Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
File: 39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: avy+3ZChSS1MpzZuqW8gDG60sRYyhTOLr2c0Zh8GFGc=
Subject key identifier: 30:42:E6:8F:35:C9:EA:B1:93:01:EF:94:E4:54:E9:F2:0F:21:6B:48
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 73AB2240F499A244630DC43534AB570EFFA79741
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 04 Oct 2024 14:42:17 +0000
ROA not before: Fri 04 Oct 2024 14:37:17 +0000
ROA not after: Fri 03 Oct 2025 14:42:17 +0000
asID: 136787
IP address blocks: 94.156.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ab:22:40:f4:99:a2:44:63:0d:c4:35:34:ab:57:0e:ff:a7:97:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 4 14:37:17 2024 GMT
Not After : Oct 3 14:42:17 2025 GMT
Subject: CN=3042E68F35C9EAB19301EF94E454E9F20F216B48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:af:4d:8c:a8:4f:4e:66:27:06:2f:96:da:7a:
71:72:48:75:6c:63:0b:bb:b2:d3:64:fa:f6:75:9b:
44:64:9c:b8:84:3c:35:90:b6:c0:9f:93:65:5d:d9:
72:93:c0:7f:65:7c:13:65:07:83:f4:60:95:56:a0:
94:71:d7:14:f6:26:9b:40:fa:07:40:29:07:6f:8c:
17:e9:04:3d:32:60:8c:ef:04:76:04:69:2b:e2:66:
48:49:b0:2b:90:6c:a4:a0:06:be:1e:1f:a3:7b:ca:
07:22:0d:78:43:54:6d:8e:fb:ef:e9:60:0c:2a:94:
ed:90:be:ff:8a:36:61:d7:79:2e:4b:f7:cd:b5:c7:
34:67:a5:32:de:66:eb:0e:57:a1:74:f2:52:58:72:
de:7c:cd:3c:e9:78:2d:ec:55:9a:6b:a8:03:c5:65:
31:2c:25:f1:35:fb:92:b5:08:2d:b8:6b:98:31:38:
44:90:8b:e1:af:86:b9:93:17:83:82:9e:38:32:a7:
88:37:2e:9b:d3:20:29:8f:b6:6a:87:63:f4:17:8c:
8e:19:5f:9e:50:c4:73:5e:20:5f:dc:f6:33:e4:de:
a7:86:1a:5c:e2:8f:35:1a:eb:e4:c0:e5:e4:f0:e9:
78:3e:62:5c:9d:e1:22:1c:63:80:70:7c:8e:c2:1d:
89:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:42:E6:8F:35:C9:EA:B1:93:01:EF:94:E4:54:E9:F2:0F:21:6B:48
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:75:aa:89:b1:6b:b3:3e:c5:29:41:af:93:51:1f:af:9e:c8:
56:ab:04:2e:4a:f6:84:bc:d7:25:1d:c4:27:b1:ab:96:21:54:
99:d4:84:52:63:cd:3c:c6:3b:47:ff:77:75:43:de:f6:56:a9:
6d:1b:16:5a:93:e9:2e:d5:66:18:d6:e1:df:28:0f:06:16:ab:
33:ca:b4:b8:f7:a4:bc:92:fd:f5:4c:de:f7:05:a7:5a:7a:fa:
a7:ab:0c:e6:1a:1b:b0:75:59:f2:b2:bc:dd:bd:bc:60:65:ca:
99:c2:3f:39:ca:26:59:1a:ed:74:71:61:ee:36:f0:33:0b:d4:
0d:fb:a6:33:2f:6b:7a:32:f8:0c:0b:ef:e4:ef:77:71:a7:b3:
85:d0:6d:eb:e7:b8:0c:bc:ec:24:4a:b5:e9:81:42:1d:92:90:
49:04:db:63:f1:0d:65:c0:ae:1e:c8:30:48:1d:f4:7c:d1:68:
2e:81:6f:ed:f9:43:9c:fa:75:b1:29:a4:f6:77:6a:e7:97:49:
7d:e9:59:5d:a6:55:ad:ad:5c:d1:2f:2f:4b:9a:77:fa:53:8c:
13:ac:18:7d:67:16:e6:91:6a:02:80:71:7e:69:3f:c4:a5:77:
40:30:ea:a3:3e:a4:8f:66:f1:ba:6a:d1:95:79:1f:28:89:07:
65:af:23:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc6siQPSZokRjDcQ1NKtXDv+nl0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDQxNDM3MTdaFw0yNTEwMDMxNDQyMTdaMDMxMTAvBgNV
BAMTKDMwNDJFNjhGMzVDOUVBQjE5MzAxRUY5NEU0NTRFOUYyMEYyMTZCNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4r02MqE9OZicGL5baenFySHVs
Ywu7stNk+vZ1m0RknLiEPDWQtsCfk2Vd2XKTwH9lfBNlB4P0YJVWoJRx1xT2JptA
+gdAKQdvjBfpBD0yYIzvBHYEaSviZkhJsCuQbKSgBr4eH6N7ygciDXhDVG2O++/p
YAwqlO2Qvv+KNmHXeS5L9821xzRnpTLeZusOV6F08lJYct58zTzpeC3sVZprqAPF
ZTEsJfE1+5K1CC24a5gxOESQi+GvhrmTF4OCnjgyp4g3LpvTICmPtmqHY/QXjI4Z
X55QxHNeIF/c9jPk3qeGGlzijzUa6+TA5eTw6Xg+Ylyd4SIcY4BwfI7CHYmRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMELmjzXJ6rGTAe+U5FTp8g8ha0gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenJQwDQYJKoZIhvcNAQELBQADggEBAGx1qomxa7M+xSlBr5NRH6+eyFarBC5K
9oS81yUdxCexq5YhVJnUhFJjzTzGO0f/d3VD3vZWqW0bFlqT6S7VZhjW4d8oDwYW
qzPKtLj3pLyS/fVM3vcFp1p6+qerDOYaG7B1WfKyvN29vGBlypnCPznKJlka7XRx
Ye428DML1A37pjMva3oy+AwL7+Tvd3Gns4XQbevnuAy87CRKtemBQh2SkEkE22Px
DWXArh7IMEgd9HzRaC6Bb+35Q5z6dbEppPZ3aueXSX3pWV2mVa2tXNEvL0uad/pT
jBOsGH1nFuaRagKAcX5pP8Sld0Aw6qM+pI9m8bpq0ZV5HyiJB2WvI3I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org