Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
File: 39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ltJyAIBl+ANqrnYI6UkyuzEv2zICHopzjo3bvQQnBQM=
Subject key identifier: 86:CB:62:2B:90:23:0E:7C:B5:9E:31:85:07:19:E5:EF:82:DC:CC:50
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1465BA093D5C0D0A7379EAC6A75D6C1367775755
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:38 +0000
ROA not before: Fri 27 Dec 2024 19:39:38 +0000
ROA not after: Fri 26 Dec 2025 19:44:38 +0000
asID: 136787
IP address blocks: 95.214.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:65:ba:09:3d:5c:0d:0a:73:79:ea:c6:a7:5d:6c:13:67:77:57:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:38 2024 GMT
Not After : Dec 26 19:44:38 2025 GMT
Subject: CN=86CB622B90230E7CB59E31850719E5EF82DCCC50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:91:35:16:5e:f1:e0:19:14:87:3b:a1:6e:ef:
51:2b:ca:6c:2e:e3:98:bb:7c:1c:42:d0:09:76:78:
23:9e:8e:68:c1:fe:f4:d5:07:06:c5:8c:86:6b:a6:
49:88:37:6d:41:c5:37:3e:09:ff:5b:09:4b:22:df:
82:87:3c:59:67:59:4a:11:58:45:26:42:43:95:6b:
c8:06:99:f4:8e:63:f1:4e:ca:29:43:05:19:2e:ba:
64:73:c4:6a:fd:ef:d9:40:f2:06:25:e0:4a:03:74:
38:be:47:14:be:0c:fd:99:8b:7d:5c:4f:c8:75:eb:
0b:9b:11:f1:91:78:7c:35:9b:28:ce:0d:c6:da:81:
c0:d5:28:c7:fe:10:41:4b:fa:96:f5:40:27:c8:92:
cf:41:46:e7:d0:8c:04:fd:c4:08:5e:45:22:78:73:
dc:01:5d:2d:55:c7:23:33:78:ef:9a:2c:31:08:a1:
cd:14:fc:ce:25:14:14:41:5b:10:10:13:03:b7:e5:
1c:23:b3:68:9a:55:0a:c4:78:10:92:86:ec:b6:3e:
19:8b:54:74:0a:99:84:bb:9f:1f:ca:1b:41:af:92:
6b:3a:70:18:71:37:ae:09:e2:96:75:73:05:63:b2:
cf:25:24:e0:af:ef:69:9e:24:db:46:ad:e0:e1:77:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CB:62:2B:90:23:0E:7C:B5:9E:31:85:07:19:E5:EF:82:DC:CC:50
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.114.0/24
Signature Algorithm: sha256WithRSAEncryption
90:34:cc:6a:72:82:ed:56:38:6f:4b:81:af:ff:ec:be:90:12:
c4:8f:10:c7:09:65:0c:5a:66:a2:3a:b1:7c:7a:46:eb:cb:fc:
6a:86:58:69:13:0f:19:8b:c8:5b:2f:e3:4d:2a:32:c4:cb:17:
9d:6c:8a:48:62:9f:dc:c3:e1:80:c9:0a:b5:24:31:57:41:62:
58:aa:a2:cd:14:f4:1a:55:19:31:fe:c7:30:af:10:22:5d:eb:
af:14:75:a7:2d:ec:87:aa:3e:2f:34:fa:94:cc:4c:fb:18:c9:
88:d4:56:22:76:17:40:15:7c:9c:c1:de:fb:a3:27:76:93:62:
c3:e0:35:21:54:8a:36:1d:70:eb:ff:b5:f2:4a:66:4f:73:8e:
ac:e4:4d:61:92:42:bd:27:3a:95:ea:04:37:0c:6c:a7:79:ad:
e7:30:ce:a2:1b:35:e9:f0:bd:05:be:30:99:89:ab:4b:ce:d6:
dc:67:f4:f8:a8:4d:25:f2:08:e2:b6:92:c5:76:01:e1:35:86:
3b:52:2d:b0:6a:85:e7:35:a8:a5:47:99:ba:ae:3d:02:e1:c0:
61:5d:e6:b8:2f:e6:ca:8c:4f:96:97:e2:f2:85:a9:75:ee:c9:
d4:ab:bf:8a:1e:8a:89:7f:08:d6:4c:e5:f7:dd:94:7d:21:2d:
46:13:d3:bf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFGW6CT1cDQpzeerGp11sE2d3V1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzhaFw0yNTEyMjYxOTQ0MzhaMDMxMTAvBgNV
BAMTKDg2Q0I2MjJCOTAyMzBFN0NCNTlFMzE4NTA3MTlFNUVGODJEQ0NDNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgkTUWXvHgGRSHO6Fu71Erymwu
45i7fBxC0Al2eCOejmjB/vTVBwbFjIZrpkmIN21BxTc+Cf9bCUsi34KHPFlnWUoR
WEUmQkOVa8gGmfSOY/FOyilDBRkuumRzxGr979lA8gYl4EoDdDi+RxS+DP2Zi31c
T8h16wubEfGReHw1myjODcbagcDVKMf+EEFL+pb1QCfIks9BRufQjAT9xAheRSJ4
c9wBXS1VxyMzeO+aLDEIoc0U/M4lFBRBWxAQEwO35Rwjs2iaVQrEeBCShuy2PhmL
VHQKmYS7nx/KG0Gvkms6cBhxN64J4pZ1cwVjss8lJOCv72meJNtGreDhd0ffAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhstiK5AjDny1njGFBxnl74LczFAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNTJlMzIzMTM0MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1nIwDQYJKoZIhvcNAQELBQADggEBAJA0zGpygu1WOG9Lga//7L6QEsSPEMcJ
ZQxaZqI6sXx6RuvL/GqGWGkTDxmLyFsv400qMsTLF51sikhin9zD4YDJCrUkMVdB
Yliqos0U9BpVGTH+xzCvECJd668Udact7IeqPi80+pTMTPsYyYjUViJ2F0AVfJzB
3vujJ3aTYsPgNSFUijYdcOv/tfJKZk9zjqzkTWGSQr0nOpXqBDcMbKd5recwzqIb
NenwvQW+MJmJq0vO1txn9PioTSXyCOK2ksV2AeE1hjtSLbBqhec1qKVHmbquPQLh
wGFd5rgv5sqMT5aX4vKFqXXuydSrv4oeiol/CNZM5ffdlH0hLUYT078=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:20:39 2025 by rpki-client