Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3133362e3138342e302f32312d3332203d3e20313431393935.roa
File: 39342e3133362e3138342e302f32312d3332203d3e20313431393935.roa (raw, json)
Hash identifier: v+oNJ5N6NCiwaWdme2eKAHEAeZYDAlGJaXY66iWVxHI=
Subject key identifier: 09:52:CE:F5:C4:2B:7C:B6:7E:7F:04:20:73:3E:C8:1A:2C:2D:9F:E2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 343DC60E67F28CED65857E4D9BE4111222CF55C8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3133362e3138342e302f32312d3332203d3e20313431393935.roa
Signing time: Thu 27 Jun 2024 17:24:23 +0000
ROA not before: Thu 27 Jun 2024 17:19:23 +0000
ROA not after: Thu 26 Jun 2025 17:24:23 +0000
asID: 141995
IP address blocks: 94.136.184.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3d:c6:0e:67:f2:8c:ed:65:85:7e:4d:9b:e4:11:12:22:cf:55:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 27 17:19:23 2024 GMT
Not After : Jun 26 17:24:23 2025 GMT
Subject: CN=0952CEF5C42B7CB67E7F0420733EC81A2C2D9FE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:d3:ef:b3:6f:78:75:a9:69:8b:0b:97:0a:
96:65:73:e0:c2:1b:b7:39:cf:99:2e:e3:47:85:f5:
48:11:5c:f1:92:48:d8:6b:f6:71:79:11:b5:5d:67:
a8:fd:af:8c:44:82:83:ad:e8:a8:de:6e:28:49:d6:
18:14:43:0f:c9:5b:34:b3:9e:28:9c:31:cb:2d:cb:
9f:78:d6:9b:cb:67:f2:86:f0:26:47:7f:31:b5:ed:
27:30:70:11:6e:d6:70:06:39:d0:e0:fc:53:07:3b:
c3:fe:bc:ad:a5:79:44:43:f5:93:cc:ee:ed:ee:39:
b7:4a:80:9c:d3:ae:a1:52:dd:21:cc:a4:e0:c3:b1:
e3:fc:06:06:d4:35:0c:ae:3a:cd:78:72:b4:0b:67:
f3:83:ed:ae:07:cf:a4:07:05:f0:a0:b3:ed:1e:6a:
5d:71:79:ae:58:17:6b:df:05:2f:10:a5:73:86:ce:
c1:ca:32:4d:0c:29:e0:d7:54:f8:c8:24:07:69:42:
78:88:22:06:e4:74:80:97:91:aa:3a:59:ad:98:a9:
ea:10:79:60:e4:0a:21:74:04:7e:c7:b2:b8:d7:d8:
38:d9:71:0f:23:1c:dd:de:55:dd:f3:a8:d2:5f:6b:
06:47:1d:7d:0d:f7:c8:b9:cb:dd:34:8a:62:98:18:
6c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:52:CE:F5:C4:2B:7C:B6:7E:7F:04:20:73:3E:C8:1A:2C:2D:9F:E2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3133362e3138342e302f32312d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.184.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:50:6e:d3:52:2b:68:21:8c:11:4c:40:b5:e7:5a:3c:c6:d6:
2c:27:4e:63:89:b8:de:63:f4:bc:da:f0:2a:92:ee:7a:ba:da:
d3:1f:aa:fc:1a:dc:79:f5:20:a5:28:a1:2f:10:5f:66:ee:46:
50:71:9a:76:9c:eb:55:2d:0c:7a:e1:80:fb:c5:b4:c1:85:20:
34:a5:c5:e2:a0:da:ff:ee:28:ac:8e:e8:95:67:be:15:19:98:
d3:1d:47:40:0e:34:3e:79:a8:43:b9:4a:ed:80:d5:fd:54:7e:
3f:95:a0:f3:61:17:09:67:b7:81:f3:00:ab:af:8b:37:63:90:
84:ee:5f:21:bd:fb:ec:4e:62:a2:ad:17:4b:66:97:1a:0f:bd:
36:fb:9f:f6:c2:99:9f:9b:8a:2a:e6:e9:cd:53:a9:b6:8c:27:
65:e7:cc:c4:4a:52:a1:10:04:6c:84:1a:47:90:0a:3e:0a:e1:
79:87:70:46:68:5e:e6:dd:ac:56:6a:55:a6:67:ff:e2:0e:d0:
ed:6b:0d:6c:08:9e:c4:6c:49:4f:ce:f4:f2:f9:7b:7c:ae:9a:
ed:58:9e:e4:fa:00:b1:8b:20:4f:77:52:13:d0:65:55:98:b6:
60:58:b6:cc:d5:6d:d5:ec:a1:1a:15:a8:59:94:ca:30:9c:c2:
6b:63:ca:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUND3GDmfyjO1lhX5Nm+QREiLPVcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjcxNzE5MjNaFw0yNTA2MjYxNzI0MjNaMDMxMTAvBgNV
BAMTKDA5NTJDRUY1QzQyQjdDQjY3RTdGMDQyMDczM0VDODFBMkMyRDlGRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCybNPvs294dalpiwuXCpZlc+DC
G7c5z5ku40eF9UgRXPGSSNhr9nF5EbVdZ6j9r4xEgoOt6KjebihJ1hgUQw/JWzSz
niicMcsty5941pvLZ/KG8CZHfzG17ScwcBFu1nAGOdDg/FMHO8P+vK2leURD9ZPM
7u3uObdKgJzTrqFS3SHMpODDseP8BgbUNQyuOs14crQLZ/OD7a4Hz6QHBfCgs+0e
al1xea5YF2vfBS8QpXOGzsHKMk0MKeDXVPjIJAdpQniIIgbkdICXkao6Wa2YqeoQ
eWDkCiF0BH7HsrjX2DjZcQ8jHN3eVd3zqNJfawZHHX0N98i5y900imKYGGzvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCVLO9cQrfLZ+fwQgcz7IGiwtn+IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzMzM2MmUzMTM4
MzQyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANeiLgwDQYJKoZIhvcNAQELBQADggEBADpQbtNSK2ghjBFMQLXnWjzG1iwnTmOJ
uN5j9Lza8CqS7nq62tMfqvwa3Hn1IKUooS8QX2buRlBxmnac61UtDHrhgPvFtMGF
IDSlxeKg2v/uKKyO6JVnvhUZmNMdR0AOND55qEO5Su2A1f1Ufj+VoPNhFwlnt4Hz
AKuvizdjkITuXyG9++xOYqKtF0tmlxoPvTb7n/bCmZ+biirm6c1TqbaMJ2XnzMRK
UqEQBGyEGkeQCj4K4XmHcEZoXubdrFZqVaZn/+IO0O1rDWwInsRsSU/O9PL5e3yu
mu1YnuT6ALGLIE93UhPQZVWYtmBYtszVbdXsoRoVqFmUyjCcwmtjynE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org