c:
cb:c4:7e:bb:5d:e3:ee:42:ce:90:a5:f4:f7:6c:ca:
ce:29:08:76:8b:f1:2f:50:6c:bf:55:22:00:6a:c6:
57:40:1d:84:dd:93:f8:53:64:a5:ca:fb:6c:50:86:
d7:59:f3:3d:6f:db:89:08:3b:2c:73:33:d9:bb:d9:
5f:5b:7f:68:d8:9a:e0:03:9a:59:f5:ef:11:92:b5:
b0:15:01:0f:be:d7:ab:08:ff:5c:ad:fd:f0:ac:8d:
7d:bb:0d:c6:15:77:8c:dc:1e:1d:8a:ce:bb:06:53:
7f:ca:30:a5:b0:01:c4:3d:41:67:8a:ad:e7:52:ff:
1d:96:54:00:6e:a9:1d:4d:c3:c2:65:33:09:bf:41:
55:e8:e7:7f:33:00:99:27:d3:0d:30:f9:1a:e5:4f:
73:6c:ca:52:ac:5e:cc:7e:c8:1c:83:74:f9:dd:5d:
c5:bd:f8:b1:2c:33:59:61:06:c5:1a:25:d6:f5:22:
e5:66:9d:c8:41:3d:0b:f7:92:c4:dd:a6:42:38:66:
e9:32:ea:d9:b4:50:79:3f:c3:76:f6:0d:94:24:87:
16:c4:60:b8:4c:3e:31:c6:93:0b:6c:86:63:b8:6e:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B7:6A:5D:5E:69:5D:DB:4D:93:F8:DB:39:00:42:82:B8:A5:34:61
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3232392e3234342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:d9:d4:93:a1:82:79:62:a5:25:08:fe:79:f0:bd:cf:aa:da:
30:3f:2b:9e:ab:93:86:04:78:1a:fa:7f:61:37:95:44:c9:1d:
ff:bc:1e:35:4b:d6:20:ee:aa:ea:6c:b6:8f:ee:11:e0:0f:6e:
5a:54:03:35:66:c2:05:66:3c:16:c7:30:e4:08:a4:68:9c:c8:
56:b4:f8:20:99:ca:84:a9:0c:60:57:98:ee:7a:bc:3d:30:42:
39:7d:73:51:9e:7b:b7:58:a6:9c:e3:91:6d:bd:2a:47:b2:bf:
44:b2:90:46:d9:a4:9e:e6:f6:a0:e4:6e:dd:91:a5:ce:99:2c:
f8:f2:4d:f3:00:84:5c:20:43:77:7d:82:a2:85:fa:40:49:03:
b8:1a:5c:45:72:86:e2:5e:df:e4:7f:7a:89:c2:cb:5c:d4:cc:
1b:08:10:41:5a:dc:d4:8b:32:47:30:7f:8f:80:ac:f7:47:3d:
f1:a1:38:59:0f:de:cf:b0:f9:8d:5b:33:a2:a7:e9:bd:9e:64:
a7:b5:d3:5b:27:bf:34:9a:c8:6c:d2:95:6b:e5:0d:a2:58:d4:
78:48:17:d5:3b:8e:5b:3d:f1:f9:d8:ab:57:93:37:9a:cf:28:
3a:96:2c:d3:37:50:37:d8:e5:07:55:45:29:76:8c:24:fb:c0:
b0:61:59:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF9dfDUgaVcuYWxwc/U/vM2uoW1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDRaFw0yNTA4MjcxNDA0NDRaMDMxMTAvBgNV
BAMTKDM0Qjc2QTVENUU2OTVEREI0RDkzRjhEQjM5MDA0MjgyQjhBNTM0NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1eWXh/UyYImT+SqzLUHTXkQKT
fwdmqu9XIhw/HMvEfrtd4+5CzpCl9Pdsys4pCHaL8S9QbL9VIgBqxldAHYTdk/hT
ZKXK+2xQhtdZ8z1v24kIOyxzM9m72V9bf2jYmuADmln17xGStbAVAQ++16sI/1yt
/fCsjX27DcYVd4zcHh2KzrsGU3/KMKWwAcQ9QWeKredS/x2WVABuqR1Nw8JlMwm/
QVXo538zAJkn0w0w+RrlT3NsylKsXsx+yByDdPndXcW9+LEsM1lhBsUaJdb1IuVm
nchBPQv3ksTdpkI4Zuky6tm0UHk/w3b2DZQkhxbEYLhMPjHGkwtshmO4bknlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNLdqXV5pXdtNk/jbOQBCgrilNGEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzMjM5MmUzMjM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABb5fQwDQYJKoZIhvcNAQELBQADggEBAJrZ1JOhgnlipSUI/nnwvc+q2jA/K56r
k4YEeBr6f2E3lUTJHf+8HjVL1iDuqupsto/uEeAPblpUAzVmwgVmPBbHMOQIpGic
yFa0+CCZyoSpDGBXmO56vD0wQjl9c1Gee7dYppzjkW29Kkeyv0SykEbZpJ7m9qDk
bt2Rpc6ZLPjyTfMAhFwgQ3d9gqKF+kBJA7gaXEVyhuJe3+R/eonCy1zUzBsIEEFa
3NSLMkcwf4+ArPdHPfGhOFkP3s+w+Y1bM6Kn6b2eZKe101snvzSayGzSlWvlDaJY
1HhIF9U7jls98fnYq1eTN5rPKDqWLNM3UDfY5QdVRSl2jCT7wLBhWa4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:11 2025 by rpki-client