Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa (raw, json)
Hash identifier: 1rNZBUU8IidVayNUvr3PpoLsgWmDzbC5lzJdyJVWMFY=
Subject key identifier: 39:ED:A8:81:E0:9B:9C:78:ED:F9:35:56:E5:6A:FA:67:A4:95:F3:9C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 138103FBC395913436A2A1FD870109E13215B9EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
Signing time: Fri 20 Sep 2024 14:04:51 +0000
ROA not before: Fri 20 Sep 2024 13:59:51 +0000
ROA not after: Fri 19 Sep 2025 14:04:51 +0000
asID: 212053
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:81:03:fb:c3:95:91:34:36:a2:a1:fd:87:01:09:e1:32:15:b9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:51 2024 GMT
Not After : Sep 19 14:04:51 2025 GMT
Subject: CN=39EDA881E09B9C78EDF93556E56AFA67A495F39C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:93:37:3b:b9:ed:35:d1:0d:7b:89:8a:4c:
0d:ee:74:5d:90:31:26:bf:66:b9:51:37:3a:8b:b3:
e9:33:49:03:c8:a5:ca:98:1b:bc:9e:3b:aa:5b:65:
d2:29:08:43:a0:de:30:1c:15:1c:0e:9a:ea:96:d6:
58:a0:10:78:bf:09:dd:05:34:c6:d9:29:a6:35:46:
77:72:93:ab:4c:b2:41:61:cf:f1:e4:fc:3d:38:c8:
7f:9c:91:51:3f:86:d0:5d:fa:1a:7a:d0:43:25:06:
c5:ed:c2:11:fa:bd:10:d7:3a:88:b2:45:45:a7:c4:
c2:af:1d:9f:52:e7:c2:c9:26:bb:6d:dd:44:86:f7:
d9:be:2c:70:04:10:b8:d7:b5:41:1d:1c:0f:eb:b0:
07:ae:a6:1b:5a:a1:c0:7b:20:d3:45:62:b4:cd:a3:
cd:17:c3:51:bf:24:6a:20:c2:bc:d2:78:79:8d:8d:
29:a8:d6:12:b9:02:c0:f9:4e:15:ce:67:2e:1a:2a:
34:a0:c6:b5:b1:9b:b9:d5:a7:f4:e8:c7:5d:b6:59:
89:88:e7:45:33:3f:33:ba:94:52:4d:62:dd:a4:c4:
e5:ad:6d:3e:c1:54:c4:2e:0a:fa:03:6e:12:6d:b4:
2b:ce:84:90:bd:b5:a6:49:cb:51:fc:db:e2:22:6c:
d1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:ED:A8:81:E0:9B:9C:78:ED:F9:35:56:E5:6A:FA:67:A4:95:F3:9C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:a4:5b:fc:be:62:78:47:18:1f:57:7e:59:da:dd:e2:48:d1:
3f:52:2a:60:f3:53:ef:30:a7:c6:9f:c2:2b:4b:9c:e2:b2:f6:
29:d8:61:f9:05:f5:2b:b7:04:97:9c:18:b1:f6:41:54:04:46:
cd:fa:29:b6:5b:88:38:46:13:bf:d8:de:45:80:73:b0:e8:91:
56:4f:5f:49:7f:de:6a:dd:b9:f4:e6:26:43:af:f3:eb:c3:cf:
09:e0:91:65:63:93:4c:e8:d6:9d:de:83:e1:eb:9b:6a:96:cb:
d6:ae:8c:f2:44:8d:26:8a:35:3a:fa:60:13:66:2f:e8:c4:8b:
fd:f8:d1:9b:40:57:b3:2b:dd:53:17:0c:02:84:62:64:69:b7:
b1:33:17:fa:f6:20:24:28:a6:a1:8a:f4:94:c7:40:5e:1b:02:
ab:c3:72:63:ee:32:86:c0:e1:bb:ca:c1:54:b6:8c:38:b4:23:
25:1c:4f:62:bf:ec:99:68:c8:70:0d:3d:88:af:59:3a:26:7e:
ad:4d:4b:76:91:d0:12:2b:8a:57:c9:bd:5e:0b:22:ef:bc:81:
56:2c:7d:60:df:8a:3d:a3:0f:2e:ae:2f:6e:df:04:45:6e:a3:
3c:0f:66:89:ab:3f:96:5e:35:83:d0:f2:2d:1d:d0:f7:2f:05:
fd:db:11:75
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUE4ED+8OVkTQ2oqH9hwEJ4TIVueswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTFaFw0yNTA5MTkxNDA0NTFaMDMxMTAvBgNV
BAMTKDM5RURBODgxRTA5QjlDNzhFREY5MzU1NkU1NkFGQTY3QTQ5NUYzOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+C5M3O7ntNdENe4mKTA3udF2Q
MSa/ZrlRNzqLs+kzSQPIpcqYG7yeO6pbZdIpCEOg3jAcFRwOmuqW1ligEHi/Cd0F
NMbZKaY1Rndyk6tMskFhz/Hk/D04yH+ckVE/htBd+hp60EMlBsXtwhH6vRDXOoiy
RUWnxMKvHZ9S58LJJrtt3USG99m+LHAEELjXtUEdHA/rsAeuphtaocB7INNFYrTN
o80Xw1G/JGogwrzSeHmNjSmo1hK5AsD5ThXOZy4aKjSgxrWxm7nVp/Tox122WYmI
50UzPzO6lFJNYt2kxOWtbT7BVMQuCvoDbhJttCvOhJC9taZJy1H82+IibNHbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUOe2ogeCbnHjt+TVW5Wr6Z6SV85wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMwMzUzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm76jANBgkqhkiG9w0BAQsFAAOCAQEALqRb/L5ieEcYH1d+Wdrd4kjRP1Iq
YPNT7zCnxp/CK0uc4rL2Kdhh+QX1K7cEl5wYsfZBVARGzfoptluIOEYTv9jeRYBz
sOiRVk9fSX/eat259OYmQ6/z68PPCeCRZWOTTOjWnd6D4eubapbL1q6M8kSNJoo1
OvpgE2Yv6MSL/fjRm0BXsyvdUxcMAoRiZGm3sTMX+vYgJCimoYr0lMdAXhsCq8Ny
Y+4yhsDhu8rBVLaMOLQjJRxPYr/smWjIcA09iK9ZOiZ+rU1LdpHQEiuKV8m9Xgsi
77yBVix9YN+KPaMPLq4vbt8ERW6jPA9mias/ll41g9DyLR3Q9y8F/dsRdQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org