Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233322e302f32332d3332203d3e203531313637.roa
File: 3138352e3232352e3233322e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: aDBJxUskuWk8k1x9NzRrSR7gtmZRAZWWIxm678mWgTE=
Subject key identifier: 14:BD:10:F1:A1:74:C4:5B:94:59:65:EE:93:F6:F2:86:68:DA:12:1C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 560AC09F636D0082168F248473E3F4B490AACD43
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233322e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:58 +0000
ROA not before: Fri 20 Oct 2023 13:36:58 +0000
ROA not after: Fri 18 Oct 2024 13:41:58 +0000
asID: 51167
IP address blocks: 185.225.232.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:0a:c0:9f:63:6d:00:82:16:8f:24:84:73:e3:f4:b4:90:aa:cd:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:58 2023 GMT
Not After : Oct 18 13:41:58 2024 GMT
Subject: CN=14BD10F1A174C45B945965EE93F6F28668DA121C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:3d:be:99:04:13:93:53:20:35:57:51:b5:
4f:b2:cd:79:52:22:3d:00:0d:4a:12:47:68:33:e5:
d5:fc:a7:e8:71:14:40:d1:ea:bb:f1:05:19:c6:8a:
37:c0:e6:d9:42:f5:e8:95:8a:57:a8:22:b8:cc:08:
f9:51:09:f1:af:c5:39:7e:f1:9a:d4:6e:1d:66:94:
83:36:9c:5e:05:2b:33:98:e6:2c:33:bb:9a:d1:40:
a4:34:a4:b7:80:c5:73:7f:a1:b1:f6:cb:8c:34:5a:
3d:0f:56:7a:d6:31:4c:e5:c8:21:a9:1b:d8:4f:b0:
4d:44:ed:ec:02:d1:bf:ad:c3:92:ed:87:70:6b:2f:
37:83:6f:3c:56:0a:b2:52:f3:10:f4:dd:6e:dc:4c:
43:6a:2e:a3:10:20:2b:dd:b4:79:e0:a5:e1:e6:5d:
99:0c:88:c3:0c:ac:90:41:31:ce:4f:2c:20:7f:ee:
ff:95:3f:69:6a:d2:46:2f:5c:d2:f1:be:d7:84:37:
5b:17:41:f0:f4:bd:4f:69:b5:4e:ae:61:41:34:4e:
18:fb:60:81:0d:dd:40:de:ac:51:04:20:2e:78:33:
41:dd:57:6b:17:88:be:0f:2d:3f:d2:9d:0c:98:bb:
94:11:21:dc:10:af:a4:4a:8c:08:f4:63:d0:0f:c5:
07:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BD:10:F1:A1:74:C4:5B:94:59:65:EE:93:F6:F2:86:68:DA:12:1C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233322e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.232.0/23
Signature Algorithm: sha256WithRSAEncryption
12:82:9e:fe:27:73:02:75:d1:e6:34:2f:c4:c7:86:4e:eb:47:
62:17:cd:c4:a8:66:9d:6b:b2:f9:00:f7:81:e3:c9:69:5f:65:
00:51:3e:e6:ad:fe:fc:d3:89:cc:15:30:90:16:10:ed:20:60:
c3:55:5f:25:e1:f4:05:a7:f5:a2:66:2b:be:e6:82:11:85:3d:
a1:26:97:0f:d0:71:80:de:75:a8:34:8d:eb:dc:cf:e8:c1:06:
46:f5:f2:60:69:d3:ce:3a:61:c2:79:47:b9:e5:aa:57:a2:82:
23:bb:48:f9:70:19:94:c4:50:36:90:3e:05:97:aa:67:18:04:
89:76:c9:2d:84:93:99:55:23:45:2e:8c:8a:72:57:ca:2a:f0:
ef:23:85:a8:f5:eb:ba:83:63:91:d4:e0:4f:8e:92:10:21:4c:
40:2d:e1:aa:d5:84:2c:b4:75:c5:8f:14:03:ab:01:47:1b:0e:
53:28:9d:cf:fc:8d:ca:7d:d5:ad:99:4c:c3:f0:75:fc:89:88:
6a:85:bb:fa:bd:d2:9b:33:84:84:6c:1e:b7:c7:cf:10:70:1d:
dc:c7:a2:33:f6:a0:30:50:cd:ca:c0:8f:2c:d1:b3:d6:dc:e8:
72:62:29:f9:6d:dd:df:c4:9c:7f:c1:5b:20:1f:8c:8e:99:75:
10:c5:75:36
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVgrAn2NtAIIWjySEc+P0tJCqzUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NThaFw0yNDEwMTgxMzQxNThaMDMxMTAvBgNV
BAMTKDE0QkQxMEYxQTE3NEM0NUI5NDU5NjVFRTkzRjZGMjg2NjhEQTEyMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7iD2+mQQTk1MgNVdRtU+yzXlS
Ij0ADUoSR2gz5dX8p+hxFEDR6rvxBRnGijfA5tlC9eiVileoIrjMCPlRCfGvxTl+
8ZrUbh1mlIM2nF4FKzOY5iwzu5rRQKQ0pLeAxXN/obH2y4w0Wj0PVnrWMUzlyCGp
G9hPsE1E7ewC0b+tw5Lth3BrLzeDbzxWCrJS8xD03W7cTENqLqMQICvdtHngpeHm
XZkMiMMMrJBBMc5PLCB/7v+VP2lq0kYvXNLxvteEN1sXQfD0vU9ptU6uYUE0Thj7
YIEN3UDerFEEIC54M0HdV2sXiL4PLT/SnQyYu5QRIdwQr6RKjAj0Y9APxQexAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFL0Q8aF0xFuUWWXuk/byhmjaEhwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMy
MzMzMjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG54egwDQYJKoZIhvcNAQELBQADggEBABKCnv4ncwJ10eY0L8THhk7rR2IXzcSo
Zp1rsvkA94HjyWlfZQBRPuat/vzTicwVMJAWEO0gYMNVXyXh9AWn9aJmK77mghGF
PaEmlw/QcYDedag0jevcz+jBBkb18mBp0846YcJ5R7nlqleigiO7SPlwGZTEUDaQ
PgWXqmcYBIl2yS2Ek5lVI0UujIpyV8oq8O8jhaj167qDY5HU4E+OkhAhTEAt4arV
hCy0dcWPFAOrAUcbDlMonc/8jcp91a2ZTMPwdfyJiGqFu/q90pszhIRsHrfHzxBw
HdzHojP2oDBQzcrAjyzRs9bc6HJiKflt3d/EnH/BWyAfjI6ZdRDFdTY=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org