Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
File: 39312e3233302e3131312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: tQu9Lz1SLmjTdAHdLFcO2+6x0ypVeBvW5jDLKCd+uE8=
Subject key identifier: F2:DE:61:F0:B7:74:C7:D5:92:97:D7:8B:33:4F:1C:27:89:27:0D:9A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4CF53553079624E0561C36B2C96FB4F7734F4894
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
Signing time: Wed 28 Aug 2024 14:04:43 +0000
ROA not before: Wed 28 Aug 2024 13:59:43 +0000
ROA not after: Wed 27 Aug 2025 14:04:43 +0000
asID: 51167
IP address blocks: 91.230.111.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f5:35:53:07:96:24:e0:56:1c:36:b2:c9:6f:b4:f7:73:4f:48:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 13:59:43 2024 GMT
Not After : Aug 27 14:04:43 2025 GMT
Subject: CN=F2DE61F0B774C7D59297D78B334F1C2789270D9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:e0:d6:88:35:b4:94:70:c4:f8:37:c0:6c:
2c:e8:87:f6:6e:19:78:63:91:5d:1c:07:53:33:c4:
ae:d0:0c:ab:81:18:2f:66:25:a2:2f:5d:9a:a6:42:
0d:73:74:53:92:d2:3c:57:d1:d3:77:30:6d:c8:df:
28:76:21:e5:18:95:88:a9:4e:07:47:0d:dd:7d:72:
6f:9a:44:4c:47:ae:7a:70:5c:5c:3e:c9:65:ba:0c:
7c:d6:55:a3:62:9f:ea:dd:de:5a:7a:17:5f:03:52:
46:64:7e:95:fa:c7:aa:60:39:73:b1:5f:02:f6:16:
3b:28:97:04:85:cf:e6:f1:98:72:28:f2:0e:9f:84:
6e:b2:1c:cf:1a:25:fc:ff:82:47:ce:04:a5:70:a9:
57:dc:0f:35:55:b9:5a:bf:10:b3:33:eb:21:6b:34:
61:9f:d7:a5:27:40:81:00:95:a8:f8:e7:7a:cb:f3:
00:88:84:1c:62:5a:90:20:2e:4d:c8:78:26:9e:12:
b7:2d:0c:2d:ee:92:c0:78:27:5e:89:93:3d:15:55:
dc:60:72:f8:62:b1:ee:c9:fc:b3:b2:02:4b:7a:da:
25:4d:99:be:4d:e7:47:3e:c0:b1:76:67:d9:70:24:
17:75:47:c1:06:31:20:99:ac:c9:a2:8a:99:a3:b7:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:DE:61:F0:B7:74:C7:D5:92:97:D7:8B:33:4F:1C:27:89:27:0D:9A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.111.0/24
Signature Algorithm: sha256WithRSAEncryption
20:24:c3:4d:5a:dc:25:52:18:cc:2e:59:56:82:86:d2:c6:86:
53:58:70:6c:c9:3f:6a:10:53:22:ae:01:26:4d:42:f1:8c:3d:
64:49:97:5a:97:d4:0e:70:6c:6e:4b:5e:32:8e:a6:59:73:5f:
96:02:6a:6a:b6:c1:67:92:8c:23:a0:89:aa:18:f1:77:3c:aa:
cf:3c:d9:c2:44:47:d3:fa:e1:e6:48:f7:12:ce:fc:bf:d2:46:
e1:12:8e:09:21:91:01:14:51:f7:ff:45:f8:91:32:d3:e6:8f:
ee:d9:cd:b7:af:81:60:09:de:13:89:56:df:f6:8f:5d:6e:e4:
11:93:72:16:61:e9:3f:d0:73:05:48:bc:2f:f8:f5:f1:b8:5c:
ae:8b:d2:69:cd:3b:73:5a:6b:a8:b0:f4:f0:ab:06:f0:21:82:
97:ee:cf:ce:2b:ad:6b:d0:2e:4f:bd:0f:0e:56:f3:0a:32:e9:
ba:7c:66:9d:18:4b:40:e6:9f:99:02:42:01:03:68:1b:40:a8:
bd:ec:cb:65:6d:8e:6e:91:6c:7d:6c:86:d3:16:63:a8:0a:eb:
b0:ee:65:97:88:01:9f:ec:b0:86:e9:46:ab:4b:a2:44:ab:de:
53:26:65:92:92:fe:36:50:73:71:08:2e:95:bb:fe:f6:c7:b3:
05:0a:1e:32
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTPU1UweWJOBWHDayyW+093NPSJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjgxMzU5NDNaFw0yNTA4MjcxNDA0NDNaMDMxMTAvBgNV
BAMTKEYyREU2MUYwQjc3NEM3RDU5Mjk3RDc4QjMzNEYxQzI3ODkyNzBEOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkOeDWiDW0lHDE+DfAbCzoh/Zu
GXhjkV0cB1MzxK7QDKuBGC9mJaIvXZqmQg1zdFOS0jxX0dN3MG3I3yh2IeUYlYip
TgdHDd19cm+aRExHrnpwXFw+yWW6DHzWVaNin+rd3lp6F18DUkZkfpX6x6pgOXOx
XwL2FjsolwSFz+bxmHIo8g6fhG6yHM8aJfz/gkfOBKVwqVfcDzVVuVq/ELMz6yFr
NGGf16UnQIEAlaj453rL8wCIhBxiWpAgLk3IeCaeErctDC3uksB4J16Jkz0VVdxg
cvhise7J/LOyAkt62iVNmb5N50c+wLF2Z9lwJBd1R8EGMSCZrMmiipmjt/ANAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8t5h8Ld0x9WSl9eLM08cJ4knDZowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzMzMwMmUzMTMx
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+ZvMA0GCSqGSIb3DQEBCwUAA4IBAQAgJMNNWtwlUhjMLllWgobSxoZTWHBsyT9q
EFMirgEmTULxjD1kSZdal9QOcGxuS14yjqZZc1+WAmpqtsFnkowjoImqGPF3PKrP
PNnCREfT+uHmSPcSzvy/0kbhEo4JIZEBFFH3/0X4kTLT5o/u2c23r4FgCd4TiVbf
9o9dbuQRk3IWYek/0HMFSLwv+PXxuFyui9JpzTtzWmuosPTwqwbwIYKX7s/OK61r
0C5PvQ8OVvMKMum6fGadGEtA5p+ZAkIBA2gbQKi97MtlbY5ukWx9bIbTFmOoCuuw
7mWXiAGf7LCG6UarS6JEq95TJmWSkv42UHNxCC6Vu/72x7MFCh4y
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org