Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
File: 3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: eLWwzuA8BE7tEfNjmf+QfR9mTA19grN9ubzJRqQUA34=
Subject key identifier: F6:EA:73:9A:0F:F6:E3:62:58:A0:EE:A7:00:87:4C:24:1A:C2:84:2E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0C02681DE6BF9F23D78FD148920C07BB61CE681C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:53 +0000
ROA not before: Fri 20 Oct 2023 13:36:53 +0000
ROA not after: Fri 18 Oct 2024 13:41:53 +0000
asID: 51167
IP address blocks: 185.239.211.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:02:68:1d:e6:bf:9f:23:d7:8f:d1:48:92:0c:07:bb:61:ce:68:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:53 2023 GMT
Not After : Oct 18 13:41:53 2024 GMT
Subject: CN=F6EA739A0FF6E36258A0EEA700874C241AC2842E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:cb:cc:b4:06:53:af:a3:87:85:70:8f:be:
ce:4d:b5:ca:c6:43:a5:6d:78:5c:5a:75:96:ce:28:
fa:92:08:f5:13:8b:84:4e:4e:70:36:53:a8:77:ad:
2e:0e:74:57:28:a2:5f:bd:9e:c2:4a:a8:6e:5b:30:
c5:d5:90:bd:ec:d5:b5:86:4c:c6:db:55:cd:4c:9f:
d4:f9:6d:fa:7d:c4:34:cc:e4:8c:a0:0a:25:4e:4c:
b0:0f:57:3a:73:cf:6b:01:10:41:63:c4:c0:ce:c3:
a7:b3:a8:75:f5:2f:c1:1c:f1:14:ed:76:f1:e3:03:
f7:84:f7:7d:58:d5:05:77:15:f1:72:16:65:71:4e:
bb:b5:4b:8b:42:56:61:7e:50:ee:79:dd:fe:1e:81:
54:9b:d4:8f:81:81:b8:cc:e7:c2:5f:fb:5a:39:51:
ef:35:47:0b:76:c8:bb:47:5e:97:b9:d1:77:8b:a9:
ec:d5:bd:42:31:32:6b:09:12:2b:dc:84:96:f2:33:
f9:26:99:08:45:2d:aa:24:3e:11:0e:e7:38:b9:fa:
e1:18:68:01:00:a5:68:f2:57:5d:73:08:e3:1b:d9:
b6:d3:85:67:39:77:45:4e:84:64:cd:68:d0:2c:d4:
e8:03:e7:28:07:68:98:22:98:60:7f:63:ea:7e:84:
fa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:EA:73:9A:0F:F6:E3:62:58:A0:EE:A7:00:87:4C:24:1A:C2:84:2E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.211.0/24
Signature Algorithm: sha256WithRSAEncryption
21:91:38:a3:77:8c:b4:68:05:e6:6f:35:d2:c1:e3:bb:95:1c:
04:d4:b2:92:11:4b:fd:fd:b1:9d:08:3b:f3:47:48:88:9a:0f:
a8:11:5b:4a:8f:8e:22:69:ad:6a:77:0d:55:9a:da:82:1f:4a:
94:2d:5d:aa:33:43:5e:5c:c5:b4:39:bc:84:f0:e8:5e:ef:77:
b9:73:35:08:04:74:7d:58:6c:f5:98:4f:83:ae:fd:a5:33:00:
19:d4:74:91:ff:e2:20:5e:e7:b7:e5:5a:85:43:9e:3f:23:9a:
5e:12:26:5d:d0:ad:ee:b1:e7:bb:62:8b:f8:1a:b0:1a:ca:3e:
b4:5a:39:c1:4f:f8:39:00:26:61:03:9a:6e:a1:11:60:a9:33:
67:2d:34:f9:de:17:26:dc:ab:91:f1:d9:50:44:a4:5f:f8:30:
d7:e8:08:53:f1:b8:33:1c:ed:da:7c:ff:10:10:ae:cb:42:9c:
f2:e2:f9:c0:29:06:35:a8:55:da:65:f3:5c:a9:6a:ca:61:49:
eb:31:de:59:7e:a6:c8:b2:d2:94:e5:a6:a9:3a:5b:bd:aa:68:
c3:7b:92:cd:1d:be:44:02:99:a7:1a:c6:32:3f:ca:ba:18:5c:
5d:e8:8a:f7:e6:a4:2b:15:7e:21:48:b1:e5:7b:51:70:98:69:
d1:c6:e0:b0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDAJoHea/nyPXj9FIkgwHu2HOaBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTNaFw0yNDEwMTgxMzQxNTNaMDMxMTAvBgNV
BAMTKEY2RUE3MzlBMEZGNkUzNjI1OEEwRUVBNzAwODc0QzI0MUFDMjg0MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20cvMtAZTr6OHhXCPvs5NtcrG
Q6VteFxadZbOKPqSCPUTi4ROTnA2U6h3rS4OdFcool+9nsJKqG5bMMXVkL3s1bWG
TMbbVc1Mn9T5bfp9xDTM5IygCiVOTLAPVzpzz2sBEEFjxMDOw6ezqHX1L8Ec8RTt
dvHjA/eE931Y1QV3FfFyFmVxTru1S4tCVmF+UO553f4egVSb1I+BgbjM58Jf+1o5
Ue81Rwt2yLtHXpe50XeLqezVvUIxMmsJEivchJbyM/kmmQhFLaokPhEO5zi5+uEY
aAEApWjyV11zCOMb2bbThWc5d0VOhGTNaNAs1OgD5ygHaJgimGB/Y+p+hPrjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9upzmg/242JYoO6nAIdMJBrChC4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMy
MzEzMTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC579MwDQYJKoZIhvcNAQELBQADggEBACGROKN3jLRoBeZvNdLB47uVHATUspIR
S/39sZ0IO/NHSIiaD6gRW0qPjiJprWp3DVWa2oIfSpQtXaozQ15cxbQ5vITw6F7v
d7lzNQgEdH1YbPWYT4Ou/aUzABnUdJH/4iBe57flWoVDnj8jml4SJl3Qre6x57ti
i/gasBrKPrRaOcFP+DkAJmEDmm6hEWCpM2ctNPneFybcq5Hx2VBEpF/4MNfoCFPx
uDMc7dp8/xAQrstCnPLi+cApBjWoVdpl81ypasphSesx3ll+psiy0pTlpqk6W72q
aMN7ks0dvkQCmacaxjI/yroYXF3oivfmpCsVfiFIseV7UXCYadHG4LA=
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org