Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
File: 3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa (raw, json)
Hash identifier: /3sgBksC3uY+NbC+nWACON/PDrM+/gtDRlFaMh0OPgM=
Subject key identifier: 1C:4E:9C:7F:2D:DC:03:47:FE:8C:E0:16:64:3F:B5:42:CC:AF:2E:DC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 412F1668580FB4B52D54B8F7DD6216312394D356
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
Signing time: Fri 11 Oct 2024 20:05:14 +0000
ROA not before: Fri 11 Oct 2024 20:00:14 +0000
ROA not after: Fri 10 Oct 2025 20:05:14 +0000
asID: 51167
IP address blocks: 185.184.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2f:16:68:58:0f:b4:b5:2d:54:b8:f7:dd:62:16:31:23:94:d3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 11 20:00:14 2024 GMT
Not After : Oct 10 20:05:14 2025 GMT
Subject: CN=1C4E9C7F2DDC0347FE8CE016643FB542CCAF2EDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9a:13:7d:bf:b0:d3:4d:80:88:15:4d:0d:d1:
8c:0e:dd:ab:4b:b7:e2:0d:37:50:1b:d6:5b:d3:d4:
5a:5a:39:82:32:13:41:31:cd:81:f2:7d:df:8a:cd:
e0:88:e3:bb:94:63:9f:ec:78:e6:41:42:aa:a4:52:
0d:0c:f4:47:6f:73:3c:fb:9c:08:6f:0c:25:dd:64:
9f:f6:e8:c2:d1:28:b9:3c:75:a1:32:0b:45:89:2a:
e9:9f:eb:bb:bc:fc:95:72:c1:3d:52:e6:1a:08:79:
5a:8f:5e:f2:60:1c:45:82:bd:07:03:c3:65:5e:5b:
b1:69:d3:56:62:92:7f:ec:60:16:cf:8a:53:dc:d7:
f7:ac:b3:7a:b1:ca:47:22:51:52:f9:a7:8b:8f:c8:
df:63:ee:bb:b5:a5:28:d9:28:0a:55:7d:8d:60:08:
77:93:25:fb:00:a5:f4:9d:e5:a2:f3:d8:9e:ae:e6:
28:ef:38:b0:f2:94:ac:fa:bc:7f:cb:1c:39:4f:41:
13:0e:d5:0a:cf:94:ef:fd:06:e5:c2:e7:c0:55:ad:
e9:b9:c8:d2:0d:b2:8f:63:e6:06:9a:e1:0b:b7:85:
ac:5a:7c:94:cb:a6:c3:dd:0d:78:2a:e8:f4:b9:fd:
a9:04:15:9e:fb:51:3a:56:01:6b:c4:66:d2:86:65:
d6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4E:9C:7F:2D:DC:03:47:FE:8C:E0:16:64:3F:B5:42:CC:AF:2E:DC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.188.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f6:f0:a6:a1:28:91:5a:69:62:03:e1:54:ab:84:97:23:25:
58:0c:cd:d0:fd:bd:1f:3e:8e:1d:65:db:b0:43:d7:3a:60:b1:
21:5e:07:7c:b6:2e:cc:7c:54:15:64:eb:d2:66:5e:45:4e:e8:
83:16:8f:c5:c5:c3:1c:b6:31:a8:72:fc:3d:84:fc:77:fb:1a:
35:f3:fe:d1:57:ea:4f:d3:64:0f:d9:cd:41:c7:30:e5:e7:5b:
56:ba:e5:44:5f:23:c6:7b:d4:6d:ca:04:84:ac:4f:77:b5:4d:
ce:72:72:81:8b:d1:46:22:2f:e0:9a:d5:bb:3b:c7:b1:3a:8e:
32:ff:c6:69:02:d5:24:7c:d5:b3:0e:3d:bb:51:a8:32:9e:de:
ae:2e:18:91:56:48:c3:71:59:1f:b1:61:85:01:f3:e0:ea:30:
2b:38:6a:03:44:1f:91:b9:49:46:47:31:00:56:8e:ce:5a:71:
a7:fd:0e:70:64:2e:2f:69:45:57:e0:f6:db:67:cf:e2:3c:2c:
77:db:a3:04:3c:e4:f7:ff:95:ee:f4:2b:50:cc:5d:c7:b2:bf:
4e:fd:6f:ce:3f:b9:b1:76:4e:84:85:94:10:91:42:45:41:ba:
0b:dc:9b:ec:9a:22:57:9d:04:60:d6:cc:03:5a:0f:c7:09:26:
9e:17:f0:fc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQS8WaFgPtLUtVLj33WIWMSOU01YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMTEyMDAwMTRaFw0yNTEwMTAyMDA1MTRaMDMxMTAvBgNV
BAMTKDFDNEU5QzdGMkREQzAzNDdGRThDRTAxNjY0M0ZCNTQyQ0NBRjJFREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9mhN9v7DTTYCIFU0N0YwO3atL
t+INN1Ab1lvT1FpaOYIyE0ExzYHyfd+KzeCI47uUY5/seOZBQqqkUg0M9Edvczz7
nAhvDCXdZJ/26MLRKLk8daEyC0WJKumf67u8/JVywT1S5hoIeVqPXvJgHEWCvQcD
w2VeW7Fp01Zikn/sYBbPilPc1/ess3qxykciUVL5p4uPyN9j7ru1pSjZKApVfY1g
CHeTJfsApfSd5aLz2J6u5ijvOLDylKz6vH/LHDlPQRMO1QrPlO/9BuXC58BVrem5
yNINso9j5gaa4Qu3haxafJTLpsPdDXgq6PS5/akEFZ77UTpWAWvEZtKGZdZ1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHE6cfy3cA0f+jOAWZD+1QsyvLtwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzQyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5uLwwDQYJKoZIhvcNAQELBQADggEBAHr28KahKJFaaWID4VSrhJcjJVgMzdD9
vR8+jh1l27BD1zpgsSFeB3y2Lsx8VBVk69JmXkVO6IMWj8XFwxy2Mahy/D2E/Hf7
GjXz/tFX6k/TZA/ZzUHHMOXnW1a65URfI8Z71G3KBISsT3e1Tc5ycoGL0UYiL+Ca
1bs7x7E6jjL/xmkC1SR81bMOPbtRqDKe3q4uGJFWSMNxWR+xYYUB8+DqMCs4agNE
H5G5SUZHMQBWjs5acaf9DnBkLi9pRVfg9ttnz+I8LHfbowQ85Pf/le70K1DMXcey
v079b84/ubF2ToSFlBCRQkVBugvcm+yaIledBGDWzANaD8cJJp4X8Pw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org