Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 5wJlaYKxGzjn5zU2g7O1fllc7Zanxi8IFozSTFGzLQ4=
Subject key identifier: 0D:1D:DB:99:F7:39:B9:75:EA:48:99:E0:1B:08:A4:2F:4D:E4:32:3A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7CEA5144F8FA43DA79BD99DB2EAFD4D004F23E84
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:00:36 +0000
ROA not before: Sun 11 Jun 2023 10:55:36 +0000
ROA not after: Sun 09 Jun 2024 11:00:36 +0000
asID: 136787
IP address blocks: 185.177.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:ea:51:44:f8:fa:43:da:79:bd:99:db:2e:af:d4:d0:04:f2:3e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:55:36 2023 GMT
Not After : Jun 9 11:00:36 2024 GMT
Subject: CN=0D1DDB99F739B975EA4899E01B08A42F4DE4323A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:3b:90:69:6a:21:5c:65:91:01:9d:28:9e:
0b:a5:47:8e:30:8c:0d:39:f0:5a:24:1e:6f:fd:b0:
01:8e:50:d3:0a:1a:54:a5:f2:e9:65:d9:b3:8a:3f:
be:1f:12:25:5c:94:22:dc:6c:64:17:43:e8:7d:71:
83:56:43:af:d9:92:4e:8e:4c:7b:27:e9:73:55:5b:
cf:7b:a6:30:d9:86:e8:e5:36:a8:24:f9:ff:d3:6a:
a3:6b:3b:43:d8:34:73:b2:da:08:3e:7a:bc:85:f1:
ad:89:1c:a7:53:d5:d5:54:9f:be:ff:46:00:b3:78:
ea:4f:5c:a7:b6:02:d4:14:fd:b3:f1:0c:69:68:40:
e3:54:85:65:51:f2:a2:c9:0e:d1:5e:f9:76:84:b9:
85:fb:06:3c:b8:4a:b8:80:60:02:9f:ab:83:96:a9:
6e:60:dc:15:e1:44:f6:b3:a8:60:b1:d1:70:3d:11:
d6:9d:8e:b3:26:37:01:56:32:5a:a2:ef:0e:c3:6e:
6d:c4:77:3e:90:1a:60:81:ec:c8:74:d7:87:28:3a:
0d:c0:03:59:6a:c0:35:69:e1:96:59:77:94:bf:94:
04:a0:6d:74:59:aa:6d:e9:95:35:fc:cd:bc:c8:db:
66:55:44:6b:54:dc:1b:33:fc:48:53:55:4d:6a:53:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1D:DB:99:F7:39:B9:75:EA:48:99:E0:1B:08:A4:2F:4D:E4:32:3A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.119.0/24
Signature Algorithm: sha256WithRSAEncryption
27:63:25:e1:c5:96:88:12:46:98:d0:a1:9d:b7:60:85:d2:c6:
3b:c4:98:2c:8e:e9:aa:b3:af:6b:3f:5a:2b:a7:37:a5:16:c5:
7f:71:80:c4:e4:44:8b:cb:17:86:59:f3:1b:3c:ee:21:cc:ed:
9a:8f:35:5c:7a:31:d2:8e:43:70:ca:2b:1d:5f:be:04:12:23:
70:02:ce:bf:ee:86:2a:d5:a0:76:fb:7c:bc:ba:a6:d4:76:4e:
04:10:e6:c4:c8:fe:32:8e:92:a2:df:63:99:c7:f2:28:88:e8:
98:97:9d:46:d8:84:fe:44:57:9a:6c:2a:59:d2:d5:e2:7f:db:
9c:5c:c7:ea:00:9c:d6:b4:59:3e:2a:49:5a:c4:d6:cc:5a:8d:
43:3e:75:22:6e:16:45:a1:f4:41:cb:9b:7e:83:e1:fc:f1:e7:
83:03:6f:54:2b:21:1f:c2:11:1e:0f:0b:09:4f:91:44:45:54:
4e:0e:a2:d4:cb:7a:23:f0:31:13:36:2d:4c:2a:1d:b1:b5:e8:
9d:ad:22:13:67:90:e7:0a:58:16:f8:54:49:3d:c0:17:86:e9:
9e:71:20:d7:d0:3d:d8:84:3f:45:d0:de:26:2f:56:d8:af:81:
05:5e:e6:fa:8a:50:bc:16:ad:51:db:f2:1a:c9:22:6c:64:be:
80:ca:59:9b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfOpRRPj6Q9p5vZnbLq/U0ATyPoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU1MzZaFw0yNDA2MDkxMTAwMzZaMDMxMTAvBgNV
BAMTKDBEMUREQjk5RjczOUI5NzVFQTQ4OTlFMDFCMDhBNDJGNERFNDMyM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0DuQaWohXGWRAZ0ongulR44w
jA058FokHm/9sAGOUNMKGlSl8ull2bOKP74fEiVclCLcbGQXQ+h9cYNWQ6/Zkk6O
THsn6XNVW897pjDZhujlNqgk+f/TaqNrO0PYNHOy2gg+eryF8a2JHKdT1dVUn77/
RgCzeOpPXKe2AtQU/bPxDGloQONUhWVR8qLJDtFe+XaEuYX7Bjy4SriAYAKfq4OW
qW5g3BXhRPazqGCx0XA9EdadjrMmNwFWMlqi7w7Dbm3Edz6QGmCB7Mh014coOg3A
A1lqwDVp4ZZZd5S/lASgbXRZqm3plTX8zbzI22ZVRGtU3Bsz/EhTVU1qU6g1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDR3bmfc5uXXqSJngGwikL03kMjowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzcyZTMx
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmxdzANBgkqhkiG9w0BAQsFAAOCAQEAJ2Ml4cWWiBJGmNChnbdghdLGO8SY
LI7pqrOvaz9aK6c3pRbFf3GAxOREi8sXhlnzGzzuIcztmo81XHox0o5DcMorHV++
BBIjcALOv+6GKtWgdvt8vLqm1HZOBBDmxMj+Mo6Sot9jmcfyKIjomJedRtiE/kRX
mmwqWdLV4n/bnFzH6gCc1rRZPipJWsTWzFqNQz51Im4WRaH0QcubfoPh/PHngwNv
VCshH8IRHg8LCU+RREVUTg6i1Mt6I/AxEzYtTCodsbXona0iE2eQ5wpYFvhUST3A
F4bpnnEg19A92IQ/RdDeJi9W2K+BBV7m+opQvBatUdvyGskibGS+gMpZmw==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org