Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
File: 3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: C8eqC0bpT6QuIu1yPKUZFVJrROsh+WN97ArZmnxt+3k=
Subject key identifier: 3C:E0:B7:96:BD:49:9E:5A:D8:A9:82:B0:70:E2:D4:38:4E:FF:65:D5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 74F5C25430AE2F3F45CC70C8BEA46A3287FD53BE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:53 +0000
ROA not before: Fri 20 Sep 2024 13:59:53 +0000
ROA not after: Fri 19 Sep 2025 14:04:53 +0000
asID: 51167
IP address blocks: 185.182.186.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:f5:c2:54:30:ae:2f:3f:45:cc:70:c8:be:a4:6a:32:87:fd:53:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:53 2024 GMT
Not After : Sep 19 14:04:53 2025 GMT
Subject: CN=3CE0B796BD499E5AD8A982B070E2D4384EFF65D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:f3:61:7a:86:d2:e0:69:8c:c1:8c:0e:20:
5e:df:20:cb:2a:ff:b1:af:65:76:0a:e8:a8:3d:07:
90:8d:b7:70:46:dc:3d:c0:4c:43:1c:a9:53:12:09:
74:7c:15:4e:8e:c6:f4:cd:fa:4c:f2:39:6b:f0:d9:
8a:da:c4:d8:07:0e:ff:d7:c6:df:dd:0a:0f:43:c9:
5f:5a:86:28:70:78:25:29:b2:ef:e6:99:93:38:02:
94:e5:24:ed:3b:69:12:b9:7a:e9:84:ad:84:dc:d4:
76:c9:52:c9:d8:ac:08:0a:09:db:b8:95:ad:99:9b:
1f:b3:ff:2c:b3:ac:12:28:bb:ce:2f:0b:47:88:a5:
42:78:5c:43:2d:c3:d4:c1:c4:be:58:41:c4:92:f5:
88:f3:5c:8d:6c:11:2f:08:c3:d1:40:bb:91:b6:a4:
5a:fe:85:83:d0:3a:2b:a8:2f:5c:42:a4:b3:36:e7:
e1:fb:84:2b:e8:45:39:e4:fb:2a:35:17:54:b2:a0:
03:94:7a:90:6f:36:09:bb:de:00:96:96:cf:49:56:
6a:c3:4c:fa:e5:0c:58:5b:5d:d8:82:a3:30:99:dd:
02:80:1d:bd:54:50:80:3e:95:27:45:a0:59:05:a6:
02:19:04:80:1e:8f:24:bf:f9:48:96:aa:f8:1e:00:
22:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E0:B7:96:BD:49:9E:5A:D8:A9:82:B0:70:E2:D4:38:4E:FF:65:D5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.186.0/23
Signature Algorithm: sha256WithRSAEncryption
25:6e:f2:10:9c:bf:9b:a5:73:49:8c:05:4a:f4:52:f1:6b:36:
a5:a6:8e:2c:3c:4f:88:30:99:f9:03:83:00:70:77:ae:49:63:
17:44:e6:62:ad:de:80:a7:69:1d:57:9a:1e:cd:cb:b9:a1:27:
50:f7:47:87:a6:74:17:36:3c:26:59:67:17:a7:c9:2f:6e:95:
cb:57:84:47:7a:80:82:c1:62:66:af:2d:fc:60:25:5a:bc:d5:
3c:ca:3e:48:70:36:6d:75:88:51:a2:1e:6b:4b:34:d0:8c:38:
b9:af:0e:a8:0d:4b:c1:43:83:48:6c:ec:e1:9e:72:56:56:90:
37:99:2c:75:b8:94:96:c5:04:09:a4:5c:e8:84:d4:14:5e:7e:
36:85:ef:43:3f:3d:de:06:93:bc:16:2e:89:1d:be:0c:1f:89:
02:cc:80:b8:d6:f3:f5:70:41:8b:0f:d3:9e:3c:46:bc:a1:8a:
b6:5b:94:ee:55:f2:af:95:41:2a:44:19:fe:e4:50:22:0a:2c:
3d:bb:e2:8a:78:eb:24:2c:df:73:2e:98:56:72:28:55:7e:af:
0d:01:39:f8:7c:53:a4:9f:78:d5:b2:b0:cc:83:82:c5:af:6b:
2a:1a:2f:41:90:5b:68:43:20:06:ed:fe:32:b8:50:50:6c:6b:
73:b7:5a:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdPXCVDCuLz9FzHDIvqRqMof9U74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTNaFw0yNTA5MTkxNDA0NTNaMDMxMTAvBgNV
BAMTKDNDRTBCNzk2QkQ0OTlFNUFEOEE5ODJCMDcwRTJENDM4NEVGRjY1RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRqPNheobS4GmMwYwOIF7fIMsq
/7GvZXYK6Kg9B5CNt3BG3D3ATEMcqVMSCXR8FU6OxvTN+kzyOWvw2YraxNgHDv/X
xt/dCg9DyV9ahihweCUpsu/mmZM4ApTlJO07aRK5eumErYTc1HbJUsnYrAgKCdu4
la2Zmx+z/yyzrBIou84vC0eIpUJ4XEMtw9TBxL5YQcSS9YjzXI1sES8Iw9FAu5G2
pFr+hYPQOiuoL1xCpLM25+H7hCvoRTnk+yo1F1SyoAOUepBvNgm73gCWls9JVmrD
TPrlDFhbXdiCozCZ3QKAHb1UUIA+lSdFoFkFpgIZBIAejyS/+UiWqvgeACJ5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPOC3lr1JnlrYqYKwcOLUOE7/ZdUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzIyZTMx
MzgzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5trowDQYJKoZIhvcNAQELBQADggEBACVu8hCcv5ulc0mMBUr0UvFrNqWmjiw8
T4gwmfkDgwBwd65JYxdE5mKt3oCnaR1Xmh7Ny7mhJ1D3R4emdBc2PCZZZxenyS9u
lctXhEd6gILBYmavLfxgJVq81TzKPkhwNm11iFGiHmtLNNCMOLmvDqgNS8FDg0hs
7OGeclZWkDeZLHW4lJbFBAmkXOiE1BRefjaF70M/Pd4Gk7wWLokdvgwfiQLMgLjW
8/VwQYsP0548RryhirZblO5V8q+VQSpEGf7kUCIKLD274op46yQs33MumFZyKFV+
rw0BOfh8U6SfeNWysMyDgsWvayoaL0GQW2hDIAbt/jK4UFBsa3O3WlQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org