Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
File: 3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: igwKGKODQi35bfqAImsdTZ7f+hzKpB63KM6BJJJpvWU=
Subject key identifier: DF:27:31:0E:17:D8:46:CB:52:33:6A:9F:9F:BA:73:31:BB:0A:09:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2416C5CB09D2DA61EE3945DDDBF4178A71499D55
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
Signing time: Mon 26 Feb 2024 08:53:16 +0000
ROA not before: Mon 26 Feb 2024 08:48:16 +0000
ROA not after: Mon 24 Feb 2025 08:53:16 +0000
asID: 61317
IP address blocks: 185.111.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:16:c5:cb:09:d2:da:61:ee:39:45:dd:db:f4:17:8a:71:49:9d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:16 2024 GMT
Not After : Feb 24 08:53:16 2025 GMT
Subject: CN=DF27310E17D846CB52336A9F9FBA7331BB0A09A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:e4:e7:7b:05:80:e7:8a:19:64:26:f0:cd:
3f:44:fc:77:03:c3:6c:6e:c4:7e:87:12:00:f2:25:
0a:fd:22:9f:a1:8b:fa:94:a6:7b:b1:59:b6:b0:58:
81:a3:49:d4:60:73:7c:bf:ed:1c:f3:4c:90:99:f5:
c4:77:1e:7f:96:76:8b:79:a9:83:36:c0:5c:d8:6a:
be:f6:7e:5b:d4:86:01:b7:14:f3:03:ef:78:e2:14:
ae:8b:4f:87:af:dd:1c:ce:7b:c6:d1:c2:d1:5e:1d:
76:fc:90:58:7d:c4:26:b3:c6:e6:25:41:db:da:ac:
d2:fb:5a:14:a3:0b:72:bf:a6:45:5d:2b:21:06:21:
59:bd:41:70:9b:c2:5a:3e:fa:a7:05:2c:29:5c:7f:
cd:56:76:2c:ef:0e:3a:e4:81:45:96:ab:4b:f8:13:
f0:94:7a:d4:db:43:a7:57:a7:b7:b7:7f:f4:19:13:
8e:b1:c5:18:e4:f3:5b:38:35:5e:4f:2e:e3:67:1e:
86:cd:40:da:0a:83:f0:67:40:5e:69:38:bf:44:9d:
4f:c3:ea:e7:2a:5c:a1:7d:92:da:ee:de:1a:fa:d1:
fa:b3:0a:50:6f:71:71:5c:a5:e8:18:c5:11:0e:2a:
71:fb:35:84:bc:31:e9:95:5a:67:18:97:c2:f7:b6:
e1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:27:31:0E:17:D8:46:CB:52:33:6A:9F:9F:BA:73:31:BB:0A:09:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.158.0/24
Signature Algorithm: sha256WithRSAEncryption
39:d4:31:0b:1b:13:7d:34:b3:ae:2b:e9:f6:07:e1:ce:57:2b:
7a:53:06:5a:94:e4:60:04:39:90:9b:34:19:1f:5f:ba:c3:62:
4a:d8:83:f8:02:3e:fb:7e:0e:95:82:b5:10:ef:d5:5f:62:c5:
42:03:cc:c9:d1:b0:10:e0:e3:4d:ac:bf:3f:c4:57:44:99:56:
21:b7:23:e6:2b:71:b4:4f:85:6e:39:3c:60:9a:19:eb:df:f8:
ba:8c:73:10:64:d5:fe:ed:ce:28:a7:04:91:24:13:57:8a:f1:
de:c4:ed:83:08:60:67:9c:f1:ac:60:e3:8c:2f:82:c2:87:fb:
8e:7a:fb:98:ab:c8:db:92:01:b4:29:56:28:e7:56:2b:a8:88:
92:93:06:db:e6:e0:a5:7b:3e:17:47:57:11:de:03:8e:c5:cf:
9f:c7:af:10:49:08:e8:4b:fa:4c:24:48:a7:09:ca:4d:40:0c:
07:b6:6a:da:9d:64:d5:c3:0b:5a:88:9a:b0:10:ac:d3:87:9e:
ee:e0:20:cd:88:5a:80:c7:f6:49:90:c1:65:2c:31:33:01:ad:
c6:2b:74:71:a8:17:d3:ef:c9:3a:a0:b4:30:a4:72:d5:bc:4c:
6b:9e:6b:cc:c9:66:b8:3d:d4:6e:e3:fc:9a:d0:b9:03:9c:2a:
23:28:77:92
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJBbFywnS2mHuOUXd2/QXinFJnVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTZaFw0yNTAyMjQwODUzMTZaMDMxMTAvBgNV
BAMTKERGMjczMTBFMTdEODQ2Q0I1MjMzNkE5RjlGQkE3MzMxQkIwQTA5QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC1+TnewWA54oZZCbwzT9E/HcD
w2xuxH6HEgDyJQr9Ip+hi/qUpnuxWbawWIGjSdRgc3y/7RzzTJCZ9cR3Hn+Wdot5
qYM2wFzYar72flvUhgG3FPMD73jiFK6LT4ev3RzOe8bRwtFeHXb8kFh9xCazxuYl
QdvarNL7WhSjC3K/pkVdKyEGIVm9QXCbwlo++qcFLClcf81WdizvDjrkgUWWq0v4
E/CUetTbQ6dXp7e3f/QZE46xxRjk81s4NV5PLuNnHobNQNoKg/BnQF5pOL9EnU/D
6ucqXKF9ktru3hr60fqzClBvcXFcpegYxREOKnH7NYS8MemVWmcYl8L3tuGBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3ycxDhfYRstSM2qfn7pzMbsKCaAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b54wDQYJKoZIhvcNAQELBQADggEBADnUMQsbE300s64r6fYH4c5XK3pTBlqU
5GAEOZCbNBkfX7rDYkrYg/gCPvt+DpWCtRDv1V9ixUIDzMnRsBDg402svz/EV0SZ
ViG3I+YrcbRPhW45PGCaGevf+LqMcxBk1f7tziinBJEkE1eK8d7E7YMIYGec8axg
44wvgsKH+456+5iryNuSAbQpVijnViuoiJKTBtvm4KV7PhdHVxHeA47Fz5/HrxBJ
COhL+kwkSKcJyk1ADAe2atqdZNXDC1qImrAQrNOHnu7gIM2IWoDH9kmQwWUsMTMB
rcYrdHGoF9PvyTqgtDCkctW8TGuea8zJZrg91G7j/JrQuQOcKiMod5I=
-----END CERTIFICATE-----
Generated at Thu Apr 25 10:40:51 2024 by rpki-client on console-ams.rpki-client.org