Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203531313637.roa
File: 3138352e3138372e3233352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: jP/S/omwdsyXJLqxYX32fZa2fvVhGMt4ZeyOoU44WVU=
Subject key identifier: 95:61:B8:B1:35:60:1D:7B:66:55:3A:EF:C3:20:61:5E:EF:38:B1:D5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 77839CD864C16FCB9F176BC1CCB5389A90C0F909
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:55 +0000
ROA not before: Fri 20 Oct 2023 13:36:55 +0000
ROA not after: Fri 18 Oct 2024 13:41:55 +0000
asID: 51167
IP address blocks: 185.187.235.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:83:9c:d8:64:c1:6f:cb:9f:17:6b:c1:cc:b5:38:9a:90:c0:f9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:55 2023 GMT
Not After : Oct 18 13:41:55 2024 GMT
Subject: CN=9561B8B135601D7B66553AEFC320615EEF38B1D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c3:c8:50:d6:91:b3:46:66:27:16:d6:c0:20:
3e:d7:ee:0d:3b:73:c2:e7:9e:83:ce:ec:b0:47:cc:
ee:2d:a7:49:31:36:ba:bf:25:1c:fe:63:d9:c4:02:
b0:38:cc:32:35:e7:6a:66:f8:7a:cd:b4:e8:a7:c7:
b3:bc:4a:f3:36:83:cb:e3:5a:c9:d6:7b:77:d4:f1:
1e:f7:00:64:95:3c:51:99:4e:23:9a:ec:50:04:52:
95:6e:fe:29:d4:00:70:8c:38:e0:48:e2:de:df:60:
72:64:fb:f5:22:21:bd:bb:c9:c9:e8:e7:c2:82:63:
c2:9d:68:59:2d:33:f5:d6:23:85:80:d8:c1:c9:01:
3d:d0:7b:41:21:b8:7c:cb:ab:f2:5c:2a:d0:51:e4:
68:22:20:f1:cd:00:88:b5:9d:e5:39:ef:ed:ee:fd:
0f:fc:6b:f8:a3:d3:1c:1f:7a:72:e7:1a:f6:24:51:
73:90:a0:87:cf:eb:cd:03:c1:a3:05:9d:71:bc:9a:
76:bb:9d:fd:55:c0:5f:43:3b:0e:b2:f3:18:78:e0:
d6:c5:83:21:08:40:36:bc:1a:f6:e4:da:6a:f2:8e:
3f:77:2d:b1:2b:37:31:ef:09:d4:e9:e2:02:3a:72:
da:45:f2:5c:0c:ca:b5:c6:5d:2a:65:50:45:2c:35:
59:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:61:B8:B1:35:60:1D:7B:66:55:3A:EF:C3:20:61:5E:EF:38:B1:D5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.235.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c5:bf:3a:09:2c:05:84:9e:d6:ba:dc:76:b7:ba:86:28:cc:
2f:86:4b:a2:7d:3d:08:7d:43:48:0d:93:6f:6a:b3:62:c1:e8:
03:4a:b1:08:23:c5:1f:b9:b4:45:ef:ea:a0:3e:79:a8:59:dd:
f0:e7:29:95:08:ee:b8:ed:2f:b0:b8:c6:5a:71:f6:ec:25:7c:
44:18:6d:02:93:b1:a2:41:a3:e2:07:e4:b1:d2:9d:38:69:54:
88:dd:d4:01:73:8e:9f:8e:e4:37:98:c9:d5:96:d5:08:f7:5d:
49:96:50:7b:08:18:53:4d:f7:92:81:fa:c9:6f:f7:b4:b2:ad:
98:cc:a6:3c:84:f6:fb:c9:05:45:b7:a4:cd:ec:6f:ae:9b:56:
f1:c1:39:f6:85:10:ef:1f:cb:24:19:51:48:6b:f9:ae:2b:38:
6c:1f:48:50:a7:8e:83:1f:87:ec:4a:ba:32:85:8a:ce:2c:b0:
98:b0:a0:c6:1a:d5:fb:d2:9c:ce:b4:ec:7e:a7:b2:b9:a2:28:
38:11:7c:a0:e4:63:82:7b:08:53:64:06:b0:6a:d5:2d:f3:1e:
81:ea:d3:84:d1:95:48:0e:32:a4:fd:d2:2f:b1:fd:09:68:c8:
69:c2:5e:01:55:b5:78:cf:be:8d:a2:48:dd:bc:f9:c6:ae:b6:
00:f6:f5:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd4Oc2GTBb8ufF2vBzLU4mpDA+QkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTVaFw0yNDEwMTgxMzQxNTVaMDMxMTAvBgNV
BAMTKDk1NjFCOEIxMzU2MDFEN0I2NjU1M0FFRkMzMjA2MTVFRUYzOEIxRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvw8hQ1pGzRmYnFtbAID7X7g07
c8LnnoPO7LBHzO4tp0kxNrq/JRz+Y9nEArA4zDI152pm+HrNtOinx7O8SvM2g8vj
WsnWe3fU8R73AGSVPFGZTiOa7FAEUpVu/inUAHCMOOBI4t7fYHJk+/UiIb27ycno
58KCY8KdaFktM/XWI4WA2MHJAT3Qe0EhuHzLq/JcKtBR5GgiIPHNAIi1neU57+3u
/Q/8a/ij0xwfenLnGvYkUXOQoIfP680DwaMFnXG8mna7nf1VwF9DOw6y8xh44NbF
gyEIQDa8Gvbk2mryjj93LbErNzHvCdTp4gI6ctpF8lwMyrXGXSplUEUsNVkBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlWG4sTVgHXtmVTrvwyBhXu84sdUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u+swDQYJKoZIhvcNAQELBQADggEBAFfFvzoJLAWEnta63Ha3uoYozC+GS6J9
PQh9Q0gNk29qs2LB6ANKsQgjxR+5tEXv6qA+eahZ3fDnKZUI7rjtL7C4xlpx9uwl
fEQYbQKTsaJBo+IH5LHSnThpVIjd1AFzjp+O5DeYydWW1Qj3XUmWUHsIGFNN95KB
+slv97SyrZjMpjyE9vvJBUW3pM3sb66bVvHBOfaFEO8fyyQZUUhr+a4rOGwfSFCn
joMfh+xKujKFis4ssJiwoMYa1fvSnM607H6nsrmiKDgRfKDkY4J7CFNkBrBq1S3z
HoHq04TRlUgOMqT90i+x/QloyGnCXgFVtXjPvo2iSN28+cautgD29ao=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:46 2024 by rpki-client on console-fra.rpki-client.org