Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235302e302f32342d3332203d3e203531313637.roa
File: 3138352e3138382e3235302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: qf4/QuZOJOzBfrHLuPb70nW0257kq4eLgTTI5heZd4c=
Subject key identifier: 72:09:1C:B4:4F:29:7B:B2:98:51:6A:1D:69:BA:3F:B7:08:4D:06:D4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 054A89B9296A6371A908278924C888C3DD53BAB9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235302e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:07 +0000
ROA not before: Mon 26 Feb 2024 08:48:07 +0000
ROA not after: Mon 24 Feb 2025 08:53:07 +0000
asID: 51167
IP address blocks: 185.188.250.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:4a:89:b9:29:6a:63:71:a9:08:27:89:24:c8:88:c3:dd:53:ba:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:07 2024 GMT
Not After : Feb 24 08:53:07 2025 GMT
Subject: CN=72091CB44F297BB298516A1D69BA3FB7084D06D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:df:90:5c:82:47:76:7d:d0:74:35:81:01:
6b:b5:e9:46:5f:7b:7a:75:85:89:e6:cb:2a:27:e7:
f7:85:b7:54:20:b3:47:a3:59:3f:8b:f9:f0:9f:58:
46:dc:e6:2d:5f:f8:df:f3:f4:c8:6c:b7:7a:f2:af:
25:02:2b:65:d9:0b:9a:1b:8e:e5:5e:92:98:22:02:
ff:00:f5:cf:41:00:31:9e:58:5f:d2:bd:7a:62:f8:
a5:f9:2a:c7:c5:b8:80:9d:43:47:e4:e2:18:9b:40:
91:39:ba:df:b1:ba:1e:06:82:0c:c5:6d:5b:0c:5a:
2c:de:4f:e9:84:79:c4:66:91:f0:d5:0c:be:51:b0:
a0:97:6a:7b:00:e0:73:f4:83:88:6b:d0:f2:a9:3a:
f3:c3:ac:94:42:6d:51:83:24:a0:55:61:7b:1d:49:
de:df:3e:fc:a2:dd:43:51:b6:f2:b3:09:0e:1f:1c:
06:7e:b2:98:02:49:8a:79:35:55:78:7d:cb:41:c8:
f3:fc:4a:c2:0e:fd:58:86:a5:fe:b4:71:db:3d:63:
85:0b:2a:cc:8a:0a:95:e5:4a:f3:45:4e:75:86:b2:
24:6c:d0:84:7f:df:99:20:99:1b:5c:64:14:f6:e6:
79:be:2b:87:7f:c2:9b:37:cd:0d:a1:a8:c3:68:05:
f6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:09:1C:B4:4F:29:7B:B2:98:51:6A:1D:69:BA:3F:B7:08:4D:06:D4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.250.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0d:5e:b9:2f:15:22:b1:98:57:c8:43:f7:1c:4c:54:7c:b4:
b4:c9:b4:3c:06:ed:83:7e:d3:9e:7c:e3:61:37:19:d7:37:b2:
d5:62:2b:c1:89:25:3e:cd:71:fa:3e:aa:20:ab:c5:53:f9:ec:
08:c1:1c:2a:db:6f:ee:bb:c4:75:8f:01:11:2f:f1:6a:47:47:
4e:7b:8a:a5:e1:aa:76:91:41:8a:be:83:be:d2:a9:72:19:b7:
3c:be:d4:f6:3f:81:5c:7c:30:4d:d9:69:bd:b6:16:ad:90:66:
be:e9:1d:e0:4f:d6:b0:6b:6e:6e:96:07:54:37:45:2e:0d:03:
4f:1b:cb:65:40:67:d7:c3:e9:3d:2f:05:f6:2f:71:7b:a6:32:
79:af:43:e8:b0:22:bb:12:66:b0:57:82:df:f6:15:58:5c:5c:
4c:40:5b:86:10:75:25:00:d7:49:79:6f:ef:61:50:34:0b:7b:
41:6e:d1:45:10:fd:8d:14:f2:e3:87:88:81:65:fb:0e:9d:ef:
4e:d1:e5:46:d7:41:b7:6d:d5:b3:ad:49:4c:c2:69:4d:bc:ad:
c5:05:2b:9a:c5:f3:23:09:08:71:4f:73:d6:5a:13:07:3c:eb:
78:3d:68:02:46:8f:cc:8e:a3:e9:c3:83:23:15:3b:da:0a:b4:
81:67:cf:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBUqJuSlqY3GpCCeJJMiIw91TurkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDdaFw0yNTAyMjQwODUzMDdaMDMxMTAvBgNV
BAMTKDcyMDkxQ0I0NEYyOTdCQjI5ODUxNkExRDY5QkEzRkI3MDg0RDA2RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNN9+QXIJHdn3QdDWBAWu16UZf
e3p1hYnmyyon5/eFt1Qgs0ejWT+L+fCfWEbc5i1f+N/z9Mhst3ryryUCK2XZC5ob
juVekpgiAv8A9c9BADGeWF/SvXpi+KX5KsfFuICdQ0fk4hibQJE5ut+xuh4GggzF
bVsMWizeT+mEecRmkfDVDL5RsKCXansA4HP0g4hr0PKpOvPDrJRCbVGDJKBVYXsd
Sd7fPvyi3UNRtvKzCQ4fHAZ+spgCSYp5NVV4fctByPP8SsIO/ViGpf60cds9Y4UL
KsyKCpXlSvNFTnWGsiRs0IR/35kgmRtcZBT25nm+K4d/wps3zQ2hqMNoBfajAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcgkctE8pe7KYUWodabo/twhNBtQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzgyZTMy
MzUzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vPowDQYJKoZIhvcNAQELBQADggEBAAYNXrkvFSKxmFfIQ/ccTFR8tLTJtDwG
7YN+055842E3Gdc3stViK8GJJT7Ncfo+qiCrxVP57AjBHCrbb+67xHWPAREv8WpH
R057iqXhqnaRQYq+g77SqXIZtzy+1PY/gVx8ME3Zab22Fq2QZr7pHeBP1rBrbm6W
B1Q3RS4NA08by2VAZ9fD6T0vBfYvcXumMnmvQ+iwIrsSZrBXgt/2FVhcXExAW4YQ
dSUA10l5b+9hUDQLe0Fu0UUQ/Y0U8uOHiIFl+w6d707R5UbXQbdt1bOtSUzCaU28
rcUFK5rF8yMJCHFPc9ZaEwc863g9aAJGj8yOo+nDgyMVO9oKtIFnz0M=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:46 2024 by rpki-client on console-fra.rpki-client.org