Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
File: 39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: X62GD5iNm7q69+G0uC4ULVnNUP3I1gCrNvT4LpjWee8=
Subject key identifier: A2:CB:2B:2C:D2:10:B0:E8:1B:58:8C:CE:C5:AC:C4:28:CC:DE:C2:B7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 136CD21EC7C233748A683791437BDCB800031952
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 02 Oct 2024 09:35:35 +0000
ROA not before: Wed 02 Oct 2024 09:30:35 +0000
ROA not after: Wed 01 Oct 2025 09:35:35 +0000
asID: 207137
IP address blocks: 94.156.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:6c:d2:1e:c7:c2:33:74:8a:68:37:91:43:7b:dc:b8:00:03:19:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 2 09:30:35 2024 GMT
Not After : Oct 1 09:35:35 2025 GMT
Subject: CN=A2CB2B2CD210B0E81B588CCEC5ACC428CCDEC2B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bb:ec:4f:34:37:bf:7f:bb:5e:4d:4e:c4:2a:
2a:cc:cb:a4:01:b8:59:dc:9c:d6:cd:b8:a6:24:99:
7c:8a:76:bd:ba:af:0f:7e:4c:36:9c:07:fc:b9:04:
c0:cb:e4:45:3f:8d:1b:3f:42:c8:c2:23:36:ea:4c:
7b:1c:1a:65:b5:f6:d3:e0:ec:c5:41:bb:c2:64:b7:
a2:74:de:c9:8f:ec:43:c4:3d:a6:ee:96:4e:cf:4e:
5d:44:fd:ff:9e:ae:ae:58:32:76:0d:c1:34:b2:27:
55:f3:18:74:1f:a9:8e:0e:75:0d:02:05:c7:28:eb:
76:01:f1:dc:a6:d3:1f:ae:98:c6:88:7b:cf:16:8b:
c6:0a:20:71:03:d4:d7:b8:b8:68:11:4c:b7:9c:a8:
6a:f5:b0:58:a2:05:a0:16:c5:39:21:73:11:ff:44:
e7:25:48:41:9b:08:be:d0:36:3f:ce:31:c2:41:7a:
84:5b:59:1d:1b:67:b9:6a:fd:a0:bd:8b:47:c6:64:
72:c2:07:9c:6d:9d:e4:12:5d:83:49:a4:55:18:d4:
e6:05:9b:79:67:df:bd:57:6b:76:44:8b:af:32:db:
e6:17:f2:cc:7b:30:b5:8a:b9:3c:71:99:00:db:db:
c0:3e:18:ad:12:82:75:8f:4e:b9:d1:83:19:ef:6e:
6f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CB:2B:2C:D2:10:B0:E8:1B:58:8C:CE:C5:AC:C4:28:CC:DE:C2:B7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:9e:bd:29:49:ae:21:a1:1b:2a:76:c6:05:c2:5a:87:b9:6a:
d7:af:09:e3:f2:33:83:c7:00:9b:e1:9f:3f:fc:36:ed:9d:40:
ab:7a:ad:07:6e:0b:c1:cf:f5:91:77:47:e9:99:d0:36:86:39:
11:dd:be:66:6a:29:37:ea:7c:60:31:80:76:58:30:72:04:de:
8c:48:cc:7a:44:d3:fe:04:ca:b9:1e:c6:95:e3:27:92:96:03:
95:6f:cf:b2:63:e7:27:43:20:d2:2c:7b:81:0d:27:89:ad:b1:
6c:a0:93:a8:15:65:ef:2f:62:18:8d:0f:a9:f5:3f:cf:69:e5:
0b:96:85:23:f8:54:2e:12:5b:84:12:2a:5d:47:bc:e4:bf:f9:
49:87:25:ff:13:7a:61:b0:68:fd:87:f5:f0:2b:fd:16:5e:58:
ff:30:71:97:33:2f:bf:30:9a:9f:cb:fd:28:49:b1:f8:67:23:
ae:17:17:c4:a5:f1:e9:c2:86:09:63:68:01:92:a5:fd:1f:56:
0f:c3:e6:a0:25:c7:6d:d6:32:f2:7b:95:1e:a9:11:8f:8a:14:
01:16:58:44:ec:05:14:ba:55:9a:eb:e6:77:1e:ed:0e:3b:07:
c9:51:bc:80:38:c1:09:9f:b0:26:74:86:64:72:c9:8e:53:fe:
b1:dd:32:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE2zSHsfCM3SKaDeRQ3vcuAADGVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDIwOTMwMzVaFw0yNTEwMDEwOTM1MzVaMDMxMTAvBgNV
BAMTKEEyQ0IyQjJDRDIxMEIwRTgxQjU4OENDRUM1QUNDNDI4Q0NERUMyQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVu+xPNDe/f7teTU7EKirMy6QB
uFncnNbNuKYkmXyKdr26rw9+TDacB/y5BMDL5EU/jRs/QsjCIzbqTHscGmW19tPg
7MVBu8Jkt6J03smP7EPEPabulk7PTl1E/f+erq5YMnYNwTSyJ1XzGHQfqY4OdQ0C
Bcco63YB8dym0x+umMaIe88Wi8YKIHED1Ne4uGgRTLecqGr1sFiiBaAWxTkhcxH/
ROclSEGbCL7QNj/OMcJBeoRbWR0bZ7lq/aC9i0fGZHLCB5xtneQSXYNJpFUY1OYF
m3ln371Xa3ZEi68y2+YX8sx7MLWKuTxxmQDb28A+GK0SgnWPTrnRgxnvbm9nAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUossrLNIQsOgbWIzOxazEKMzewrcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenJcwDQYJKoZIhvcNAQELBQADggEBAGqevSlJriGhGyp2xgXCWoe5atevCePy
M4PHAJvhnz/8Nu2dQKt6rQduC8HP9ZF3R+mZ0DaGORHdvmZqKTfqfGAxgHZYMHIE
3oxIzHpE0/4EyrkexpXjJ5KWA5Vvz7Jj5ydDINIse4ENJ4mtsWygk6gVZe8vYhiN
D6n1P89p5QuWhSP4VC4SW4QSKl1HvOS/+UmHJf8TemGwaP2H9fAr/RZeWP8wcZcz
L78wmp/L/ShJsfhnI64XF8Sl8enChgljaAGSpf0fVg/D5qAlx23WMvJ7lR6pEY+K
FAEWWETsBRS6VZrr5nce7Q47B8lRvIA4wQmfsCZ0hmRyyY5T/rHdMt4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org