Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e33312e302f32342d3234203d3e20323134313535.roa
File: 39342e3135362e33312e302f32342d3234203d3e20323134313535.roa (raw, json)
Hash identifier: vpSmrXTb6vqZYag3CnOdkH3cIyeApQD4LOZ8E3x0b00=
Subject key identifier: 07:AA:3F:18:34:87:9F:4A:2F:F7:0A:EA:1E:4D:69:15:F8:C9:43:B7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2FD308FDFBA3C5107F0E66C65848093C5E45CCFB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e33312e302f32342d3234203d3e20323134313535.roa
Signing time: Wed 25 Sep 2024 21:35:41 +0000
ROA not before: Wed 25 Sep 2024 21:30:41 +0000
ROA not after: Wed 24 Sep 2025 21:35:41 +0000
asID: 214155
IP address blocks: 94.156.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:d3:08:fd:fb:a3:c5:10:7f:0e:66:c6:58:48:09:3c:5e:45:cc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 25 21:30:41 2024 GMT
Not After : Sep 24 21:35:41 2025 GMT
Subject: CN=07AA3F1834879F4A2FF70AEA1E4D6915F8C943B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2b:a1:d8:07:b0:2f:a8:2a:df:c4:81:dd:36:
7c:4e:8d:ba:b9:d6:a5:95:4f:3f:4a:46:4d:5a:40:
06:9f:b4:ad:b1:cf:4a:5c:74:bc:98:03:ee:52:f3:
c0:2f:d9:83:36:78:c7:30:d8:fb:c7:34:80:64:cf:
70:20:e5:45:85:b6:0c:81:c5:ad:01:8f:56:54:42:
f1:cb:50:2b:e6:85:1f:32:80:8a:b2:56:69:a5:e3:
6b:80:c6:4b:9d:ba:2f:3c:fa:83:e7:0e:cb:e9:f6:
e1:78:66:0f:a6:b5:a1:74:e7:3c:b3:bb:ae:9a:b1:
91:3b:ad:92:5b:1e:c9:7c:e9:47:8e:9f:74:e3:16:
6c:99:59:32:78:4e:c5:16:0e:4f:e6:12:52:85:30:
3c:0a:29:2b:a0:48:b6:a3:eb:e7:9b:20:e9:4d:41:
34:84:ef:f4:c2:30:95:42:e0:a0:8f:76:58:d2:2f:
bc:e4:5f:f8:bc:b7:70:fc:9b:02:85:15:39:97:31:
b7:26:49:71:c6:6f:84:52:be:9e:1c:16:0e:35:2f:
88:f0:0d:1a:67:23:cd:09:b4:73:94:f4:55:18:38:
79:16:96:af:5a:cf:92:14:a9:9f:58:f4:2a:38:67:
b4:42:c7:b2:94:fa:5c:e4:c4:21:37:3c:0d:d8:73:
76:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AA:3F:18:34:87:9F:4A:2F:F7:0A:EA:1E:4D:69:15:F8:C9:43:B7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e33312e302f32342d3234203d3e20323134313535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ca:b9:84:91:e7:bd:7d:f9:b2:2f:27:b7:17:aa:dc:26:52:
63:bc:18:02:13:87:15:27:97:5c:0d:89:2f:81:3f:96:7b:bf:
7f:cb:f1:74:e3:c9:7e:f8:a4:06:7e:d2:c5:0f:b3:e5:cb:ec:
0f:80:ec:df:ca:f4:f5:0d:39:f3:d2:40:24:52:a5:37:71:87:
56:7a:72:b9:b4:85:1e:11:65:ba:34:3b:7a:f3:fa:3d:b1:17:
f0:a7:13:f9:6a:10:ae:48:8c:f3:41:e5:e4:bb:20:4a:43:67:
0f:de:8e:45:cc:7f:c7:c5:3f:1e:3b:cf:f3:f0:e1:05:12:49:
ae:93:10:6b:2c:4d:96:2d:cf:01:ef:50:28:2d:7c:5e:eb:7b:
17:0d:96:f9:cc:71:90:7a:71:c6:52:3d:3b:ca:a9:96:d8:09:
23:1e:24:71:7c:78:2b:50:d6:c6:ca:e9:c4:f5:19:f0:8e:5f:
76:06:a9:fa:88:18:a1:d4:ab:7c:1c:62:ec:c2:7a:56:4e:99:
78:fd:d8:6d:31:58:6c:92:07:95:4d:8d:ce:a6:32:c5:f1:0a:
21:92:4a:07:90:e3:a4:cd:9e:7f:e7:2e:d0:57:5d:d3:1d:13:
30:9f:c4:ac:74:2e:32:0b:e1:c8:1c:c1:f7:1a:dd:30:58:57:
ef:bb:21:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL9MI/fujxRB/DmbGWEgJPF5FzPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjUyMTMwNDFaFw0yNTA5MjQyMTM1NDFaMDMxMTAvBgNV
BAMTKDA3QUEzRjE4MzQ4NzlGNEEyRkY3MEFFQTFFNEQ2OTE1RjhDOTQzQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTK6HYB7AvqCrfxIHdNnxOjbq5
1qWVTz9KRk1aQAaftK2xz0pcdLyYA+5S88Av2YM2eMcw2PvHNIBkz3Ag5UWFtgyB
xa0Bj1ZUQvHLUCvmhR8ygIqyVmml42uAxkudui88+oPnDsvp9uF4Zg+mtaF05zyz
u66asZE7rZJbHsl86UeOn3TjFmyZWTJ4TsUWDk/mElKFMDwKKSugSLaj6+ebIOlN
QTSE7/TCMJVC4KCPdljSL7zkX/i8t3D8mwKFFTmXMbcmSXHGb4RSvp4cFg41L4jw
DRpnI80JtHOU9FUYOHkWlq9az5IUqZ9Y9Co4Z7RCx7KU+lzkxCE3PA3Yc3btAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB6o/GDSHn0ov9wrqHk1pFfjJQ7cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzEzNTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XpwfMA0GCSqGSIb3DQEBCwUAA4IBAQAdyrmEkee9ffmyLye3F6rcJlJjvBgCE4cV
J5dcDYkvgT+We79/y/F048l++KQGftLFD7Ply+wPgOzfyvT1DTnz0kAkUqU3cYdW
enK5tIUeEWW6NDt68/o9sRfwpxP5ahCuSIzzQeXkuyBKQ2cP3o5FzH/HxT8eO8/z
8OEFEkmukxBrLE2WLc8B71AoLXxe63sXDZb5zHGQenHGUj07yqmW2AkjHiRxfHgr
UNbGyunE9Rnwjl92Bqn6iBih1Kt8HGLswnpWTpl4/dhtMVhskgeVTY3OpjLF8Qoh
kkoHkOOkzZ5/5y7QV13THRMwn8SsdC4yC+HIHMH3Gt0wWFfvuyFs
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org