Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39382e302f32342d3234203d3e20323036323634.roa
File: 3138352e3139322e39382e302f32342d3234203d3e20323036323634.roa (raw, json)
Hash identifier: gHUEcHaRAtZzg2VHCdt+Xpkxmwi3cpWtNGAy+G83E7w=
Subject key identifier: C2:53:80:0B:14:EF:02:9A:7B:48:14:03:DC:6E:B6:F2:BE:78:51:0B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33CE4DE037976C7F0EAD283173AFD73083FE105C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39382e302f32342d3234203d3e20323036323634.roa
Signing time: Mon 26 Feb 2024 08:53:10 +0000
ROA not before: Mon 26 Feb 2024 08:48:10 +0000
ROA not after: Mon 24 Feb 2025 08:53:10 +0000
asID: 206264
IP address blocks: 185.192.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ce:4d:e0:37:97:6c:7f:0e:ad:28:31:73:af:d7:30:83:fe:10:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:10 2024 GMT
Not After : Feb 24 08:53:10 2025 GMT
Subject: CN=C253800B14EF029A7B481403DC6EB6F2BE78510B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:a4:3d:e9:18:57:e8:bc:ff:05:f4:be:7a:
6b:c0:ee:6f:c1:b7:06:da:a3:34:da:4b:f9:52:3a:
24:af:9d:86:50:8e:2e:91:1a:d8:37:1b:a5:44:ad:
48:d3:47:c7:ef:83:a3:27:20:34:67:02:cc:f8:62:
e5:7b:a7:a2:27:f5:19:21:ed:6b:78:3e:31:61:00:
aa:d0:40:bc:ef:e8:8d:70:d9:cb:59:81:4e:73:72:
97:38:dc:fd:99:7b:57:6c:6c:d5:01:ab:04:0e:ce:
78:20:e0:f0:03:b0:15:3c:8e:f7:4d:a4:8c:6b:04:
2a:61:32:15:81:9e:d7:cb:e5:63:6e:99:83:36:77:
1e:8d:6a:9c:ae:61:bf:af:f1:59:58:dc:a9:e7:6d:
73:30:8a:5a:bd:71:eb:04:c1:d8:97:7e:1f:ac:1f:
f7:32:6f:d1:cf:10:3e:18:97:8c:65:4b:e8:04:c7:
22:3f:22:b4:be:b2:04:fe:be:a3:01:87:1c:31:38:
a3:38:9a:4d:be:fb:63:1b:a6:61:99:17:61:19:f2:
72:e6:2a:d9:0a:b4:a8:70:14:26:fe:c3:aa:41:a7:
1e:1d:a6:cd:22:4e:3c:2d:50:f7:87:91:1d:1a:f4:
d9:f3:df:ae:ab:5f:1f:d1:b6:56:60:d6:ce:30:7c:
71:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:53:80:0B:14:EF:02:9A:7B:48:14:03:DC:6E:B6:F2:BE:78:51:0B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39382e302f32342d3234203d3e20323036323634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.98.0/24
Signature Algorithm: sha256WithRSAEncryption
26:63:c9:d8:41:ef:55:f7:08:99:cb:d0:56:2e:9d:20:bd:bc:
ca:65:56:19:64:39:45:a2:99:1d:d9:31:0f:35:df:7c:5a:cb:
58:73:59:1a:5a:a0:48:59:f2:f5:04:b0:8c:41:9a:d1:5d:1f:
8d:b8:35:2a:93:d7:e3:02:25:20:30:9e:e9:5c:5f:2d:f2:10:
fd:33:4a:9f:ad:bb:3f:7c:41:d6:9f:13:c6:a8:43:ca:e7:0c:
61:ab:ac:dd:7c:a3:16:33:d5:15:8b:90:3d:85:39:4a:c2:c9:
87:7b:79:df:d8:8c:77:11:96:fb:c8:d6:ce:e4:ad:c7:fe:dc:
9e:5b:72:93:2b:cc:f3:9d:6c:ed:87:f8:74:2e:36:26:fc:3b:
b8:0f:20:7f:e0:d5:d1:c8:04:26:18:10:04:c9:12:36:9a:26:
f2:96:c0:96:ce:84:2c:94:86:60:73:7e:2c:15:6b:54:4b:96:
62:e4:eb:18:06:5d:72:d6:73:89:df:93:3f:51:89:56:3d:af:
de:6c:2a:73:eb:b2:2e:e3:b3:0d:61:74:be:c8:92:da:cc:ce:
ac:8e:74:cf:47:13:a1:06:6b:3a:7d:db:6a:58:71:24:fe:77:
fd:60:46:3b:c3:b4:00:d6:a8:41:f6:36:ad:89:e1:95:e4:f1:
e6:bc:77:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM85N4DeXbH8OrSgxc6/XMIP+EFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTBaFw0yNTAyMjQwODUzMTBaMDMxMTAvBgNV
BAMTKEMyNTM4MDBCMTRFRjAyOUE3QjQ4MTQwM0RDNkVCNkYyQkU3ODUxMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZW6Q96RhX6Lz/BfS+emvA7m/B
twbaozTaS/lSOiSvnYZQji6RGtg3G6VErUjTR8fvg6MnIDRnAsz4YuV7p6In9Rkh
7Wt4PjFhAKrQQLzv6I1w2ctZgU5zcpc43P2Ze1dsbNUBqwQOzngg4PADsBU8jvdN
pIxrBCphMhWBntfL5WNumYM2dx6NapyuYb+v8VlY3KnnbXMwilq9cesEwdiXfh+s
H/cyb9HPED4Yl4xlS+gExyI/IrS+sgT+vqMBhxwxOKM4mk2++2MbpmGZF2EZ8nLm
KtkKtKhwFCb+w6pBpx4dps0iTjwtUPeHkR0a9Nnz366rXx/RtlZg1s4wfHFHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwlOACxTvApp7SBQD3G628r54UQswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzIyZTM5
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMjM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5wGIwDQYJKoZIhvcNAQELBQADggEBACZjydhB71X3CJnL0FYunSC9vMplVhlk
OUWimR3ZMQ8133xay1hzWRpaoEhZ8vUEsIxBmtFdH424NSqT1+MCJSAwnulcXy3y
EP0zSp+tuz98QdafE8aoQ8rnDGGrrN18oxYz1RWLkD2FOUrCyYd7ed/YjHcRlvvI
1s7krcf+3J5bcpMrzPOdbO2H+HQuNib8O7gPIH/g1dHIBCYYEATJEjaaJvKWwJbO
hCyUhmBzfiwVa1RLlmLk6xgGXXLWc4nfkz9RiVY9r95sKnPrsi7jsw1hdL7IktrM
zqyOdM9HE6EGazp922pYcST+d/1gRjvDtADWqEH2Nq2J4ZXk8ea8dzM=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:06 2024 by rpki-client on console-ams.rpki-client.org