Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EckXTmuNLqmCSs3kJeFTe9G26uV3qvIBn+QrTxmgdyI=
Subject key identifier: D1:EF:4C:0F:87:82:0D:69:F8:2B:99:69:A6:A9:2F:35:C9:84:63:85
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 081C37ABDE092BEEAE1A5489F1E9C411BC91F3E3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:11 +0000
ROA not before: Fri 26 Jan 2024 18:57:11 +0000
ROA not after: Fri 24 Jan 2025 19:02:11 +0000
asID: 136787
IP address blocks: 95.214.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1c:37:ab:de:09:2b:ee:ae:1a:54:89:f1:e9:c4:11:bc:91:f3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:11 2024 GMT
Not After : Jan 24 19:02:11 2025 GMT
Subject: CN=D1EF4C0F87820D69F82B9969A6A92F35C9846385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9d:2e:76:03:ba:95:d4:90:51:78:9e:ea:65:
78:24:73:c2:34:89:b4:5a:9d:8e:9c:39:70:c1:67:
6b:e4:14:f6:88:13:38:84:42:e6:3b:96:57:5d:80:
5d:ec:34:6e:5b:52:21:76:c3:40:f6:98:a2:ae:d5:
3a:78:ec:58:04:86:75:17:15:32:fb:90:1b:7b:22:
83:ff:8b:34:77:3e:9d:c2:d6:d5:27:38:e5:d9:6b:
98:39:d3:05:fe:1f:2f:22:c0:86:fe:be:f1:d4:06:
e7:53:d0:03:89:33:10:c7:71:76:98:a2:47:4d:66:
1e:ef:c1:60:d4:9b:9b:55:33:20:df:4e:0b:8f:a6:
2f:92:e1:a2:5f:9a:4e:e9:df:a7:3a:f1:24:7f:72:
df:cf:81:51:3f:1a:35:9a:68:02:bf:8a:27:62:a6:
19:9f:6a:d4:12:59:96:64:23:2d:bb:5f:29:bd:88:
aa:18:39:8a:94:cb:38:0f:1d:a4:e8:63:ff:ba:7b:
ae:4d:18:88:98:41:ea:42:80:fa:93:f8:71:14:fa:
29:fd:72:f0:1a:6b:68:54:80:1e:7b:ad:86:89:af:
a9:2e:55:9d:cb:bb:ab:c6:1a:03:3d:57:55:3c:3b:
bd:0d:89:db:9a:09:33:6f:1d:32:97:95:7b:54:5d:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EF:4C:0F:87:82:0D:69:F8:2B:99:69:A6:A9:2F:35:C9:84:63:85
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.112.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:49:6d:6e:b2:17:6c:72:82:91:95:1c:ea:57:09:04:fd:08:
01:af:55:15:d6:e1:5b:db:80:ce:74:fa:61:92:5f:87:ec:db:
59:39:09:3c:43:21:b6:04:35:e5:43:a8:a7:fe:f8:24:14:78:
50:44:fb:52:31:5d:75:a8:0a:fb:d2:16:ef:70:45:a1:9c:57:
75:b0:68:81:5c:c6:73:2f:12:d2:b7:7a:1f:d8:84:3f:ba:98:
43:ec:59:0f:7d:e1:70:0c:b6:16:8c:c5:dc:b1:38:cb:96:a7:
06:d4:0a:19:12:3b:e9:99:27:34:a1:97:76:46:b8:f5:4e:c4:
46:c2:47:02:ac:57:d8:89:b5:7c:98:a0:22:9d:99:85:0c:56:
c6:63:ed:91:88:f3:db:9d:35:16:7a:ee:08:51:3b:2c:dd:a0:
b1:81:a6:94:c7:cb:9f:53:32:aa:d9:bd:1a:1c:51:96:37:9d:
c9:60:13:5f:0b:59:27:3c:3d:da:44:c1:01:f5:e0:a9:53:94:
f4:b7:e7:7c:c3:77:2f:5d:eb:f6:8f:08:2e:45:ba:9e:0e:43:
4d:6b:a1:b1:51:1b:0a:d6:63:7f:4e:6c:1e:ec:2a:37:d6:7b:
7f:a3:bd:ff:a2:b2:f8:95:8a:84:53:2b:f4:79:ea:94:28:52:
7b:64:e4:a4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCBw3q94JK+6uGlSJ8enEEbyR8+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MTFaFw0yNTAxMjQxOTAyMTFaMDMxMTAvBgNV
BAMTKEQxRUY0QzBGODc4MjBENjlGODJCOTk2OUE2QTkyRjM1Qzk4NDYzODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOnS52A7qV1JBReJ7qZXgkc8I0
ibRanY6cOXDBZ2vkFPaIEziEQuY7llddgF3sNG5bUiF2w0D2mKKu1Tp47FgEhnUX
FTL7kBt7IoP/izR3Pp3C1tUnOOXZa5g50wX+Hy8iwIb+vvHUBudT0AOJMxDHcXaY
okdNZh7vwWDUm5tVMyDfTguPpi+S4aJfmk7p36c68SR/ct/PgVE/GjWaaAK/iidi
phmfatQSWZZkIy27Xym9iKoYOYqUyzgPHaToY/+6e65NGIiYQepCgPqT+HEU+in9
cvAaa2hUgB57rYaJr6kuVZ3Lu6vGGgM9V1U8O70NiduaCTNvHTKXlXtUXdbdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0e9MD4eCDWn4K5lppqkvNcmEY4UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNTJlMzIzMTM0MmUzMTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1nAwDQYJKoZIhvcNAQELBQADggEBAA9JbW6yF2xygpGVHOpXCQT9CAGvVRXW
4VvbgM50+mGSX4fs21k5CTxDIbYENeVDqKf++CQUeFBE+1IxXXWoCvvSFu9wRaGc
V3WwaIFcxnMvEtK3eh/YhD+6mEPsWQ994XAMthaMxdyxOMuWpwbUChkSO+mZJzSh
l3ZGuPVOxEbCRwKsV9iJtXyYoCKdmYUMVsZj7ZGI89udNRZ67ghROyzdoLGBppTH
y59TMqrZvRocUZY3nclgE18LWSc8PdpEwQH14KlTlPS353zDdy9d6/aPCC5Fup4O
Q01robFRGwrWY39ObB7sKjfWe3+jvf+isviVioRTK/R56pQoUntk5KQ=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:59 2024 by rpki-client on console-ams.rpki-client.org