Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: g9krQirr2rZtPPrphgAQIzdua+oHPFYOZLcAbb7RB8Q=
Subject key identifier: E2:FE:8C:EE:79:A1:1B:0E:39:A2:71:21:81:B5:50:4B:F0:BB:3D:15
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 627D512622D45E0D764D44349ADC55F2013A7984
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
Signing time: Fri 20 Sep 2024 14:04:51 +0000
ROA not before: Fri 20 Sep 2024 13:59:51 +0000
ROA not after: Fri 19 Sep 2025 14:04:51 +0000
asID: 61317
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:7d:51:26:22:d4:5e:0d:76:4d:44:34:9a:dc:55:f2:01:3a:79:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:51 2024 GMT
Not After : Sep 19 14:04:51 2025 GMT
Subject: CN=E2FE8CEE79A11B0E39A2712181B5504BF0BB3D15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:f8:79:50:84:e7:d8:66:7b:4c:2b:e6:f7:
8d:e1:09:91:1d:88:4a:e1:a1:9b:a3:fb:04:33:48:
bd:1a:eb:af:66:08:62:c1:1c:5b:7a:5a:38:3b:45:
2b:91:b3:fa:65:32:f0:51:75:58:98:65:20:ef:7d:
36:2d:e3:6a:50:94:60:7e:0f:b4:fc:35:d5:68:5b:
fb:04:25:93:aa:8c:d4:7a:4b:03:29:c8:32:17:4e:
13:01:85:21:0d:33:08:f6:fc:0f:60:39:6d:1e:db:
bd:ab:87:5e:ef:d1:32:d3:5c:d9:7d:79:fa:a5:df:
3a:f0:05:f7:69:15:0c:8d:e5:22:4d:c1:a3:25:70:
c8:5f:28:25:c2:d2:76:ae:87:88:c1:50:1a:13:7e:
7e:9a:7b:9e:8f:13:8d:4a:63:77:4f:70:b8:75:3f:
f4:c0:07:8e:37:d0:a8:32:4e:55:04:f0:60:18:be:
07:30:0b:af:c8:02:d5:fb:95:fc:31:a6:f9:7b:82:
73:d6:ca:30:81:2c:bf:eb:ce:bf:9d:dc:d0:8b:18:
99:7a:4a:ee:83:7c:39:0a:c7:45:75:e5:b9:90:43:
ac:37:b0:7e:76:0d:b5:3c:a0:a8:a7:47:38:2d:79:
ee:a4:36:71:25:7f:05:1a:1f:41:b8:ac:2d:e5:44:
bd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FE:8C:EE:79:A1:1B:0E:39:A2:71:21:81:B5:50:4B:F0:BB:3D:15
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
73:0b:9c:e5:58:0e:b0:b1:a7:11:55:71:c3:99:b8:3b:dc:09:
60:c2:25:5b:2a:59:2c:70:70:41:a4:cb:fb:89:8f:2f:f5:36:
6b:f8:60:9a:b7:24:8b:5d:f6:00:d0:a8:ad:35:f9:2e:de:e3:
8d:75:f6:5d:2f:fa:ee:04:f8:74:f8:d5:de:bf:ba:2d:30:bd:
f6:f5:54:61:09:e8:63:b5:d3:2b:e9:08:c8:4b:09:24:6e:37:
b1:e9:67:14:2d:ab:c4:d6:ae:ff:a4:d4:63:aa:a4:73:ef:0c:
1c:73:65:1a:b3:b7:30:b5:2d:bd:89:32:5e:38:6f:81:7d:0e:
91:02:e3:84:55:55:86:6c:26:10:37:a2:60:aa:0d:3a:ee:dc:
29:0a:46:c2:d0:28:a1:7e:60:d9:2e:d8:3c:f6:4a:a0:9c:96:
4c:a5:b6:00:8a:97:09:5a:23:1e:46:0a:ee:13:19:e1:35:8f:
f4:3c:d1:f7:a0:9e:d9:a2:55:f9:d9:1b:70:f2:3a:6d:ad:4b:
84:40:27:ba:08:52:c4:77:fc:b1:99:3a:b9:14:68:34:ff:dd:
f6:d9:49:62:bc:4c:ff:c9:42:c5:8d:de:30:6b:cc:db:b9:05:
88:b0:55:b2:ef:e5:0c:4b:97:73:a6:84:ac:60:87:6b:ea:89:
47:d9:ba:9a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYn1RJiLUXg12TUQ0mtxV8gE6eYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTFaFw0yNTA5MTkxNDA0NTFaMDMxMTAvBgNV
BAMTKEUyRkU4Q0VFNzlBMTFCMEUzOUEyNzEyMTgxQjU1MDRCRjBCQjNEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOGfh5UITn2GZ7TCvm943hCZEd
iErhoZuj+wQzSL0a669mCGLBHFt6Wjg7RSuRs/plMvBRdViYZSDvfTYt42pQlGB+
D7T8NdVoW/sEJZOqjNR6SwMpyDIXThMBhSENMwj2/A9gOW0e272rh17v0TLTXNl9
efql3zrwBfdpFQyN5SJNwaMlcMhfKCXC0nauh4jBUBoTfn6ae56PE41KY3dPcLh1
P/TAB4430KgyTlUE8GAYvgcwC6/IAtX7lfwxpvl7gnPWyjCBLL/rzr+d3NCLGJl6
Su6DfDkKx0V15bmQQ6w3sH52DbU8oKinRzgtee6kNnElfwUaH0G4rC3lRL0zAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4v6M7nmhGw45onEhgbVQS/C7PRUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u+owDQYJKoZIhvcNAQELBQADggEBAHMLnOVYDrCxpxFVccOZuDvcCWDCJVsq
WSxwcEGky/uJjy/1Nmv4YJq3JItd9gDQqK01+S7e44119l0v+u4E+HT41d6/ui0w
vfb1VGEJ6GO10yvpCMhLCSRuN7HpZxQtq8TWrv+k1GOqpHPvDBxzZRqztzC1Lb2J
Ml44b4F9DpEC44RVVYZsJhA3omCqDTru3CkKRsLQKKF+YNku2Dz2SqCclkyltgCK
lwlaIx5GCu4TGeE1j/Q80fegntmiVfnZG3DyOm2tS4RAJ7oIUsR3/LGZOrkUaDT/
3fbZSWK8TP/JQsWN3jBrzNu5BYiwVbLv5QxLl3OmhKxgh2vqiUfZupo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org