Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OM8UShoG6O3faDBXp2tueMChyvCmjsPml0+asYoC7bs=
Subject key identifier: 5C:AD:59:65:A3:C0:31:C1:1B:85:4F:47:B3:98:BF:41:23:4F:ED:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 56F1300372E51DCF11F78C5850A2F6627B599DBC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:37 +0000
ROA not before: Fri 27 Dec 2024 19:39:37 +0000
ROA not after: Fri 26 Dec 2025 19:44:37 +0000
asID: 136787
IP address blocks: 95.214.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:f1:30:03:72:e5:1d:cf:11:f7:8c:58:50:a2:f6:62:7b:59:9d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:37 2024 GMT
Not After : Dec 26 19:44:37 2025 GMT
Subject: CN=5CAD5965A3C031C11B854F47B398BF41234FEDEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4d:bb:b2:f3:4d:34:d0:e9:db:0e:6f:10:a1:
a1:26:54:a3:f1:c3:10:5e:27:20:4d:67:e3:65:19:
22:ad:cb:0f:1b:b9:df:f4:ac:a5:d0:27:4a:e3:f2:
ea:f6:e4:8f:3c:1d:cd:75:9c:7d:70:ca:c9:f9:29:
01:30:3e:b0:7a:f0:78:9a:ca:a9:93:47:47:ca:3c:
1b:24:9d:f4:16:dc:1c:1e:ff:7a:cc:e7:47:65:96:
e2:42:3f:7f:a0:3c:b2:ab:a4:72:3b:f7:64:a3:33:
fa:38:f2:fa:f4:0a:e6:90:40:fa:fa:87:aa:69:f3:
24:09:92:35:37:0d:c0:01:1a:5f:bf:78:f9:64:e7:
aa:23:41:f0:ba:bd:aa:50:f6:46:e6:07:a1:ff:96:
f4:df:5c:c7:75:ae:51:7e:a7:e6:0e:33:d6:79:1a:
71:55:6c:31:02:90:90:85:13:48:24:d9:00:a9:32:
51:0a:e1:a9:df:f4:0a:34:62:44:ef:9a:42:46:fb:
d8:14:bd:0c:9f:2b:c5:b4:64:2d:0b:54:3f:6d:95:
4a:19:f0:39:ff:e7:ef:5d:e5:10:c8:0b:60:9e:0f:
5c:10:c3:48:37:81:0d:e4:d7:74:fd:31:af:99:81:
82:4f:34:16:e9:09:69:a2:f6:df:fa:dc:86:82:b1:
b2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AD:59:65:A3:C0:31:C1:1B:85:4F:47:B3:98:BF:41:23:4F:ED:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.112.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:49:b4:b5:ea:9d:55:d0:44:f3:87:40:d1:4a:b7:8f:41:1a:
76:99:f9:41:01:d9:a4:bf:e0:2f:07:c3:76:a1:7f:83:ab:9d:
46:c0:06:53:3a:1a:b5:e3:23:50:8d:0d:dd:6a:6a:d6:42:38:
d8:ad:25:28:21:e5:02:23:bb:41:eb:b6:63:53:dc:00:bd:82:
51:a2:45:29:17:6f:72:d0:e9:dd:3f:1a:b9:59:0d:1b:8f:b8:
b5:60:e0:76:85:92:8d:82:e4:db:9a:c3:89:23:5a:1a:27:3a:
fb:27:6c:51:17:2e:1e:93:bc:92:6c:38:5e:a7:da:7c:9a:d8:
6a:a4:ca:55:52:5a:0a:07:ef:0b:a8:6a:fe:a1:bb:a4:33:d9:
27:dc:60:29:e2:6d:91:a6:71:72:b8:45:93:18:a5:67:be:53:
9d:2d:7c:c4:99:a5:99:91:9a:08:8c:54:b1:ed:d4:46:8b:81:
06:7a:d5:09:b5:b0:97:a0:39:b5:bd:85:1f:49:87:da:09:d1:
4d:98:b5:30:3d:be:33:e8:11:a9:93:36:af:17:54:0d:30:22:
a3:b8:4d:fc:b7:13:bf:52:e7:23:49:ba:c4:f0:73:f1:91:f9:
a0:df:98:6f:93:f5:0a:b3:74:31:14:c5:ef:30:b2:b3:00:3c:
48:68:9b:85
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVvEwA3LlHc8R94xYUKL2YntZnbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzdaFw0yNTEyMjYxOTQ0MzdaMDMxMTAvBgNV
BAMTKDVDQUQ1OTY1QTNDMDMxQzExQjg1NEY0N0IzOThCRjQxMjM0RkVERUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeTbuy80000OnbDm8QoaEmVKPx
wxBeJyBNZ+NlGSKtyw8bud/0rKXQJ0rj8ur25I88Hc11nH1wysn5KQEwPrB68Hia
yqmTR0fKPBsknfQW3Bwe/3rM50dlluJCP3+gPLKrpHI792SjM/o48vr0CuaQQPr6
h6pp8yQJkjU3DcABGl+/ePlk56ojQfC6vapQ9kbmB6H/lvTfXMd1rlF+p+YOM9Z5
GnFVbDECkJCFE0gk2QCpMlEK4anf9Ao0YkTvmkJG+9gUvQyfK8W0ZC0LVD9tlUoZ
8Dn/5+9d5RDIC2CeD1wQw0g3gQ3k13T9Ma+ZgYJPNBbpCWmi9t/63IaCsbIrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXK1ZZaPAMcEbhU9Hs5i/QSNP7e8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNTJlMzIzMTM0MmUzMTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1nAwDQYJKoZIhvcNAQELBQADggEBAI9JtLXqnVXQRPOHQNFKt49BGnaZ+UEB
2aS/4C8Hw3ahf4OrnUbABlM6GrXjI1CNDd1qatZCONitJSgh5QIju0HrtmNT3AC9
glGiRSkXb3LQ6d0/GrlZDRuPuLVg4HaFko2C5Nuaw4kjWhonOvsnbFEXLh6TvJJs
OF6n2nya2GqkylVSWgoH7wuoav6hu6Qz2SfcYCnibZGmcXK4RZMYpWe+U50tfMSZ
pZmRmgiMVLHt1EaLgQZ61Qm1sJegObW9hR9Jh9oJ0U2YtTA9vjPoEamTNq8XVA0w
IqO4Tfy3E79S5yNJusTwc/GR+aDfmG+T9QqzdDEUxe8wsrMAPEhom4U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:17 2025 by rpki-client