Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3232392e302f32342d3234203d3e20323134313535.roa
File: 39342e3135362e3232392e302f32342d3234203d3e20323134313535.roa (raw, json)
Hash identifier: /IJ5timyzdnpfU+82JRqW5e5P5Sq2U8eR92a0hpwd1o=
Subject key identifier: C7:F4:56:7C:5E:83:AA:EE:B9:0F:4E:95:09:CF:43:F7:20:7E:22:A7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 56E31A849672D9A7713308295E0D099E19FA0689
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3232392e302f32342d3234203d3e20323134313535.roa
Signing time: Wed 25 Sep 2024 21:35:57 +0000
ROA not before: Wed 25 Sep 2024 21:30:57 +0000
ROA not after: Wed 24 Sep 2025 21:35:57 +0000
asID: 214155
IP address blocks: 94.156.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e3:1a:84:96:72:d9:a7:71:33:08:29:5e:0d:09:9e:19:fa:06:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 25 21:30:57 2024 GMT
Not After : Sep 24 21:35:57 2025 GMT
Subject: CN=C7F4567C5E83AAEEB90F4E9509CF43F7207E22A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ee:22:f2:58:eb:7c:0b:52:c0:1f:4f:4e:52:
4e:3d:99:e5:9f:b9:e7:d6:20:64:0b:70:2a:d6:bc:
07:11:2c:76:3f:55:2b:54:c7:b8:a2:c9:81:d5:5a:
c2:35:2a:ca:db:83:3e:7d:4f:ab:14:fd:b3:d3:ae:
a0:2a:28:48:71:4d:2c:c2:c7:7a:1e:2e:4f:09:ea:
c8:90:ae:3d:bf:b9:6f:09:34:47:2d:df:da:24:fc:
c8:86:b5:d1:b3:a3:54:9e:62:c6:58:8b:e3:c0:25:
8f:41:ee:44:77:5f:7b:2f:e6:17:2b:b6:96:99:50:
63:29:be:c6:5f:df:3a:f5:fa:17:9f:ea:3f:ad:73:
44:ba:fe:ff:63:4b:ae:e1:6d:d5:c3:c3:7e:b5:61:
cb:5f:3d:17:b0:0e:a5:40:97:99:9f:bb:98:d3:39:
e7:62:f8:20:04:ad:8e:ad:ea:c5:2e:7b:d3:15:f6:
c5:fd:11:f9:4c:21:4c:00:f9:52:a9:9c:23:de:fe:
51:64:57:ca:b2:2b:f4:dd:31:0a:db:81:52:31:3b:
3e:72:fd:da:52:37:1a:57:80:28:90:6d:12:0c:54:
45:ae:be:d8:0e:cf:f7:2e:1c:69:dc:da:75:f5:f8:
c3:2e:32:43:b2:da:56:b8:c2:1f:b1:a0:df:2e:a9:
ee:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F4:56:7C:5E:83:AA:EE:B9:0F:4E:95:09:CF:43:F7:20:7E:22:A7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3232392e302f32342d3234203d3e20323134313535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.229.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a9:3b:bb:6e:99:b2:15:54:f8:ae:e6:13:8b:cb:c6:56:25:
9d:17:34:ff:24:b5:4a:65:2f:23:55:2a:45:9a:d7:f6:21:08:
45:f2:36:bb:fa:be:23:aa:c4:bd:c5:0e:80:4e:2c:81:02:21:
a9:c2:ea:6e:a5:44:29:d2:39:e8:26:0a:04:99:34:80:e6:80:
c2:7f:8e:3f:24:f3:16:a3:24:3f:78:d7:60:2f:f4:c9:35:aa:
3d:7a:42:30:64:53:54:58:8b:99:a0:8f:77:08:70:15:93:1c:
f1:11:91:27:00:cc:37:0a:00:f8:9b:3b:c2:7e:f4:d9:b0:c7:
68:34:ab:e2:32:b4:cb:8b:a3:38:35:2e:0d:fa:64:49:93:b6:
8c:10:68:ad:41:e4:b2:60:f5:45:03:5b:b1:ab:8f:5c:6f:a7:
6c:42:03:e7:eb:7f:d6:c3:fd:2f:2f:36:a4:be:f4:24:73:b2:
4c:e2:ce:32:96:05:0b:2d:a8:08:04:cb:ed:69:e7:4e:e3:77:
43:ff:32:13:72:3a:b4:70:b3:eb:d5:6a:be:7d:01:52:df:21:
34:9b:50:81:d5:e0:ff:01:2f:79:a4:21:a2:d9:5c:08:98:e3:
b3:0c:31:e3:77:82:f1:f2:a4:da:d0:9c:2e:4b:e5:8a:ee:ff:
de:30:23:bd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVuMahJZy2adxMwgpXg0Jnhn6BokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjUyMTMwNTdaFw0yNTA5MjQyMTM1NTdaMDMxMTAvBgNV
BAMTKEM3RjQ1NjdDNUU4M0FBRUVCOTBGNEU5NTA5Q0Y0M0Y3MjA3RTIyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE7iLyWOt8C1LAH09OUk49meWf
uefWIGQLcCrWvAcRLHY/VStUx7iiyYHVWsI1Ksrbgz59T6sU/bPTrqAqKEhxTSzC
x3oeLk8J6siQrj2/uW8JNEct39ok/MiGtdGzo1SeYsZYi+PAJY9B7kR3X3sv5hcr
tpaZUGMpvsZf3zr1+hef6j+tc0S6/v9jS67hbdXDw361YctfPRewDqVAl5mfu5jT
Oedi+CAErY6t6sUue9MV9sX9EflMIUwA+VKpnCPe/lFkV8qyK/TdMQrbgVIxOz5y
/dpSNxpXgCiQbRIMVEWuvtgOz/cuHGnc2nX1+MMuMkOy2la4wh+xoN8uqe4NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUx/RWfF6Dqu65D06VCc9D9yB+IqcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMTM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenOUwDQYJKoZIhvcNAQELBQADggEBAGapO7tumbIVVPiu5hOLy8ZWJZ0XNP8k
tUplLyNVKkWa1/YhCEXyNrv6viOqxL3FDoBOLIECIanC6m6lRCnSOegmCgSZNIDm
gMJ/jj8k8xajJD9412Av9Mk1qj16QjBkU1RYi5mgj3cIcBWTHPERkScAzDcKAPib
O8J+9Nmwx2g0q+IytMuLozg1Lg36ZEmTtowQaK1B5LJg9UUDW7Grj1xvp2xCA+fr
f9bD/S8vNqS+9CRzskzizjKWBQstqAgEy+1p507jd0P/MhNyOrRws+vVar59AVLf
ITSbUIHV4P8BL3mkIaLZXAiY47MMMeN3gvHypNrQnC5L5Yru/94wI70=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:16 2024 by rpki-client on console-ams.rpki-client.org