Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e2033333536.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier: d+y+r2bfu2xwINhiNLLWpeeA5wVDUmcbR/VA+LOSFu0=
Subject key identifier: 41:37:56:53:F6:CA:04:4B:E3:74:7F:39:FF:3C:B8:BA:2E:53:53:4C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2C1297F337CED276771481D4F4BCFAE007DB21E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e2033333536.roa
Signing time: Fri 20 Oct 2023 13:41:59 +0000
ROA not before: Fri 20 Oct 2023 13:36:59 +0000
ROA not after: Fri 18 Oct 2024 13:41:59 +0000
asID: 3356
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:12:97:f3:37:ce:d2:76:77:14:81:d4:f4:bc:fa:e0:07:db:21:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:59 2023 GMT
Not After : Oct 18 13:41:59 2024 GMT
Subject: CN=41375653F6CA044BE3747F39FF3CB8BA2E53534C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:0c:09:de:87:2f:25:b0:e2:3c:bf:36:26:
a0:cc:4f:e2:ae:85:40:b4:99:b1:55:e9:cb:23:5b:
a8:f3:42:83:ee:16:9d:ed:cf:f0:b9:14:e3:91:fa:
77:28:63:eb:b8:f5:a0:52:ab:d4:8a:6f:bb:89:c2:
fc:6b:7d:d6:2a:a5:95:67:39:bb:a2:60:f8:a6:2f:
c8:59:6d:9d:9e:e3:bb:f9:50:3a:0a:81:3a:cb:c0:
c5:b0:97:7a:2e:fa:72:68:e7:93:1d:59:c5:37:1d:
0c:94:7e:fc:e2:1c:8f:5f:04:43:45:a5:47:0a:e9:
29:40:48:ad:dd:6f:db:2b:ce:52:a2:24:2e:10:3f:
f0:c2:18:91:76:e1:9f:6e:25:b9:3b:34:55:e3:61:
df:e6:4d:0e:f1:f8:bd:f7:97:bd:52:0a:2d:d2:e3:
27:f4:68:c8:9e:43:25:69:2c:50:bb:00:06:bb:8f:
19:5d:2a:b0:4d:4a:0b:b0:0a:30:6c:07:46:4c:9c:
f3:5f:13:73:67:53:22:32:92:3a:67:c8:a9:7a:f5:
e3:e4:e2:0f:34:4b:e9:a9:ef:fb:89:8a:e8:a5:5d:
2b:32:d3:23:26:d7:b9:7c:e1:44:53:93:50:10:77:
c3:db:b6:10:11:af:b4:a7:9e:85:cd:5f:43:f4:f1:
90:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:37:56:53:F6:CA:04:4B:E3:74:7F:39:FF:3C:B8:BA:2E:53:53:4C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e2033333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d9:48:e3:38:53:44:f1:78:a3:1e:1e:a9:b1:4a:26:e8:49:
be:e8:4e:dd:8a:bb:c3:8c:eb:28:c9:f5:a0:ea:08:60:36:42:
a1:df:a4:c3:e3:ab:ff:01:59:76:f1:3a:28:f9:87:4c:cc:6b:
9f:b3:23:44:e8:91:a6:17:1a:36:c1:43:bc:c8:55:3f:4d:24:
c2:ed:7e:fa:80:70:97:c2:1a:65:4c:98:27:5e:36:45:71:4e:
96:47:1a:3e:81:4a:19:b2:fc:95:f3:c0:65:b8:68:18:06:d1:
c6:48:9e:81:83:1e:24:3c:a1:16:2a:fe:49:1e:bc:a4:32:65:
8e:1e:d4:67:ea:57:ba:6d:72:dd:4a:54:19:61:a0:03:26:32:
61:6f:1e:60:15:46:78:9d:03:ee:3a:0d:10:36:ec:84:9e:eb:
11:67:6c:29:3a:ec:5a:51:9d:ac:5c:55:1f:b2:8d:8c:49:45:
98:42:b2:c4:2a:46:9e:0a:b9:c4:43:c4:a0:98:32:61:4d:49:
46:2c:e8:6c:a5:3c:d8:2f:2d:1b:71:0a:55:95:f6:1a:40:60:
f3:7c:0e:03:a6:55:c0:94:e0:d5:0e:d8:c0:1f:2e:f7:1d:01:
31:8a:e8:3f:bf:bb:b9:bd:33:20:38:ea:86:bb:95:1a:16:4c:
12:fc:22:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULBKX8zfO0nZ3FIHU9Lz64AfbIegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTlaFw0yNDEwMTgxMzQxNTlaMDMxMTAvBgNV
BAMTKDQxMzc1NjUzRjZDQTA0NEJFMzc0N0YzOUZGM0NCOEJBMkU1MzUzNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfgwJ3ocvJbDiPL82JqDMT+Ku
hUC0mbFV6csjW6jzQoPuFp3tz/C5FOOR+ncoY+u49aBSq9SKb7uJwvxrfdYqpZVn
ObuiYPimL8hZbZ2e47v5UDoKgTrLwMWwl3ou+nJo55MdWcU3HQyUfvziHI9fBENF
pUcK6SlASK3db9srzlKiJC4QP/DCGJF24Z9uJbk7NFXjYd/mTQ7x+L33l71SCi3S
4yf0aMieQyVpLFC7AAa7jxldKrBNSguwCjBsB0ZMnPNfE3NnUyIykjpnyKl69ePk
4g80S+mp7/uJiuilXSsy0yMm17l84URTk1AQd8PbthARr7SnnoXNX0P08ZC1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQTdWU/bKBEvjdH85/zy4ui5TU0wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ubvqMA0GCSqGSIb3DQEBCwUAA4IBAQBa2UjjOFNE8XijHh6psUom6Em+6E7dirvD
jOsoyfWg6ghgNkKh36TD46v/AVl28Too+YdMzGufsyNE6JGmFxo2wUO8yFU/TSTC
7X76gHCXwhplTJgnXjZFcU6WRxo+gUoZsvyV88BluGgYBtHGSJ6Bgx4kPKEWKv5J
HrykMmWOHtRn6le6bXLdSlQZYaADJjJhbx5gFUZ4nQPuOg0QNuyEnusRZ2wpOuxa
UZ2sXFUfso2MSUWYQrLEKkaeCrnEQ8SgmDJhTUlGLOhspTzYLy0bcQpVlfYaQGDz
fA4DplXAlODVDtjAHy73HQExiug/v7u5vTMgOOqGu5UaFkwS/CI5
-----END CERTIFICATE-----
Generated at Thu May 2 22:22:59 2024 by rpki-client on console-fra.rpki-client.org