Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
File: 3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: t4R8IGlpoP4o8wXbUB+Bdu04yNhYLBb747Ipqh5SY0I=
Subject key identifier: 6B:E6:61:93:EE:E0:87:E0:78:78:DA:0E:0B:5E:38:30:84:8F:55:E5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 56EFDE95E9C1078CDDABEEC6D63A64F34634B03F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Wed 12 Jun 2024 10:16:08 +0000
ROA not before: Wed 12 Jun 2024 10:11:08 +0000
ROA not after: Wed 11 Jun 2025 10:16:08 +0000
asID: 51167
IP address blocks: 185.133.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ef:de:95:e9:c1:07:8c:dd:ab:ee:c6:d6:3a:64:f3:46:34:b0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 12 10:11:08 2024 GMT
Not After : Jun 11 10:16:08 2025 GMT
Subject: CN=6BE66193EEE087E07878DA0E0B5E3830848F55E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:53:9d:17:66:7f:da:a4:b4:25:e5:25:c5:39:
5c:c2:88:62:aa:7e:ef:bf:dd:97:1c:c7:0f:d6:98:
51:ec:8c:e4:c1:3c:50:13:bd:90:d6:06:9d:9f:80:
78:3d:a5:1e:6b:15:a8:b4:37:f6:91:a0:45:8f:53:
62:4a:a3:42:bc:80:98:b9:36:9a:86:50:a7:80:5b:
3a:3c:a5:97:b7:26:3f:28:db:5b:9e:a3:0a:6d:e8:
e7:4b:02:be:07:f1:0e:84:23:9f:4a:13:6d:c4:db:
71:fe:17:15:d9:eb:7d:79:16:ea:7d:8f:b8:18:3e:
e3:a3:93:ad:20:9d:bc:3a:ff:9f:af:6f:cb:92:5e:
d3:26:d2:71:b0:95:fd:b4:fa:db:f1:0c:da:fd:ff:
ca:a3:50:07:93:93:4b:ed:71:8c:86:17:6d:5b:ba:
c7:d6:39:9c:df:af:05:57:82:cf:59:78:e1:a8:44:
94:3c:91:b2:0a:c3:68:bf:13:7d:2c:ab:57:dc:6b:
7b:7f:4e:5a:85:4e:c7:3a:28:05:e1:66:bc:9c:8d:
1c:a1:30:40:e2:d4:70:b5:ac:bf:04:08:b8:5a:94:
67:29:7d:84:c9:15:66:c1:49:3f:43:11:20:6d:f1:
39:42:54:97:00:38:ca:11:d6:f9:d2:07:43:72:d6:
c7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E6:61:93:EE:E0:87:E0:78:78:DA:0E:0B:5E:38:30:84:8F:55:E5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.248.0/23
Signature Algorithm: sha256WithRSAEncryption
04:6d:17:43:79:4f:7b:4e:6d:e3:88:b1:be:60:e2:9b:24:e3:
4b:64:c7:ae:60:94:29:83:ad:f9:e7:1b:fc:28:a5:61:0a:59:
03:2f:a0:a1:79:fe:f7:16:2b:8d:a2:4a:4d:6d:2f:df:13:37:
49:3d:ae:40:e1:f1:78:96:5e:07:76:ab:1e:83:6b:2a:0a:94:
52:cc:92:14:0e:11:18:e7:ab:5c:c1:55:bc:a7:75:ac:82:33:
80:09:8d:49:ef:9c:14:20:f0:29:46:d1:50:0e:ae:88:51:ab:
dd:f0:58:92:86:56:14:e1:14:dc:59:11:c8:12:25:c6:d2:34:
bb:4c:df:94:89:0c:25:45:33:ba:dc:94:4d:bb:82:aa:47:65:
52:d0:e0:b4:40:ef:d9:d5:29:ff:97:3a:ff:75:2e:5e:64:dc:
19:01:e9:97:49:8a:59:18:b8:6f:cb:ea:8a:aa:79:e1:67:33:
31:6c:f9:7e:97:0e:7c:e9:62:f3:0d:fd:f2:84:72:42:23:36:
f9:43:0e:c7:31:f6:3b:ff:62:3e:f5:9f:83:7e:f3:9b:95:b8:
e5:be:10:ba:27:4a:02:6a:f6:c2:0e:81:64:6c:d3:2e:c3:f3:
2f:f0:f6:39:fc:4b:98:ff:2c:a0:0b:99:3d:3f:42:44:33:57:
d4:85:02:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVu/elenBB4zdq+7G1jpk80Y0sD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTIxMDExMDhaFw0yNTA2MTExMDE2MDhaMDMxMTAvBgNV
BAMTKDZCRTY2MTkzRUVFMDg3RTA3ODc4REEwRTBCNUUzODMwODQ4RjU1RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOU50XZn/apLQl5SXFOVzCiGKq
fu+/3Zccxw/WmFHsjOTBPFATvZDWBp2fgHg9pR5rFai0N/aRoEWPU2JKo0K8gJi5
NpqGUKeAWzo8pZe3Jj8o21ueowpt6OdLAr4H8Q6EI59KE23E23H+FxXZ6315Fup9
j7gYPuOjk60gnbw6/5+vb8uSXtMm0nGwlf20+tvxDNr9/8qjUAeTk0vtcYyGF21b
usfWOZzfrwVXgs9ZeOGoRJQ8kbIKw2i/E30sq1fca3t/TlqFTsc6KAXhZrycjRyh
MEDi1HC1rL8ECLhalGcpfYTJFWbBST9DESBt8TlCVJcAOMoR1vnSB0Ny1scnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUa+Zhk+7gh+B4eNoOC144MISPVeUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMzMzMyZTMy
MzQzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5hfgwDQYJKoZIhvcNAQELBQADggEBAARtF0N5T3tObeOIsb5g4psk40tkx65g
lCmDrfnnG/wopWEKWQMvoKF5/vcWK42iSk1tL98TN0k9rkDh8XiWXgd2qx6DayoK
lFLMkhQOERjnq1zBVbyndayCM4AJjUnvnBQg8ClG0VAOrohRq93wWJKGVhThFNxZ
EcgSJcbSNLtM35SJDCVFM7rclE27gqpHZVLQ4LRA79nVKf+XOv91Ll5k3BkB6ZdJ
ilkYuG/L6oqqeeFnMzFs+X6XDnzpYvMN/fKEckIjNvlDDscx9jv/Yj71n4N+85uV
uOW+ELonSgJq9sIOgWRs0y7D8y/w9jn8S5j/LKALmT0/QkQzV9SFAnI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org