Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
File: 3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OXMe3lrtAyso/dEGTQM6ERd3ZmHVMRVWyhyVSzOy3rw=
Subject key identifier: 57:09:72:0D:C1:95:DB:5E:BB:6C:85:85:C5:4B:D3:08:DB:FC:2F:6A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2121E2CA21E52341C3291054CAED9B5C38D4936C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:29 +0000
ROA not before: Mon 26 Feb 2024 08:48:29 +0000
ROA not after: Mon 24 Feb 2025 08:53:29 +0000
asID: 136787
IP address blocks: 185.128.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:21:e2:ca:21:e5:23:41:c3:29:10:54:ca:ed:9b:5c:38:d4:93:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:29 2024 GMT
Not After : Feb 24 08:53:29 2025 GMT
Subject: CN=5709720DC195DB5EBB6C8585C54BD308DBFC2F6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:50:2d:e2:d9:ac:a1:3b:b9:95:9c:3e:22:6e:
29:84:c7:36:21:e7:50:95:1e:62:3d:31:c6:f1:b1:
19:ea:24:e4:43:d0:e9:1f:07:ac:21:dd:a0:83:ac:
57:0f:e6:20:20:0d:80:d1:7c:18:0f:e2:11:ea:87:
a8:32:71:5d:ff:6d:2c:65:1e:e2:79:c3:4c:ad:a3:
16:43:47:5e:ef:39:d8:0a:56:d7:a8:b8:f7:f8:11:
15:a7:03:08:49:42:c2:1a:6e:b0:aa:55:2c:9c:c5:
86:87:96:80:45:27:df:5a:f9:b0:67:16:55:19:8f:
46:c7:a8:c5:91:13:ce:77:df:38:6d:2e:5e:6d:2a:
c7:6d:f8:5f:27:f4:41:6f:60:08:b4:6a:a5:f5:69:
03:09:da:06:02:8f:1a:59:b4:b9:67:de:39:3e:c4:
66:81:c3:f1:bc:83:5f:85:d5:1f:21:50:6c:00:00:
f4:6b:51:80:b8:d4:16:89:bf:2b:ba:9e:90:49:61:
a4:ef:e3:bb:f1:22:cd:0b:aa:0d:dd:b2:e6:aa:05:
f9:a6:81:5c:7a:57:a1:10:45:02:fe:b4:1c:85:68:
2b:af:81:25:03:29:44:f5:07:9f:a1:3c:f3:a2:08:
a4:fd:39:9e:86:de:9e:5a:d0:90:4d:cb:b7:57:20:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:09:72:0D:C1:95:DB:5E:BB:6C:85:85:C5:4B:D3:08:DB:FC:2F:6A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.126.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:7e:c7:cf:43:89:5f:51:81:66:19:01:35:47:5c:fe:47:0f:
e5:a4:3c:0d:95:a6:99:78:78:a3:6f:80:46:f3:95:cc:70:ca:
d0:c3:e0:94:e4:fe:7e:1c:38:c1:dd:a9:c5:34:fd:d8:b5:a5:
2b:67:43:d7:aa:e6:8c:f6:3d:b6:47:5c:e5:63:7d:e2:41:6e:
82:ea:1c:c0:8e:b6:9d:79:4d:96:44:6c:11:e2:9c:a3:5d:d1:
ec:8f:6d:bf:49:3c:99:b9:5f:41:2b:08:9c:55:56:35:05:dd:
ec:af:8f:1c:f2:5f:ce:db:aa:a3:fe:0a:ee:d2:06:0e:bd:c3:
06:9e:82:ea:5b:87:e5:ab:8d:9c:74:3e:fd:bd:74:dd:db:48:
6e:9c:4d:58:00:2b:69:03:c3:47:c9:1e:f0:fc:dd:e6:96:1f:
bc:80:a6:ab:a5:5c:d1:06:8e:58:47:5f:80:76:5d:10:7f:cb:
44:e7:d3:28:8e:48:61:ae:91:a4:a8:b7:7d:e4:00:85:b4:30:
bb:b9:1d:8d:b1:78:79:12:fa:fd:7e:ac:ec:65:4a:b5:b8:43:
fa:fd:41:9b:1d:0f:a3:b8:80:a9:42:19:4b:74:f5:ba:94:da:
10:f7:45:aa:af:fb:b4:b2:b9:d9:84:7e:18:3a:97:28:b3:fb:
fc:55:f8:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUISHiyiHlI0HDKRBUyu2bXDjUk2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjlaFw0yNTAyMjQwODUzMjlaMDMxMTAvBgNV
BAMTKDU3MDk3MjBEQzE5NURCNUVCQjZDODU4NUM1NEJEMzA4REJGQzJGNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnUC3i2ayhO7mVnD4ibimExzYh
51CVHmI9McbxsRnqJORD0OkfB6wh3aCDrFcP5iAgDYDRfBgP4hHqh6gycV3/bSxl
HuJ5w0ytoxZDR17vOdgKVteouPf4ERWnAwhJQsIabrCqVSycxYaHloBFJ99a+bBn
FlUZj0bHqMWRE8533zhtLl5tKsdt+F8n9EFvYAi0aqX1aQMJ2gYCjxpZtLln3jk+
xGaBw/G8g1+F1R8hUGwAAPRrUYC41BaJvyu6npBJYaTv47vxIs0Lqg3dsuaqBfmm
gVx6V6EQRQL+tByFaCuvgSUDKUT1B5+hPPOiCKT9OZ6G3p5a0JBNy7dXIEQjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUVwlyDcGV2167bIWFxUvTCNv8L2owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMyMzgyZTMx
MzIzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbmAfjANBgkqhkiG9w0BAQsFAAOCAQEAnn7Hz0OJX1GBZhkBNUdc/kcP5aQ8
DZWmmXh4o2+ARvOVzHDK0MPglOT+fhw4wd2pxTT92LWlK2dD16rmjPY9tkdc5WN9
4kFuguocwI62nXlNlkRsEeKco13R7I9tv0k8mblfQSsInFVWNQXd7K+PHPJfztuq
o/4K7tIGDr3DBp6C6luH5auNnHQ+/b103dtIbpxNWAAraQPDR8ke8Pzd5pYfvICm
q6Vc0QaOWEdfgHZdEH/LROfTKI5IYa6RpKi3feQAhbQwu7kdjbF4eRL6/X6s7GVK
tbhD+v1Bmx0Po7iAqUIZS3T1upTaEPdFqq/7tLK52YR+GDqXKLP7/FX4Mw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org