Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131302e302f32342d3332203d3e203531313637.roa
File: 39312e3233302e3131302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: W/ylf4UqtsxXYEncL+Y77CDBe+375xWPEeqFKQwX9To=
Subject key identifier: 6F:24:6E:78:0A:0D:6D:74:B0:36:71:68:E2:9C:3B:24:C5:6A:DA:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 154E57B8A7088F1B69A75F3A2F1FAA6184FA7BE4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131302e302f32342d3332203d3e203531313637.roa
Signing time: Wed 27 Sep 2023 13:40:10 +0000
ROA not before: Wed 27 Sep 2023 13:35:10 +0000
ROA not after: Wed 25 Sep 2024 13:40:10 +0000
asID: 51167
IP address blocks: 91.230.110.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:4e:57:b8:a7:08:8f:1b:69:a7:5f:3a:2f:1f:aa:61:84:fa:7b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 13:35:10 2023 GMT
Not After : Sep 25 13:40:10 2024 GMT
Subject: CN=6F246E780A0D6D74B0367168E29C3B24C56ADA51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:97:4f:b8:03:9e:9f:66:78:c4:ba:f6:1a:
86:b9:76:48:a0:80:66:57:97:aa:77:1e:11:b1:42:
df:bd:6c:a0:5d:b5:83:71:e9:57:c2:0e:6f:37:ea:
a2:9e:24:64:5c:0f:a8:55:17:7b:26:83:3e:dd:30:
b8:a0:05:c7:72:b8:39:3d:2f:af:e0:85:db:5c:d0:
aa:ba:40:8f:d8:82:45:9e:32:fa:16:5b:b6:c2:44:
ca:84:42:df:7c:37:ae:94:40:c7:5b:5c:a7:86:0f:
35:1a:7f:a7:e3:82:6b:c3:14:40:e4:9b:fa:9d:c5:
41:d6:6c:90:2e:0f:8c:42:be:d6:69:e4:f2:53:4e:
1a:66:2a:d7:e6:7c:8d:e2:34:e4:54:38:3b:40:f1:
c6:b3:15:3f:03:94:11:c9:b4:5b:bd:aa:b0:9b:e5:
d4:85:a1:28:00:a6:df:94:1b:3b:d4:7e:43:62:e8:
0c:06:21:9f:4b:97:ab:b7:22:9c:fa:4e:af:cb:f9:
35:d0:19:c5:7b:1a:8a:a8:31:ae:f4:46:34:4c:f2:
e2:31:87:5f:03:79:bb:4e:06:9b:9d:7d:be:33:e3:
78:33:36:9c:1c:ca:ba:32:a2:5b:66:8e:b9:c2:9d:
97:1a:91:8b:9d:37:10:62:ec:f2:19:a4:e4:3d:e8:
2c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:24:6E:78:0A:0D:6D:74:B0:36:71:68:E2:9C:3B:24:C5:6A:DA:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.110.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a8:ab:e4:8e:3c:a0:19:3b:c6:94:ab:97:16:5f:d3:4d:ba:
ae:25:9a:3c:07:4c:f0:24:17:10:b8:e5:ee:71:46:cf:54:fd:
35:f5:f8:fc:09:f5:9d:b0:45:cb:6d:80:27:23:ff:c3:0d:27:
b5:42:e2:4f:e1:5b:d8:b0:79:7b:8e:11:05:d7:51:75:91:d5:
9c:1b:1d:1c:88:94:c2:c0:be:8f:78:52:f0:5e:2b:8a:e0:7d:
4d:1e:1a:9b:55:0d:61:83:af:6c:b2:af:36:e6:4b:ba:af:f5:
2d:01:f6:5f:bf:b4:a3:a5:8e:92:40:cf:da:cc:62:98:7f:f9:
83:aa:04:69:1b:4c:19:51:23:fa:f5:1a:bf:cb:77:d8:c3:9a:
5b:09:bc:40:c9:02:6c:fa:30:cc:d3:78:48:da:c7:e2:62:d4:
8f:3c:6c:47:86:8a:b6:a4:27:4b:22:7a:b0:df:51:aa:ae:64:
f5:ba:21:bc:a2:75:14:83:77:03:7e:f2:bd:3e:63:f1:57:50:
ab:79:f7:d5:0a:b3:95:79:f7:95:76:91:c7:3c:d1:5c:2a:ae:
ad:16:6c:5d:aa:c6:0f:96:2d:fe:55:ba:d7:a9:48:55:75:38:
34:7d:0a:ba:cd:97:39:fa:d1:32:96:c9:90:f8:0c:9e:be:09:
38:87:96:5a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFU5XuKcIjxtpp186Lx+qYYT6e+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA5MjcxMzM1MTBaFw0yNDA5MjUxMzQwMTBaMDMxMTAvBgNV
BAMTKDZGMjQ2RTc4MEEwRDZENzRCMDM2NzE2OEUyOUMzQjI0QzU2QURBNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfipdPuAOen2Z4xLr2Goa5dkig
gGZXl6p3HhGxQt+9bKBdtYNx6VfCDm836qKeJGRcD6hVF3smgz7dMLigBcdyuDk9
L6/ghdtc0Kq6QI/YgkWeMvoWW7bCRMqEQt98N66UQMdbXKeGDzUaf6fjgmvDFEDk
m/qdxUHWbJAuD4xCvtZp5PJTThpmKtfmfI3iNORUODtA8cazFT8DlBHJtFu9qrCb
5dSFoSgApt+UGzvUfkNi6AwGIZ9Ll6u3Ipz6Tq/L+TXQGcV7GoqoMa70RjRM8uIx
h18DebtOBpudfb4z43gzNpwcyroyoltmjrnCnZcakYudNxBi7PIZpOQ96Cz9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbyRueAoNbXSwNnFo4pw7JMVq2lEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzMzMwMmUzMTMx
MzAyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+ZuMA0GCSqGSIb3DQEBCwUAA4IBAQCHqKvkjjygGTvGlKuXFl/TTbquJZo8B0zw
JBcQuOXucUbPVP019fj8CfWdsEXLbYAnI//DDSe1QuJP4VvYsHl7jhEF11F1kdWc
Gx0ciJTCwL6PeFLwXiuK4H1NHhqbVQ1hg69ssq825ku6r/UtAfZfv7SjpY6SQM/a
zGKYf/mDqgRpG0wZUSP69Rq/y3fYw5pbCbxAyQJs+jDM03hI2sfiYtSPPGxHhoq2
pCdLInqw31GqrmT1uiG8onUUg3cDfvK9PmPxV1CreffVCrOVefeVdpHHPNFcKq6t
FmxdqsYPli3+VbrXqUhVdTg0fQq6zZc5+tEylsmQ+Ayevgk4h5Za
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org