Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
File: 3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: aDtK6O+RNSiwIig+bm88w9UcGb6Pzkq0vPEV779/mnk=
Subject key identifier: A2:3F:E0:E4:B6:6C:73:6B:45:BD:AD:8B:5A:6D:A0:EE:36:0D:1E:ED
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2DEFEC70C66D594C7FE733A3AF36670EC7360CB7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:55 +0000
ROA not before: Fri 20 Oct 2023 13:36:55 +0000
ROA not after: Fri 18 Oct 2024 13:41:55 +0000
asID: 51167
IP address blocks: 185.194.218.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ef:ec:70:c6:6d:59:4c:7f:e7:33:a3:af:36:67:0e:c7:36:0c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:55 2023 GMT
Not After : Oct 18 13:41:55 2024 GMT
Subject: CN=A23FE0E4B66C736B45BDAD8B5A6DA0EE360D1EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:aa:8b:e7:43:03:14:0e:f8:b0:66:c2:e6:d3:
4d:ab:bb:03:5d:8f:c1:47:85:ac:4b:0b:3d:98:f5:
c4:8e:5d:8b:ba:47:87:47:b9:82:e1:25:88:4b:76:
23:29:4a:ab:89:e5:a2:03:fd:f6:30:90:20:ec:85:
9f:32:08:27:0f:26:ce:0b:dc:fb:2e:07:5e:66:19:
01:cb:93:12:e2:96:75:29:72:63:d9:20:0a:a5:24:
94:ec:22:ec:cb:d1:b9:be:15:4e:c5:ff:47:39:eb:
66:43:99:a5:74:d2:2d:f2:27:1f:a1:f0:79:5c:4c:
78:9e:62:46:ec:3a:36:99:8d:18:d1:b7:f6:d1:3c:
be:72:bb:3c:bd:ab:5b:0e:71:69:2b:96:77:b5:b5:
7c:41:2f:0d:9f:01:e0:c6:d8:6e:a1:d2:af:c3:4b:
7c:c9:8c:3b:d2:ad:e7:e3:c4:da:7f:18:0f:e6:7f:
20:a4:96:31:2f:ca:41:61:6c:8c:0c:2a:fd:1f:3a:
c7:c2:c6:ff:af:b3:4c:5a:75:c8:e9:f2:2a:7d:16:
51:e1:96:d6:18:82:d5:38:f8:9c:e6:f3:b0:8a:f8:
a3:30:26:d1:12:fd:0c:01:12:76:97:36:64:10:01:
fd:49:e9:03:5f:b5:49:e5:a5:c3:54:27:bf:e0:63:
8c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:E0:E4:B6:6C:73:6B:45:BD:AD:8B:5A:6D:A0:EE:36:0D:1E:ED
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.218.0/23
Signature Algorithm: sha256WithRSAEncryption
06:e8:3c:3e:09:c4:02:fc:54:8f:42:06:a3:f4:a8:23:91:76:
af:ce:6a:cf:18:c0:de:6d:46:6a:c0:04:d2:27:9f:4b:24:cf:
e8:52:f0:b2:34:e3:b9:1b:69:db:c5:6a:aa:71:9d:51:f6:47:
09:81:e9:4c:bf:b1:21:f4:3e:10:a9:05:35:12:97:d0:59:b5:
c6:44:68:ea:15:35:ba:ee:0d:5f:04:21:f3:87:42:72:2d:03:
62:6f:68:1f:7f:cd:0d:47:1f:3e:f1:0f:ab:2f:b2:4f:f7:61:
1c:e5:e3:c8:4b:9e:82:62:79:24:18:95:f1:af:78:73:48:c0:
9d:73:c4:65:f5:7e:c2:37:ab:a1:a5:f0:fb:31:e8:70:68:3b:
34:51:9e:aa:e7:45:15:bd:7d:5a:07:4f:53:e7:fe:26:f5:36:
cc:61:d1:2b:60:2b:c3:19:39:78:96:ec:e6:55:b3:2d:f9:f4:
95:89:c6:46:fa:4a:f2:23:4e:44:f6:b2:4f:ab:be:67:b4:d7:
53:a8:48:13:7c:b8:0a:a0:69:3d:63:01:58:b9:52:b9:6d:46:
68:4d:b3:cc:17:73:a8:bb:f3:3a:1a:fa:4e:d8:76:10:c8:9f:
aa:a4:21:ff:73:41:5c:a2:4e:91:7e:b5:e2:a0:79:10:41:d4:
00:3b:82:27
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULe/scMZtWUx/5zOjrzZnDsc2DLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTVaFw0yNDEwMTgxMzQxNTVaMDMxMTAvBgNV
BAMTKEEyM0ZFMEU0QjY2QzczNkI0NUJEQUQ4QjVBNkRBMEVFMzYwRDFFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8qovnQwMUDviwZsLm002ruwNd
j8FHhaxLCz2Y9cSOXYu6R4dHuYLhJYhLdiMpSquJ5aID/fYwkCDshZ8yCCcPJs4L
3PsuB15mGQHLkxLilnUpcmPZIAqlJJTsIuzL0bm+FU7F/0c562ZDmaV00i3yJx+h
8HlcTHieYkbsOjaZjRjRt/bRPL5yuzy9q1sOcWkrlne1tXxBLw2fAeDG2G6h0q/D
S3zJjDvSrefjxNp/GA/mfyCkljEvykFhbIwMKv0fOsfCxv+vs0xadcjp8ip9FlHh
ltYYgtU4+Jzm87CK+KMwJtES/QwBEnaXNmQQAf1J6QNftUnlpcNUJ7/gY4yjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoj/g5LZsc2tFva2LWm2g7jYNHu0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzQyZTMy
MzEzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5wtowDQYJKoZIhvcNAQELBQADggEBAAboPD4JxAL8VI9CBqP0qCORdq/Oas8Y
wN5tRmrABNInn0skz+hS8LI047kbadvFaqpxnVH2RwmB6Uy/sSH0PhCpBTUSl9BZ
tcZEaOoVNbruDV8EIfOHQnItA2JvaB9/zQ1HHz7xD6svsk/3YRzl48hLnoJieSQY
lfGveHNIwJ1zxGX1fsI3q6Gl8Psx6HBoOzRRnqrnRRW9fVoHT1Pn/ib1Nsxh0Stg
K8MZOXiW7OZVsy359JWJxkb6SvIjTkT2sk+rvme011OoSBN8uAqgaT1jAVi5Urlt
RmhNs8wXc6i78zoa+k7YdhDIn6qkIf9zQVyiTpF+teKgeRBB1AA7gic=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:47 2024 by rpki-client on console-fra.rpki-client.org