Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
File: 39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EnHdHHxrCvbGmuEjJn+Oq8gbOfzcMJhq8+3oxG6KI1o=
Subject key identifier: D2:77:AD:EE:D2:21:49:5A:62:71:12:52:66:A0:72:B3:17:B5:CA:11
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A1C5C450048A30EA5B46D3D63009E8AB1A582FD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 26 Sep 2024 14:23:30 +0000
ROA not before: Thu 26 Sep 2024 14:18:30 +0000
ROA not after: Thu 25 Sep 2025 14:23:30 +0000
asID: 136787
IP address blocks: 94.156.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1c:5c:45:00:48:a3:0e:a5:b4:6d:3d:63:00:9e:8a:b1:a5:82:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 26 14:18:30 2024 GMT
Not After : Sep 25 14:23:30 2025 GMT
Subject: CN=D277ADEED221495A6271125266A072B317B5CA11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:1e:a2:b2:52:6a:3b:58:ef:34:f7:6a:ad:
01:99:78:07:b3:b4:3a:a3:51:c7:c9:fc:a9:bf:34:
8b:c3:04:60:e1:08:2a:51:a8:51:28:88:73:a7:bd:
b4:3f:ae:86:da:de:31:38:e1:99:4e:21:83:08:9a:
4c:5d:09:91:55:d3:e0:7c:49:6d:63:3a:bd:9f:54:
cb:10:23:5f:f0:df:95:b7:8f:50:8f:28:ed:c1:f8:
f1:f0:4f:96:3e:2f:17:72:fc:4f:bc:0b:33:d1:9e:
ab:7f:75:12:a3:78:89:60:1e:2f:3d:88:2a:a5:54:
91:a7:12:bc:a3:3f:a2:bd:68:e4:a1:c4:43:a9:77:
e5:76:d3:58:47:74:f2:7c:09:3b:6a:2c:79:de:32:
71:db:05:9c:40:87:70:b4:fa:d3:0c:5d:91:f8:9b:
f5:6a:63:8e:d2:8e:e8:a6:97:67:7d:28:3d:88:e5:
3d:d2:20:ec:28:ed:6c:69:78:b5:0a:dd:4a:42:df:
51:b2:75:b9:90:82:27:6f:05:7f:fc:24:c0:25:58:
ea:44:b9:b1:b9:47:2b:a1:62:22:b6:a4:2f:97:2f:
78:9c:a3:76:96:d7:4e:f5:ed:1b:d6:97:65:f0:34:
7a:9e:dd:62:3c:30:9c:22:5f:e9:97:74:29:b0:dc:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:77:AD:EE:D2:21:49:5A:62:71:12:52:66:A0:72:B3:17:B5:CA:11
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:23:37:e0:fb:29:cc:d0:48:38:b7:e5:a6:cb:48:d0:82:c1:
7e:68:9d:bc:3e:56:c1:86:68:80:42:7c:a0:ce:41:9a:55:b8:
43:76:2d:04:9f:de:91:bc:aa:9d:5c:31:64:d1:87:14:dc:5e:
d3:dc:ee:a2:19:d7:ff:89:36:52:0d:2a:e7:ee:ff:cc:cb:a8:
a2:31:36:cc:33:c6:52:b5:00:67:f8:73:c3:6b:de:2e:fa:e9:
67:cd:52:c2:57:91:34:06:f4:2e:03:7a:0d:5e:e0:1e:47:9d:
07:b7:6f:29:ff:c7:0a:c7:5c:11:37:21:10:b9:9e:2f:07:98:
2e:0c:42:cb:90:04:1a:7c:1a:d0:85:cb:46:76:3b:ea:af:51:
ee:3a:0d:da:7f:e9:a8:04:7b:c1:1e:2c:7e:3a:f2:8f:e8:4d:
a6:d9:51:c4:9b:9c:e0:3a:0e:4f:b0:82:0a:71:96:1a:3d:09:
14:e2:41:96:82:7e:16:29:0b:f7:e2:9e:40:06:49:5b:2a:d1:
87:c3:c1:89:a0:30:4d:fb:d0:96:f4:fe:8d:96:55:d3:d2:81:
0a:01:68:40:7b:3d:7f:5c:9b:eb:22:67:2c:13:90:ff:f9:2b:
e0:4b:17:4e:b2:3a:3f:b5:2b:27:a4:01:44:8b:da:33:7f:a7:
1f:6e:41:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUChxcRQBIow6ltG09YwCeirGlgv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjYxNDE4MzBaFw0yNTA5MjUxNDIzMzBaMDMxMTAvBgNV
BAMTKEQyNzdBREVFRDIyMTQ5NUE2MjcxMTI1MjY2QTA3MkIzMTdCNUNBMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ch6islJqO1jvNPdqrQGZeAez
tDqjUcfJ/Km/NIvDBGDhCCpRqFEoiHOnvbQ/roba3jE44ZlOIYMImkxdCZFV0+B8
SW1jOr2fVMsQI1/w35W3j1CPKO3B+PHwT5Y+Lxdy/E+8CzPRnqt/dRKjeIlgHi89
iCqlVJGnEryjP6K9aOShxEOpd+V201hHdPJ8CTtqLHneMnHbBZxAh3C0+tMMXZH4
m/VqY47Sjuiml2d9KD2I5T3SIOwo7WxpeLUK3UpC31GydbmQgidvBX/8JMAlWOpE
ubG5RyuhYiK2pC+XL3ico3aW10717RvWl2XwNHqe3WI8MJwiX+mXdCmw3MWvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0net7tIhSVpicRJSZqBysxe1yhEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMjMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenM0wDQYJKoZIhvcNAQELBQADggEBAIojN+D7KczQSDi35abLSNCCwX5onbw+
VsGGaIBCfKDOQZpVuEN2LQSf3pG8qp1cMWTRhxTcXtPc7qIZ1/+JNlINKufu/8zL
qKIxNswzxlK1AGf4c8Nr3i766WfNUsJXkTQG9C4Deg1e4B5HnQe3byn/xwrHXBE3
IRC5ni8HmC4MQsuQBBp8GtCFy0Z2O+qvUe46Ddp/6agEe8EeLH468o/oTabZUcSb
nOA6Dk+wggpxlho9CRTiQZaCfhYpC/finkAGSVsq0YfDwYmgME370Jb0/o2WVdPS
gQoBaEB7PX9cm+siZywTkP/5K+BLF06yOj+1KyekAUSL2jN/px9uQSs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org