Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138342e3138392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: dr7ROm9Tm5m2CG9ugLgdbVMhW4utWuVC2kVzESrcSRQ=
Subject key identifier: 30:F6:4C:9C:49:2F:44:12:04:5A:A3:46:3A:73:AF:AE:BC:DC:D5:8C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B88A7AB67D681D48FC48DD82406114E35D631E0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:07:32 +0000
ROA not before: Sun 14 Jan 2024 18:02:32 +0000
ROA not after: Sun 12 Jan 2025 18:07:32 +0000
asID: 136787
IP address blocks: 185.184.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:88:a7:ab:67:d6:81:d4:8f:c4:8d:d8:24:06:11:4e:35:d6:31:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:02:32 2024 GMT
Not After : Jan 12 18:07:32 2025 GMT
Subject: CN=30F64C9C492F4412045AA3463A73AFAEBCDCD58C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2f:19:c9:8a:d9:57:e2:79:c5:ee:db:9a:a0:
ab:81:0c:dc:ca:58:f4:7b:36:70:e5:06:57:b3:6e:
17:5e:19:de:98:48:9f:03:b1:82:cd:30:82:45:26:
1a:39:4b:b8:cb:72:6f:64:df:17:ad:f8:9e:dd:fd:
0c:8d:c1:ce:c3:43:cd:26:ec:e5:b9:60:d4:4e:e7:
38:51:24:05:ca:1a:6e:6e:3a:df:c9:3c:8d:80:69:
27:1b:4e:ad:bf:a8:10:3a:4d:4e:55:fa:96:30:9a:
a8:09:58:4c:33:bd:bd:a6:12:a1:fe:2a:a5:ff:a5:
e7:6b:fe:cb:d4:90:13:f0:03:1b:b1:5b:b5:7a:73:
8a:c5:7d:19:14:f2:eb:a8:54:7a:68:f2:4f:5f:35:
94:50:59:fc:f0:55:e7:55:ae:3b:23:33:45:3a:9f:
18:7a:cf:60:15:43:cb:ac:5d:5f:06:73:68:d5:f9:
75:12:00:bd:59:b5:de:75:7e:14:ad:f8:63:cb:39:
79:23:7b:c9:b6:a7:1f:aa:26:11:51:ca:98:ec:3b:
8b:66:f5:f3:5a:fe:01:fe:51:9b:e5:e2:fe:3d:68:
c5:3d:07:fb:ba:0b:3b:7b:0f:17:4d:59:70:3b:92:
f6:a9:e5:63:66:7b:cd:b3:09:5a:76:29:25:1a:b5:
07:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F6:4C:9C:49:2F:44:12:04:5A:A3:46:3A:73:AF:AE:BC:DC:D5:8C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138342e3138392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.189.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e7:d9:60:04:4a:6f:a3:d8:a3:24:c6:5c:dd:aa:b0:10:b5:
db:dc:c4:5c:ba:6b:0e:54:83:f9:72:eb:4a:6d:3a:fe:8b:11:
0b:f8:9d:97:08:db:c0:b5:5a:7e:b1:42:c2:b0:49:c9:e4:7f:
ea:4a:e6:85:fa:9e:80:26:a2:8f:d5:ac:9a:8b:a1:c7:c7:3d:
01:29:b4:52:e4:97:09:a7:1e:58:6a:90:3e:f4:44:ef:ea:78:
18:93:18:9f:d9:37:fd:af:7c:42:22:2c:72:69:07:18:55:9d:
80:fc:55:d5:e7:4c:aa:75:95:2b:80:af:1a:91:7b:2f:39:8b:
7f:c5:e0:1b:e3:67:32:52:cc:c1:ed:4d:85:93:62:81:9c:a1:
02:82:a0:ee:a4:0f:f3:1c:e3:46:8e:b3:9e:c3:ed:1c:e4:86:
50:35:15:48:f4:f1:98:76:19:ba:73:31:7e:0f:de:83:0e:5f:
dd:20:be:0b:ea:2f:8a:8d:c1:6f:41:37:1c:cf:c0:6c:71:07:
09:f5:01:40:f3:33:04:38:7d:fd:d7:cd:e3:9a:1a:6e:4f:7c:
e1:e0:04:29:ae:c6:9c:d1:a6:57:a4:15:10:e5:f3:a4:66:98:
58:c7:b8:f9:68:09:5c:e7:b1:0c:02:84:39:e2:ab:de:80:14:
ea:a0:5f:5b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUG4inq2fWgdSPxI3YJAYRTjXWMeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODAyMzJaFw0yNTAxMTIxODA3MzJaMDMxMTAvBgNV
BAMTKDMwRjY0QzlDNDkyRjQ0MTIwNDVBQTM0NjNBNzNBRkFFQkNEQ0Q1OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLxnJitlX4nnF7tuaoKuBDNzK
WPR7NnDlBlezbhdeGd6YSJ8DsYLNMIJFJho5S7jLcm9k3xet+J7d/QyNwc7DQ80m
7OW5YNRO5zhRJAXKGm5uOt/JPI2AaScbTq2/qBA6TU5V+pYwmqgJWEwzvb2mEqH+
KqX/pedr/svUkBPwAxuxW7V6c4rFfRkU8uuoVHpo8k9fNZRQWfzwVedVrjsjM0U6
nxh6z2AVQ8usXV8Gc2jV+XUSAL1Ztd51fhSt+GPLOXkje8m2px+qJhFRypjsO4tm
9fNa/gH+UZvl4v49aMU9B/u6Czt7DxdNWXA7kvap5WNme82zCVp2KSUatQfBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMPZMnEkvRBIEWqNGOnOvrrzc1YwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzQyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm4vTANBgkqhkiG9w0BAQsFAAOCAQEAAufZYARKb6PYoyTGXN2qsBC129zE
XLprDlSD+XLrSm06/osRC/idlwjbwLVafrFCwrBJyeR/6krmhfqegCaij9Wsmouh
x8c9ASm0UuSXCaceWGqQPvRE7+p4GJMYn9k3/a98QiIscmkHGFWdgPxV1edMqnWV
K4CvGpF7LzmLf8XgG+NnMlLMwe1NhZNigZyhAoKg7qQP8xzjRo6znsPtHOSGUDUV
SPTxmHYZunMxfg/egw5f3SC+C+ovio3Bb0E3HM/AbHEHCfUBQPMzBDh9/dfN45oa
bk984eAEKa7GnNGmV6QVEOXzpGaYWMe4+WgJXOexDAKEOeKr3oAU6qBfWw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org