Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135372e302f32342d3234203d3e203631333137.roa
File: 3138352e3131312e3135372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: A/r814aTCqXiy/51wyQPWEG+oaOb4NYVL+A3Kx4hBnQ=
Subject key identifier: 5C:6A:1D:2D:B2:D6:EC:F4:33:7C:8A:A3:22:91:3B:BE:17:16:B6:90
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30296E1C11624A444D2ABADEC64650A56F6683E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135372e302f32342d3234203d3e203631333137.roa
Signing time: Mon 26 Feb 2024 08:53:32 +0000
ROA not before: Mon 26 Feb 2024 08:48:32 +0000
ROA not after: Mon 24 Feb 2025 08:53:32 +0000
asID: 61317
IP address blocks: 185.111.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:29:6e:1c:11:62:4a:44:4d:2a:ba:de:c6:46:50:a5:6f:66:83:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:32 2024 GMT
Not After : Feb 24 08:53:32 2025 GMT
Subject: CN=5C6A1D2DB2D6ECF4337C8AA322913BBE1716B690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9a:fb:2c:9e:30:e8:19:d0:d5:59:6c:ce:25:
60:8b:2b:f6:a6:62:9f:15:46:e2:c5:46:c6:d7:ae:
80:6f:98:c8:09:59:3b:23:bd:e9:81:f3:2a:14:ee:
82:68:69:dd:44:fe:3a:46:0c:f5:ff:4a:98:b0:be:
9f:af:0e:36:86:80:1f:dc:bc:23:2b:b0:8d:7f:20:
b5:0b:4f:3e:21:d7:29:ce:d3:70:f6:21:8e:9a:ff:
94:5d:c7:48:8f:84:b5:85:45:56:21:4f:0f:f4:8c:
92:aa:2a:36:d0:4f:0d:d2:12:14:82:f1:2c:1a:20:
67:0f:8d:34:82:6e:6a:c4:68:fb:39:15:f3:24:20:
96:00:09:fe:8f:44:72:2a:c0:f5:15:79:b8:2e:d2:
71:ec:36:e6:8e:8e:11:a0:18:fb:ec:c2:3c:5d:22:
60:a3:91:43:a1:e4:71:91:42:66:4b:97:d9:88:fd:
a7:b8:a6:51:e1:b5:58:0e:3b:f1:4f:60:20:6e:80:
b8:e0:2a:fa:35:d8:ba:f5:c5:30:2c:86:a0:b8:56:
2b:15:a8:db:99:56:bb:f0:db:ec:79:3b:a4:bc:1e:
8b:b9:b4:57:3a:c0:78:8b:16:dc:a1:4f:0a:ef:99:
6f:87:03:fc:e6:c6:d2:e8:ac:ab:3e:b7:18:ce:23:
d4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6A:1D:2D:B2:D6:EC:F4:33:7C:8A:A3:22:91:3B:BE:17:16:B6:90
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.157.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d3:07:46:3c:45:64:22:84:2b:a6:aa:18:65:ef:dd:41:11:
a9:7b:b2:2d:96:de:e5:ee:84:69:ba:ad:ff:53:db:f3:55:93:
6a:3b:dd:d2:22:8d:8c:48:54:89:4b:04:04:80:bc:56:60:d0:
d1:9c:09:e9:17:e6:3d:de:d4:0f:17:1b:21:13:98:91:f6:08:
6a:12:67:a1:53:6d:23:c8:c4:7b:eb:b0:5c:5c:5f:f5:01:83:
4b:3d:8a:0f:24:55:5a:e3:93:e0:fb:ad:7c:db:ac:3d:3c:98:
2e:a0:48:a6:c9:d5:38:48:f4:59:e6:5b:35:27:50:5a:20:10:
c3:40:74:b2:a5:5a:fd:66:d9:dd:ea:09:cc:88:60:f4:27:4c:
88:b3:b2:52:15:fa:57:b0:67:6d:ea:69:28:49:22:03:33:03:
11:55:2e:b0:68:1f:07:0c:29:35:01:19:2b:5f:a6:e5:95:a4:
e8:5d:f2:10:b5:9e:d9:72:9e:3a:60:11:fd:cd:56:5b:a6:c4:
bc:17:56:21:d2:21:32:dc:f2:76:0e:36:3a:00:34:ba:ec:00:
ba:c4:d1:a3:68:ae:97:d6:4f:f1:2d:cd:20:42:ce:9a:8c:d2:
8c:58:61:4d:95:5f:e1:40:1d:d7:96:17:1a:0d:1d:62:96:30:
9f:a2:03:ef
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMCluHBFiSkRNKrrexkZQpW9mg+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzJaFw0yNTAyMjQwODUzMzJaMDMxMTAvBgNV
BAMTKDVDNkExRDJEQjJENkVDRjQzMzdDOEFBMzIyOTEzQkJFMTcxNkI2OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEmvssnjDoGdDVWWzOJWCLK/am
Yp8VRuLFRsbXroBvmMgJWTsjvemB8yoU7oJoad1E/jpGDPX/Spiwvp+vDjaGgB/c
vCMrsI1/ILULTz4h1ynO03D2IY6a/5Rdx0iPhLWFRVYhTw/0jJKqKjbQTw3SEhSC
8SwaIGcPjTSCbmrEaPs5FfMkIJYACf6PRHIqwPUVebgu0nHsNuaOjhGgGPvswjxd
ImCjkUOh5HGRQmZLl9mI/ae4plHhtVgOO/FPYCBugLjgKvo12Lr1xTAshqC4VisV
qNuZVrvw2+x5O6S8Hou5tFc6wHiLFtyhTwrvmW+HA/zmxtLorKs+txjOI9RTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXGodLbLW7PQzfIqjIpE7vhcWtpAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b50wDQYJKoZIhvcNAQELBQADggEBADvTB0Y8RWQihCumqhhl791BEal7si2W
3uXuhGm6rf9T2/NVk2o73dIijYxIVIlLBASAvFZg0NGcCekX5j3e1A8XGyETmJH2
CGoSZ6FTbSPIxHvrsFxcX/UBg0s9ig8kVVrjk+D7rXzbrD08mC6gSKbJ1ThI9Fnm
WzUnUFogEMNAdLKlWv1m2d3qCcyIYPQnTIizslIV+lewZ23qaShJIgMzAxFVLrBo
HwcMKTUBGStfpuWVpOhd8hC1ntlynjpgEf3NVlumxLwXViHSITLc8nYONjoANLrs
ALrE0aNorpfWT/EtzSBCzpqM0oxYYU2VX+FAHdeWFxoNHWKWMJ+iA+8=
-----END CERTIFICATE-----
Generated at Wed Apr 17 17:47:48 2024 by rpki-client on console-ams.rpki-client.org