Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
File: 3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa (raw, json)
Hash identifier: sKPFjIItCUDr6fCZA79gP9ve9ONYM6j0k9LFV5+lNsE=
Subject key identifier: 3B:3F:2D:3C:92:D1:58:35:F2:B0:A3:87:8F:FC:9D:A4:DF:87:AC:F3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6FF44BC9826C9C3537E22F04DE12728EF11E14DB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
Signing time: Fri 10 Nov 2023 19:52:36 +0000
ROA not before: Fri 10 Nov 2023 19:47:36 +0000
ROA not after: Fri 08 Nov 2024 19:52:36 +0000
asID: 51167
IP address blocks: 185.184.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:f4:4b:c9:82:6c:9c:35:37:e2:2f:04:de:12:72:8e:f1:1e:14:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 10 19:47:36 2023 GMT
Not After : Nov 8 19:52:36 2024 GMT
Subject: CN=3B3F2D3C92D15835F2B0A3878FFC9DA4DF87ACF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:d0:11:ff:be:a1:96:3d:5a:b3:4c:2b:79:
54:88:6a:18:a8:2b:bf:cc:ab:74:ee:f2:48:c9:fc:
36:b4:00:a2:cf:b2:7f:03:1f:df:6c:b5:d0:64:cc:
59:9e:96:98:c1:ae:a8:be:5d:be:96:a5:d5:62:a1:
6f:ca:91:e0:f8:1f:a2:b6:02:2d:4c:eb:ff:7b:37:
9e:60:f9:71:9a:6d:47:ef:58:a2:43:22:a5:04:c7:
01:7c:87:99:68:ec:3f:53:69:2f:15:db:d9:01:e7:
91:eb:dd:93:bc:cf:9a:4c:2d:ef:8e:1c:f4:62:8f:
f7:bc:63:fc:bf:4b:27:71:ea:21:bf:01:ee:76:58:
1b:db:53:9d:b5:44:d5:ea:2a:27:a3:d3:41:80:30:
92:50:94:9f:0b:0e:99:cc:8f:f1:41:b4:08:d4:2e:
c1:70:81:4f:04:83:ff:52:b7:37:48:bc:cc:31:ac:
23:81:0f:2b:83:b7:34:a5:a9:19:7b:76:d1:2e:8d:
2c:ea:06:f5:11:b9:0b:3c:ec:d3:01:a4:14:c8:32:
25:ad:34:7e:19:0a:76:95:7b:70:e2:20:ba:09:38:
87:4c:29:19:f7:cc:e3:2f:d2:e7:9c:a2:72:85:24:
a9:7e:28:fe:fe:c5:e0:b0:52:c8:0a:aa:ba:89:2f:
95:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3F:2D:3C:92:D1:58:35:F2:B0:A3:87:8F:FC:9D:A4:DF:87:AC:F3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138382e302f32342d3234203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.188.0/24
Signature Algorithm: sha256WithRSAEncryption
04:91:e0:66:9a:35:a0:39:c2:b1:26:7f:4a:38:fc:c0:b5:04:
65:6c:21:22:82:00:05:20:69:51:09:7e:0b:29:39:8a:dd:2d:
35:9a:43:e8:dc:53:a4:f8:40:a3:88:31:97:0d:cd:7b:79:c1:
f4:fe:6c:e6:33:85:0e:4c:36:4d:52:67:bf:1d:51:1a:7b:29:
c8:cd:06:99:dc:1a:df:10:8c:b1:b8:36:f7:0e:e0:72:65:85:
b1:b1:53:0c:5c:21:9b:44:59:b8:1c:af:37:29:54:4f:49:ee:
9c:2a:d7:d3:eb:16:2e:0d:31:ba:b6:df:93:83:01:30:c0:aa:
ec:fe:71:62:05:d6:95:69:ed:ab:91:9f:2a:a0:d1:33:02:0f:
2d:21:10:97:18:ee:14:19:c9:bc:1a:fa:e0:7d:38:e0:9a:5d:
f8:a3:cf:fa:f6:61:b7:5a:b3:1b:cf:42:04:24:4d:53:43:66:
8d:9b:71:26:52:66:bf:08:06:90:34:ea:af:15:af:96:48:fc:
e7:e1:32:37:d1:dd:aa:c6:a4:94:1b:bd:ea:2f:aa:27:94:93:
a6:59:29:5a:4a:d7:8c:d2:45:10:63:c3:70:eb:be:2b:65:81:
10:29:2d:89:a9:13:0a:1f:17:e0:10:63:1d:b0:cc:9d:cd:21:
59:c8:c6:69
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUb/RLyYJsnDU34i8E3hJyjvEeFNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMTAxOTQ3MzZaFw0yNDExMDgxOTUyMzZaMDMxMTAvBgNV
BAMTKDNCM0YyRDNDOTJEMTU4MzVGMkIwQTM4NzhGRkM5REE0REY4N0FDRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCEtAR/76hlj1as0wreVSIahio
K7/Mq3Tu8kjJ/Da0AKLPsn8DH99stdBkzFmelpjBrqi+Xb6WpdVioW/KkeD4H6K2
Ai1M6/97N55g+XGabUfvWKJDIqUExwF8h5lo7D9TaS8V29kB55Hr3ZO8z5pMLe+O
HPRij/e8Y/y/Sydx6iG/Ae52WBvbU521RNXqKiej00GAMJJQlJ8LDpnMj/FBtAjU
LsFwgU8Eg/9StzdIvMwxrCOBDyuDtzSlqRl7dtEujSzqBvURuQs87NMBpBTIMiWt
NH4ZCnaVe3DiILoJOIdMKRn3zOMv0ueconKFJKl+KP7+xeCwUsgKqrqJL5WrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOz8tPJLRWDXysKOHj/ydpN+HrPMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzQyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5uLwwDQYJKoZIhvcNAQELBQADggEBAASR4GaaNaA5wrEmf0o4/MC1BGVsISKC
AAUgaVEJfgspOYrdLTWaQ+jcU6T4QKOIMZcNzXt5wfT+bOYzhQ5MNk1SZ78dURp7
KcjNBpncGt8QjLG4NvcO4HJlhbGxUwxcIZtEWbgcrzcpVE9J7pwq19PrFi4NMbq2
35ODATDAquz+cWIF1pVp7auRnyqg0TMCDy0hEJcY7hQZybwa+uB9OOCaXfijz/r2
YbdasxvPQgQkTVNDZo2bcSZSZr8IBpA06q8Vr5ZI/OfhMjfR3arGpJQbveovqieU
k6ZZKVpK14zSRRBjw3DrvitlgRApLYmpEwofF+AQYx2wzJ3NIVnIxmk=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org