Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: HEtVyG0/OB9DhMZ4N46lHsh6EreylIczAX8y0Guu6ys=
Subject key identifier: AE:E5:F9:E2:16:64:AE:85:33:7F:7D:30:3E:C4:66:98:29:DC:6C:F2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 72896AE91FFF2AE103F3CA7CA6EC64E328782544
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:14 +0000
ROA not before: Fri 26 Jan 2024 18:57:14 +0000
ROA not after: Fri 24 Jan 2025 19:02:14 +0000
asID: 136787
IP address blocks: 95.214.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:89:6a:e9:1f:ff:2a:e1:03:f3:ca:7c:a6:ec:64:e3:28:78:25:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:14 2024 GMT
Not After : Jan 24 19:02:14 2025 GMT
Subject: CN=AEE5F9E21664AE85337F7D303EC4669829DC6CF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4e:0a:0c:f3:4d:a2:36:7d:12:70:96:5a:a2:
37:4d:95:ba:ee:d1:aa:90:4c:e4:84:9f:21:68:47:
69:09:e4:85:dd:64:89:90:e0:15:07:17:31:da:2c:
4b:22:a7:02:de:6b:1f:3e:21:35:5e:d6:aa:62:be:
13:eb:da:ff:c1:2e:39:42:f4:1b:c7:4f:bd:91:2f:
30:52:3d:29:38:93:9b:d9:7d:a6:09:09:5c:13:06:
35:fc:12:80:bc:92:61:3c:70:2b:a7:6b:fe:db:81:
8c:5f:e0:03:2e:cc:56:5d:1c:cd:75:3a:6f:17:d6:
17:d2:1c:e3:4a:92:8a:8b:03:c5:41:26:8a:4a:96:
1c:f3:c0:00:40:10:41:e2:92:fe:3d:9e:fa:2f:33:
f5:4a:83:fc:da:77:9c:e6:00:25:93:d7:93:90:ab:
17:c0:c3:78:99:d6:e6:09:b6:6e:a0:3d:03:a6:c1:
f1:52:e0:ad:1f:99:35:16:22:57:1e:39:62:c3:99:
e8:54:5d:c7:51:6a:66:c3:21:3d:3d:c1:9e:6e:b2:
98:39:1f:32:a2:01:56:a5:14:7d:5e:f4:f6:06:37:
2d:87:99:76:5d:89:18:28:e9:4a:94:25:5b:f5:85:
89:6c:b7:c3:bf:6c:d5:06:78:61:34:16:95:69:17:
28:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E5:F9:E2:16:64:AE:85:33:7F:7D:30:3E:C4:66:98:29:DC:6C:F2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.114.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d3:37:06:b0:dc:60:ad:17:d3:48:3f:cc:f1:e6:f3:05:66:
4d:d6:cb:eb:41:74:22:82:f8:a9:f2:6b:6c:27:74:61:81:3b:
43:99:c0:66:3f:8f:25:bb:6b:5e:6a:bd:06:bc:25:4f:a3:11:
92:50:f6:e6:c1:54:e7:7a:c0:2a:de:2f:65:7e:58:4e:f0:b3:
c1:9b:9f:57:6b:5f:17:43:a6:c8:5b:81:50:21:90:e8:37:a7:
15:4b:76:7a:96:70:bb:f3:07:3b:36:7d:56:aa:bd:c9:d5:28:
23:1f:fc:8e:68:11:57:64:30:0b:6d:4e:82:e1:78:a5:ec:be:
74:89:08:fe:b6:c8:e9:02:54:71:82:2a:ba:24:61:36:be:48:
8e:06:ed:4b:8a:69:f3:4d:34:f1:69:f6:1a:55:44:1e:2c:16:
c6:b3:1f:2c:0d:3e:b3:19:26:53:1b:b9:ad:cc:db:25:c9:78:
24:a4:74:39:db:e6:0e:78:2e:ad:4a:19:fc:81:3a:aa:4f:54:
1e:fa:a6:8e:38:84:e8:09:91:75:9d:67:74:e9:b1:9e:ac:a6:
13:ac:d5:6e:15:e4:32:65:5f:d6:37:b9:54:bf:7d:ec:49:49:
03:7f:b9:91:e8:11:2e:ab:ed:0d:c5:91:d0:95:dc:d9:77:13:
c7:8e:58:79
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcolq6R//KuED88p8puxk4yh4JUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MTRaFw0yNTAxMjQxOTAyMTRaMDMxMTAvBgNV
BAMTKEFFRTVGOUUyMTY2NEFFODUzMzdGN0QzMDNFQzQ2Njk4MjlEQzZDRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbTgoM802iNn0ScJZaojdNlbru
0aqQTOSEnyFoR2kJ5IXdZImQ4BUHFzHaLEsipwLeax8+ITVe1qpivhPr2v/BLjlC
9BvHT72RLzBSPSk4k5vZfaYJCVwTBjX8EoC8kmE8cCuna/7bgYxf4AMuzFZdHM11
Om8X1hfSHONKkoqLA8VBJopKlhzzwABAEEHikv49nvovM/VKg/zad5zmACWT15OQ
qxfAw3iZ1uYJtm6gPQOmwfFS4K0fmTUWIlceOWLDmehUXcdRambDIT09wZ5uspg5
HzKiAValFH1e9PYGNy2HmXZdiRgo6UqUJVv1hYlst8O/bNUGeGE0FpVpFyhdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUruX54hZkroUzf30wPsRmmCncbPIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNTJlMzIzMTM0MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1nIwDQYJKoZIhvcNAQELBQADggEBAFXTNwaw3GCtF9NIP8zx5vMFZk3Wy+tB
dCKC+Knya2wndGGBO0OZwGY/jyW7a15qvQa8JU+jEZJQ9ubBVOd6wCreL2V+WE7w
s8Gbn1drXxdDpshbgVAhkOg3pxVLdnqWcLvzBzs2fVaqvcnVKCMf/I5oEVdkMAtt
ToLheKXsvnSJCP62yOkCVHGCKrokYTa+SI4G7UuKafNNNPFp9hpVRB4sFsazHywN
PrMZJlMbua3M2yXJeCSkdDnb5g54Lq1KGfyBOqpPVB76po44hOgJkXWdZ3TpsZ6s
phOs1W4V5DJlX9Y3uVS/fexJSQN/uZHoES6r7Q3FkdCV3Nl3E8eOWHk=
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:28 2024 by rpki-client on console-fra.rpki-client.org