Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
File: 3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: F9VTQj22IIxJVmtmV6EHW5cUshOhQngMNf/HSfBIRcc=
Subject key identifier: 0B:D5:2B:F4:5B:1C:F7:35:D8:45:E9:F3:84:3A:FB:E5:F3:0F:C9:E0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 22A4C417A3F8B3F6643CC40DE0F20ECCD03378DB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:54 +0000
ROA not before: Fri 20 Oct 2023 13:36:54 +0000
ROA not after: Fri 18 Oct 2024 13:41:54 +0000
asID: 51167
IP address blocks: 185.214.134.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:a4:c4:17:a3:f8:b3:f6:64:3c:c4:0d:e0:f2:0e:cc:d0:33:78:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:54 2023 GMT
Not After : Oct 18 13:41:54 2024 GMT
Subject: CN=0BD52BF45B1CF735D845E9F3843AFBE5F30FC9E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:40:f0:cc:a7:d4:a3:e8:5b:a4:60:8b:fa:
89:84:6f:be:69:d9:c0:ff:6c:36:82:97:83:7d:b6:
f4:3b:b6:54:8b:99:7d:b8:8d:76:3d:18:ab:21:c2:
30:e8:4a:63:bd:c5:f8:b9:96:b9:55:b5:fb:33:f0:
0c:14:50:4b:eb:13:df:04:fc:18:bd:b2:18:b7:5c:
e3:ea:8d:f6:f5:a8:c4:8e:07:ca:96:da:1c:5c:8f:
88:f3:81:db:db:0f:88:a2:7e:6c:88:76:85:6d:1b:
2b:4f:d6:f2:61:eb:4a:24:12:7d:c9:cb:f3:f0:8b:
d3:50:9b:5f:74:f3:87:71:fa:04:09:81:42:33:7f:
1b:35:35:65:2d:47:c0:64:cc:9c:98:8d:6b:0f:00:
82:ea:1d:3b:38:21:14:a4:2a:98:1c:0c:33:86:c2:
c4:e2:5a:0d:82:fe:df:11:9e:a7:e9:97:25:2b:3d:
58:d9:11:1f:da:87:5d:cc:79:ed:cd:24:c8:3c:c4:
cb:98:db:0e:d3:0d:b7:34:62:fe:83:40:00:09:1f:
d3:c2:40:ab:71:de:fc:3c:b8:fa:a7:21:77:f7:fa:
65:95:06:b9:b1:82:77:33:fd:ff:f8:2d:4f:89:4d:
7b:1b:66:f6:e6:3f:f4:05:f7:2d:07:ee:2e:c3:a3:
24:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D5:2B:F4:5B:1C:F7:35:D8:45:E9:F3:84:3A:FB:E5:F3:0F:C9:E0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.134.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:57:ad:11:b2:9c:a2:a2:f0:a9:0d:b1:d1:ee:ad:71:ce:d2:
11:fe:51:16:9d:f6:2e:b9:11:67:41:bb:d9:0a:7d:5b:56:c6:
bd:f7:3f:b9:e3:bc:9c:c0:df:3e:c2:ef:82:e0:33:c5:f2:87:
30:4e:b4:13:83:c7:b7:e9:55:82:c5:9f:22:ac:c6:7b:e8:92:
18:8e:4e:ab:21:6a:b0:29:38:48:42:bf:8d:3e:0f:ed:a0:c0:
f2:63:ab:6a:4f:31:b7:d6:87:4c:e2:ec:fe:47:3d:4c:08:21:
ed:21:1c:60:1a:01:40:75:20:6e:08:bc:60:cf:07:b2:a5:39:
ae:65:db:11:7d:ec:87:30:4e:19:4a:40:7b:4f:a8:02:32:c8:
09:3d:88:ce:4f:8b:0e:41:25:79:55:c7:40:b1:d3:19:ac:35:
43:a9:d4:49:93:85:b0:cc:e0:14:cb:d0:41:1c:d8:f6:0d:7d:
92:92:48:8e:59:ea:35:38:0b:fa:06:9d:9b:71:73:a9:0f:78:
42:cd:42:6f:10:95:e6:d8:de:cb:28:de:41:2c:32:f3:20:0c:
b0:aa:d2:fc:1e:db:7a:d7:e0:85:a7:28:b8:de:00:3b:01:0b:
c0:61:78:9d:bc:8e:d3:b8:1c:1e:a7:82:fc:58:dd:22:3e:5c:
7d:17:49:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIqTEF6P4s/ZkPMQN4PIOzNAzeNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTRaFw0yNDEwMTgxMzQxNTRaMDMxMTAvBgNV
BAMTKDBCRDUyQkY0NUIxQ0Y3MzVEODQ1RTlGMzg0M0FGQkU1RjMwRkM5RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHtEDwzKfUo+hbpGCL+omEb75p
2cD/bDaCl4N9tvQ7tlSLmX24jXY9GKshwjDoSmO9xfi5lrlVtfsz8AwUUEvrE98E
/Bi9shi3XOPqjfb1qMSOB8qW2hxcj4jzgdvbD4iifmyIdoVtGytP1vJh60okEn3J
y/Pwi9NQm19084dx+gQJgUIzfxs1NWUtR8BkzJyYjWsPAILqHTs4IRSkKpgcDDOG
wsTiWg2C/t8RnqfplyUrPVjZER/ah13Mee3NJMg8xMuY2w7TDbc0Yv6DQAAJH9PC
QKtx3vw8uPqnIXf3+mWVBrmxgncz/f/4LU+JTXsbZvbmP/QF9y0H7i7DoyRRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUC9Ur9Fsc9zXYRenzhDr75fMPyeAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTMx
MzMzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG51oYwDQYJKoZIhvcNAQELBQADggEBAG1XrRGynKKi8KkNsdHurXHO0hH+URad
9i65EWdBu9kKfVtWxr33P7njvJzA3z7C74LgM8XyhzBOtBODx7fpVYLFnyKsxnvo
khiOTqsharApOEhCv40+D+2gwPJjq2pPMbfWh0zi7P5HPUwIIe0hHGAaAUB1IG4I
vGDPB7KlOa5l2xF97IcwThlKQHtPqAIyyAk9iM5Piw5BJXlVx0Cx0xmsNUOp1EmT
hbDM4BTL0EEc2PYNfZKSSI5Z6jU4C/oGnZtxc6kPeELNQm8QlebY3sso3kEsMvMg
DLCq0vwe23rX4IWnKLjeADsBC8BheJ28jtO4HB6ngvxY3SI+XH0XSbI=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:06 2024 by rpki-client on console-ams.rpki-client.org