Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136382e392e302f32342d3332203d3e20313336373837.roa
File: 3138352e3136382e392e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: CprG/F7D63+6Mvl7kn/fuqNXHCm9YypOliSbhiF8mlg=
Subject key identifier: 0C:10:86:E9:56:52:80:45:44:89:EE:5A:6F:0D:43:1E:37:34:A8:1F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 64C1D22E120F4FAAE46B3E48155DF76DEBA35E94
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136382e392e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:15 +0000
ROA not before: Mon 26 Feb 2024 08:48:15 +0000
ROA not after: Mon 24 Feb 2025 08:53:15 +0000
asID: 136787
IP address blocks: 185.168.9.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:c1:d2:2e:12:0f:4f:aa:e4:6b:3e:48:15:5d:f7:6d:eb:a3:5e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:15 2024 GMT
Not After : Feb 24 08:53:15 2025 GMT
Subject: CN=0C1086E9565280454489EE5A6F0D431E3734A81F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:06:da:95:2e:60:fa:dd:7e:92:d4:14:48:eb:
19:cb:aa:e7:82:19:af:98:53:1d:a8:3c:8c:df:1d:
2b:8e:a8:0b:f5:d5:99:0e:ef:eb:fe:15:4c:b8:2f:
bc:37:86:e2:76:bd:a0:5f:74:13:20:f2:2e:cb:86:
01:fc:9c:40:46:01:c9:0d:12:a5:09:19:d6:6d:c8:
87:d6:24:90:2d:74:0b:b3:55:aa:f1:e4:3c:d9:f1:
2d:f9:79:29:c8:bb:9f:07:dc:06:ef:ce:ec:9b:07:
d5:20:ac:44:79:ad:d5:91:41:93:d5:3e:9f:57:8f:
84:98:06:d1:47:e4:af:b1:21:07:54:cc:4f:ad:24:
87:88:18:5c:88:71:ec:6d:10:4c:9a:de:5f:ae:8c:
97:77:4a:36:52:8d:1a:ec:7c:e4:28:b5:aa:de:6b:
02:5c:86:34:2d:16:a2:67:0d:ad:d6:6e:b9:23:d6:
a4:f4:0f:42:34:32:5f:60:6d:a2:8e:06:1e:0d:a3:
bb:b7:6a:f2:03:b5:77:6f:a2:28:02:d4:84:73:98:
40:f7:f9:e8:ad:38:e6:8a:6d:78:ff:da:dc:4e:e4:
df:72:dd:5e:fd:a3:58:0d:a3:0f:b4:8e:4f:5e:5b:
54:66:65:33:de:ee:29:52:22:cf:33:14:38:e1:ae:
30:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:10:86:E9:56:52:80:45:44:89:EE:5A:6F:0D:43:1E:37:34:A8:1F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136382e392e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.9.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f4:58:b9:3a:e7:99:dd:34:e3:58:eb:4e:14:ac:19:2f:9f:
63:6e:4a:7d:4f:a1:1f:92:8b:48:98:60:ef:b8:de:ef:0b:c6:
b1:a9:8b:db:1c:7c:e1:15:d3:3b:d7:b0:61:4d:13:61:56:ed:
57:c4:1b:4c:5e:12:b6:ed:70:86:e6:a3:d3:e2:cc:d6:f3:22:
ff:22:34:97:0a:15:c2:59:ea:9b:0c:0b:36:8a:ad:21:2c:30:
7e:62:cc:2d:6f:c7:d0:a8:1c:10:71:b5:5f:0b:53:b7:7b:a6:
32:bd:81:56:d1:d8:e8:ff:3f:e8:70:25:68:78:77:f4:41:71:
80:8c:7b:87:be:e7:5b:99:b7:5d:d9:32:e1:40:bb:56:4a:3a:
7d:03:f6:89:ba:d5:f5:14:25:eb:60:0e:b1:f5:8f:27:39:f3:
24:23:fc:af:37:23:38:78:21:f5:7b:ea:b4:42:21:be:34:65:
3b:c2:cb:88:ac:f7:cb:b9:25:47:40:09:e6:2b:34:d3:98:3c:
ce:d6:92:ff:7e:0b:38:c3:cd:b1:6b:b5:c1:56:14:a8:ae:60:
6c:18:22:0e:fc:2a:51:a0:f9:8f:2d:e4:e3:c5:c8:52:d3:38:
f2:c9:57:4b:01:3a:1b:20:bc:52:d9:07:46:3a:69:3a:ce:aa:
dd:f2:fc:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZMHSLhIPT6rkaz5IFV33beujXpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTVaFw0yNTAyMjQwODUzMTVaMDMxMTAvBgNV
BAMTKDBDMTA4NkU5NTY1MjgwNDU0NDg5RUU1QTZGMEQ0MzFFMzczNEE4MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGBtqVLmD63X6S1BRI6xnLqueC
Ga+YUx2oPIzfHSuOqAv11ZkO7+v+FUy4L7w3huJ2vaBfdBMg8i7LhgH8nEBGAckN
EqUJGdZtyIfWJJAtdAuzVarx5DzZ8S35eSnIu58H3AbvzuybB9UgrER5rdWRQZPV
Pp9Xj4SYBtFH5K+xIQdUzE+tJIeIGFyIcextEEya3l+ujJd3SjZSjRrsfOQotare
awJchjQtFqJnDa3Wbrkj1qT0D0I0Ml9gbaKOBh4No7u3avIDtXdvoigC1IRzmED3
+eitOOaKbXj/2txO5N9y3V79o1gNow+0jk9eW1RmZTPe7ilSIs8zFDjhrjDBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDBCG6VZSgEVEie5abw1DHjc0qB8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzgyZTM5
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uagJMA0GCSqGSIb3DQEBCwUAA4IBAQCM9Fi5OueZ3TTjWOtOFKwZL59jbkp9T6Ef
kotImGDvuN7vC8axqYvbHHzhFdM717BhTRNhVu1XxBtMXhK27XCG5qPT4szW8yL/
IjSXChXCWeqbDAs2iq0hLDB+Yswtb8fQqBwQcbVfC1O3e6YyvYFW0djo/z/ocCVo
eHf0QXGAjHuHvudbmbdd2TLhQLtWSjp9A/aJutX1FCXrYA6x9Y8nOfMkI/yvNyM4
eCH1e+q0QiG+NGU7wsuIrPfLuSVHQAnmKzTTmDzO1pL/fgs4w82xa7XBVhSormBs
GCIO/CpRoPmPLeTjxchS0zjyyVdLATobILxS2QdGOmk6zqrd8vxH
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org