Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e32392e302f32342d3234203d3e20323732303936.roa
File: 39342e3135362e32392e302f32342d3234203d3e20323732303936.roa (raw, json)
Hash identifier: xGQtw/JTN4moGRbuFzqtQsNnzfTtFu7HfABcHkVBDPU=
Subject key identifier: 5C:DE:A3:17:7D:57:1B:92:C3:67:E4:A1:A9:D1:A1:F6:95:CF:46:D2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F6EA2B38C088A43EEAF8E0C7A0D63CA0E9881B8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e32392e302f32342d3234203d3e20323732303936.roa
Signing time: Fri 27 Sep 2024 12:28:27 +0000
ROA not before: Fri 27 Sep 2024 12:23:27 +0000
ROA not after: Fri 26 Sep 2025 12:28:27 +0000
asID: 272096
IP address blocks: 94.156.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:6e:a2:b3:8c:08:8a:43:ee:af:8e:0c:7a:0d:63:ca:0e:98:81:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 27 12:23:27 2024 GMT
Not After : Sep 26 12:28:27 2025 GMT
Subject: CN=5CDEA3177D571B92C367E4A1A9D1A1F695CF46D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c0:21:8e:81:ae:c7:b7:76:d3:5e:28:a7:a3:
51:d8:f0:34:fb:b2:ab:c6:5a:6f:b9:ab:30:93:3d:
33:10:41:97:56:97:51:47:87:22:71:95:83:3b:17:
79:cb:4d:27:ea:6d:61:e8:dc:ce:80:e5:2e:e6:7e:
08:9e:b8:02:97:1b:87:1b:93:57:b0:5b:6d:52:ca:
d6:b1:9f:ad:77:94:32:5a:9a:3e:18:73:d3:c8:7e:
ee:1c:54:a5:d2:e9:a8:0b:98:d8:d7:1f:7e:13:fa:
cb:ba:6e:04:c4:d2:3e:01:14:cd:df:47:df:8e:8d:
20:7a:25:5a:eb:91:d9:db:cd:f9:30:62:c1:8f:fe:
bb:45:92:3e:b0:72:35:71:3e:d3:18:2b:65:02:06:
9b:47:4c:df:93:ec:3d:b3:48:6f:af:fb:61:b1:bc:
f3:6f:0f:40:16:70:cc:45:87:5b:40:46:41:1a:90:
db:41:3e:15:c5:4d:ae:fb:b9:1b:a0:c3:19:a6:32:
c0:c7:8b:5d:2c:db:9d:d5:e4:88:da:c0:b4:05:3a:
05:4f:f5:5e:7e:2c:7d:bd:94:78:0b:ab:1f:47:99:
28:d0:8f:c7:d5:18:0f:53:23:d2:e1:bd:d1:c5:51:
0b:b3:bf:6a:f8:20:e6:8b:9d:b0:36:87:6d:8b:05:
81:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DE:A3:17:7D:57:1B:92:C3:67:E4:A1:A9:D1:A1:F6:95:CF:46:D2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e32392e302f32342d3234203d3e20323732303936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.29.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4b:14:93:c2:c1:8c:3a:20:23:a3:b6:aa:95:3d:b5:f8:26:
27:13:58:2f:b9:50:df:49:a1:9d:5d:8b:60:bd:b8:64:e2:16:
5e:62:50:ad:07:2b:fb:cc:96:70:58:85:59:43:6f:0b:3f:38:
42:3e:d9:78:6e:06:f2:36:6b:93:72:c5:ce:2a:83:e9:de:57:
84:e4:dc:ae:f6:0b:fa:e9:fa:83:83:24:56:a2:18:6b:b3:78:
0a:7f:ee:df:74:cc:8c:0c:ab:5d:32:2e:2b:a7:8a:b9:af:3c:
2d:5f:79:b2:3b:43:63:6c:8e:74:25:be:fb:23:09:f0:b1:e2:
b3:07:2a:d4:f1:c8:da:15:c0:45:97:c1:9d:95:aa:74:e2:8b:
fb:87:dc:78:9e:2f:55:e1:29:5c:6e:6b:b6:e4:54:83:d8:6e:
d9:e2:ae:cd:24:01:5d:2b:b0:93:97:03:ab:37:45:5d:8f:06:
22:20:58:52:71:86:2e:65:53:8d:2c:ab:c7:f8:c7:f9:f0:b8:
e0:ad:9e:10:30:74:da:38:67:cc:2a:cd:e2:87:ba:af:53:7a:
ab:e8:a1:77:1f:d7:40:c7:9c:78:3d:8a:b0:c8:f1:ca:7b:2e:
c0:dc:ab:f9:ac:34:c7:ac:a7:ed:61:af:3b:82:13:da:fd:d2:
27:f7:0f:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP26is4wIikPur44Meg1jyg6YgbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjcxMjIzMjdaFw0yNTA5MjYxMjI4MjdaMDMxMTAvBgNV
BAMTKDVDREVBMzE3N0Q1NzFCOTJDMzY3RTRBMUE5RDFBMUY2OTVDRjQ2RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXwCGOga7Ht3bTXiino1HY8DT7
sqvGWm+5qzCTPTMQQZdWl1FHhyJxlYM7F3nLTSfqbWHo3M6A5S7mfgieuAKXG4cb
k1ewW21Sytaxn613lDJamj4Yc9PIfu4cVKXS6agLmNjXH34T+su6bgTE0j4BFM3f
R9+OjSB6JVrrkdnbzfkwYsGP/rtFkj6wcjVxPtMYK2UCBptHTN+T7D2zSG+v+2Gx
vPNvD0AWcMxFh1tARkEakNtBPhXFTa77uRugwxmmMsDHi10s253V5IjawLQFOgVP
9V5+LH29lHgLqx9HmSjQj8fVGA9TI9LhvdHFUQuzv2r4IOaLnbA2h22LBYGzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXN6jF31XG5LDZ+ShqdGh9pXPRtIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzAzOTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XpwdMA0GCSqGSIb3DQEBCwUAA4IBAQAKSxSTwsGMOiAjo7aqlT21+CYnE1gvuVDf
SaGdXYtgvbhk4hZeYlCtByv7zJZwWIVZQ28LPzhCPtl4bgbyNmuTcsXOKoPp3leE
5Nyu9gv66fqDgyRWohhrs3gKf+7fdMyMDKtdMi4rp4q5rzwtX3myO0NjbI50Jb77
IwnwseKzByrU8cjaFcBFl8Gdlap04ov7h9x4ni9V4Slcbmu25FSD2G7Z4q7NJAFd
K7CTlwOrN0VdjwYiIFhScYYuZVONLKvH+Mf58LjgrZ4QMHTaOGfMKs3ih7qvU3qr
6KF3H9dAx5x4PYqwyPHKey7A3Kv5rDTHrKftYa87ghPa/dIn9w8R
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org