Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3139322e39392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cLcQ8xiWMcukJf8o16kM7KRhlcWm4o2hllr1DKIjk0c=
Subject key identifier: E8:6D:A8:7D:F8:7D:93:CF:43:C8:6C:CD:86:14:F2:2F:90:0B:D4:45
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 57F3E4820C791119AEDF4E7389851BA03D03687A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:37 +0000
ROA not before: Sun 12 May 2024 10:58:37 +0000
ROA not after: Sun 11 May 2025 11:03:37 +0000
asID: 136787
IP address blocks: 185.192.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f3:e4:82:0c:79:11:19:ae:df:4e:73:89:85:1b:a0:3d:03:68:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 12 10:58:37 2024 GMT
Not After : May 11 11:03:37 2025 GMT
Subject: CN=E86DA87DF87D93CF43C86CCD8614F22F900BD445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:5c:ab:ee:26:af:29:4d:9a:eb:a8:ff:93:
ce:5d:47:17:f7:ed:70:1c:92:61:7d:44:24:90:0c:
1d:4b:67:98:ce:8a:cf:59:c3:4c:b2:69:54:51:b7:
8f:e4:75:7c:90:b3:c1:2d:b1:77:ad:b5:22:98:6c:
39:8c:91:93:64:ca:6a:be:09:50:65:94:32:31:4a:
aa:20:da:d6:33:18:b8:06:81:d4:b7:fd:86:ea:62:
fd:bc:a7:e2:82:2a:a6:41:69:9c:bf:8c:6c:ab:c1:
f3:92:3d:a9:9a:aa:ca:92:3a:75:60:37:c2:f3:d2:
08:53:4d:aa:be:e2:0a:8b:b7:ef:4e:0f:a0:65:c8:
7e:dd:47:d8:fb:5d:d2:b9:2e:5e:5a:49:4a:f6:f8:
d6:a3:c0:b4:b0:ca:b2:3a:99:81:2c:24:72:8d:4e:
87:7c:08:8e:35:9e:5b:74:fb:f4:24:20:1d:30:bb:
fe:46:7b:de:3d:63:09:50:b4:8a:87:34:e7:51:d2:
1c:b2:4e:db:ab:50:62:7d:12:67:73:76:80:bf:3b:
13:d5:82:c3:2c:2a:77:8b:44:e3:bf:2e:c6:e8:25:
36:e2:0e:1c:f7:d8:d1:c2:89:e5:b0:7e:70:7d:d9:
64:9c:20:db:fa:9d:e2:f3:83:23:a2:9a:c6:e1:d9:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:6D:A8:7D:F8:7D:93:CF:43:C8:6C:CD:86:14:F2:2F:90:0B:D4:45
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139322e39392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:02:99:2b:2c:0b:12:14:0f:70:a5:dd:80:63:b4:43:bf:19:
97:19:28:86:77:0c:bf:2c:3f:7b:a7:26:1a:dc:6a:ea:45:94:
b5:6d:22:61:ab:34:39:ce:97:96:d6:bd:30:8d:b6:23:a6:ed:
08:d3:74:33:ef:3b:6e:7e:ab:ce:26:29:f3:89:18:a5:fa:ba:
50:79:06:cc:69:75:41:bf:32:fd:d6:33:07:44:9a:d6:bc:d2:
e3:e4:e0:7c:c3:a4:f2:fa:fa:7f:e5:b6:af:db:7f:02:ee:d3:
f9:c3:f8:39:f8:df:28:6c:eb:8a:3c:bb:19:a4:ae:e4:83:db:
7e:4a:31:62:4e:85:28:85:26:0a:a8:a0:65:bf:f4:fd:9d:60:
f0:9a:46:be:85:04:ad:5a:7b:64:11:22:4a:33:9d:fd:41:0a:
5b:31:60:00:69:fe:aa:08:1e:7a:a8:3f:56:9a:93:51:ba:4a:
c0:5a:7f:6a:96:84:75:55:43:ad:80:31:1b:60:bf:3c:d0:7f:
61:a9:f4:ee:04:29:30:3b:16:ea:6e:5f:8c:96:3b:ab:b1:48:
16:c4:c4:ab:06:60:c9:c5:7c:99:92:4e:07:4d:f6:c8:4f:c8:
55:52:c0:70:77:5c:f4:7e:61:da:7d:df:84:ae:6e:dc:83:6e:
8a:1b:29:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUV/Pkggx5ERmu305ziYUboD0DaHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MTIxMDU4MzdaFw0yNTA1MTExMTAzMzdaMDMxMTAvBgNV
BAMTKEU4NkRBODdERjg3RDkzQ0Y0M0M4NkNDRDg2MTRGMjJGOTAwQkQ0NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25Vyr7iavKU2a66j/k85dRxf3
7XAckmF9RCSQDB1LZ5jOis9Zw0yyaVRRt4/kdXyQs8EtsXettSKYbDmMkZNkymq+
CVBllDIxSqog2tYzGLgGgdS3/YbqYv28p+KCKqZBaZy/jGyrwfOSPamaqsqSOnVg
N8Lz0ghTTaq+4gqLt+9OD6BlyH7dR9j7XdK5Ll5aSUr2+NajwLSwyrI6mYEsJHKN
Tod8CI41nlt0+/QkIB0wu/5Ge949YwlQtIqHNOdR0hyyTturUGJ9EmdzdoC/OxPV
gsMsKneLROO/LsboJTbiDhz32NHCieWwfnB92WScINv6neLzgyOimsbh2f/rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6G2offh9k89DyGzNhhTyL5AL1EUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzIyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5wGMwDQYJKoZIhvcNAQELBQADggEBAI8CmSssCxIUD3Cl3YBjtEO/GZcZKIZ3
DL8sP3unJhrcaupFlLVtImGrNDnOl5bWvTCNtiOm7QjTdDPvO25+q84mKfOJGKX6
ulB5BsxpdUG/Mv3WMwdEmta80uPk4HzDpPL6+n/ltq/bfwLu0/nD+Dn43yhs64o8
uxmkruSD235KMWJOhSiFJgqooGW/9P2dYPCaRr6FBK1ae2QRIkoznf1BClsxYABp
/qoIHnqoP1aak1G6SsBaf2qWhHVVQ62AMRtgvzzQf2Gp9O4EKTA7FupuX4yWO6ux
SBbExKsGYMnFfJmSTgdN9shPyFVSwHB3XPR+Ydp934SubtyDboobKYg=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:06 2024 by rpki-client on console-ams.rpki-client.org