Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
File: 3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: 8MuRhK+rFG4aG4eAjOOuQu277FSCJcYX4hQ+ov7cK/s=
Subject key identifier: F0:7C:8A:ED:80:EF:7C:2C:5D:C5:DE:1F:55:0C:CD:D4:16:13:09:77
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 58028720A790DD74FF53ACF157C370D08553C0BB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
Signing time: Fri 20 Oct 2023 13:41:53 +0000
ROA not before: Fri 20 Oct 2023 13:36:53 +0000
ROA not after: Fri 18 Oct 2024 13:41:53 +0000
asID: 40021
IP address blocks: 185.187.235.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:02:87:20:a7:90:dd:74:ff:53:ac:f1:57:c3:70:d0:85:53:c0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:53 2023 GMT
Not After : Oct 18 13:41:53 2024 GMT
Subject: CN=F07C8AED80EF7C2C5DC5DE1F550CCDD416130977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:a4:f6:82:45:0c:ce:0e:77:fd:06:5b:9a:
8d:12:20:aa:3d:8e:9c:f1:c4:46:e7:f5:6c:fc:cd:
2e:22:e6:f1:77:17:0c:8f:ee:ea:0d:15:98:8e:61:
36:00:4a:8d:d3:6b:6c:f7:ce:92:7d:18:e0:3c:fc:
02:a0:b0:61:a4:19:4e:4f:89:e7:c8:d1:e1:17:49:
9f:92:ee:85:05:f6:c3:07:62:37:08:aa:15:74:4b:
b4:7e:72:ba:dc:96:26:f3:cd:37:b5:5f:67:bd:ea:
82:8c:22:51:1f:ad:e7:8d:2a:77:73:cc:ac:bd:b4:
7b:95:fa:55:34:d6:88:07:39:14:f1:a9:ed:53:72:
8b:b0:8c:51:f8:12:8c:12:be:cd:b9:87:63:22:cf:
e8:17:89:21:3b:da:1e:ec:1a:91:47:7a:9d:e9:72:
4f:9e:c4:b7:9a:41:10:c2:c7:0e:e4:12:9a:c5:b3:
a5:27:c9:34:16:8b:9a:32:07:39:38:67:95:d0:62:
b1:34:f3:e6:24:b5:73:d7:bb:88:b9:8e:75:94:93:
70:a8:19:a1:bf:f6:4b:ed:74:47:c5:60:44:1b:47:
9f:e0:cb:d7:f1:0b:57:0a:34:c8:9e:3e:b1:c7:57:
e8:a8:57:b5:1c:08:2f:a1:fc:7e:03:30:71:b7:c1:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7C:8A:ED:80:EF:7C:2C:5D:C5:DE:1F:55:0C:CD:D4:16:13:09:77
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.235.0/24
Signature Algorithm: sha256WithRSAEncryption
75:24:99:35:89:09:de:37:19:27:b3:5f:99:1a:b3:78:9d:42:
94:a4:c1:98:0c:aa:5e:70:59:41:39:97:17:9f:38:1d:2f:a5:
a9:5b:71:de:b2:61:43:79:15:e4:8b:e6:b9:9f:b4:89:14:ca:
ff:08:5a:4d:45:81:3b:fa:4e:3b:80:45:0e:f3:df:80:16:13:
92:bb:b8:5c:26:3b:71:81:6e:af:3d:a6:b4:63:bb:ce:c8:f2:
17:78:3a:78:4a:7a:cd:f9:83:7a:24:c7:34:a4:a5:51:fa:a6:
d5:22:6d:44:e7:17:49:1e:a7:3b:bb:67:d7:85:e8:bd:70:e4:
fd:bc:3c:41:fc:af:7e:67:c7:84:72:de:bf:cb:66:f6:7b:93:
23:3f:85:2d:d3:5c:43:99:8d:c5:32:19:5d:ff:3d:51:33:ee:
20:ba:77:8c:2b:b5:69:74:e1:77:75:4c:c2:39:5b:48:12:58:
84:0d:c9:e3:07:01:4c:3b:95:83:3a:4a:9c:21:5d:f4:88:3e:
7f:9c:93:eb:a1:c7:af:48:e3:24:bb:72:09:f9:7b:8f:bc:70:
0c:c2:73:8a:d3:74:b5:88:fa:b6:c9:96:28:1b:4c:77:e8:2a:
d7:0f:0f:6b:29:b0:28:47:bb:9a:a9:54:12:0c:ef:39:7a:99:
dc:c4:99:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWAKHIKeQ3XT/U6zxV8Nw0IVTwLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTNaFw0yNDEwMTgxMzQxNTNaMDMxMTAvBgNV
BAMTKEYwN0M4QUVEODBFRjdDMkM1REM1REUxRjU1MENDREQ0MTYxMzA5NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHiaT2gkUMzg53/QZbmo0SIKo9
jpzxxEbn9Wz8zS4i5vF3FwyP7uoNFZiOYTYASo3Ta2z3zpJ9GOA8/AKgsGGkGU5P
iefI0eEXSZ+S7oUF9sMHYjcIqhV0S7R+crrclibzzTe1X2e96oKMIlEfreeNKndz
zKy9tHuV+lU01ogHORTxqe1TcouwjFH4EowSvs25h2Miz+gXiSE72h7sGpFHep3p
ck+exLeaQRDCxw7kEprFs6UnyTQWi5oyBzk4Z5XQYrE08+YktXPXu4i5jnWUk3Co
GaG/9kvtdEfFYEQbR5/gy9fxC1cKNMiePrHHV+ioV7UcCC+h/H4DMHG3wf75AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8HyK7YDvfCxdxd4fVQzN1BYTCXcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u+swDQYJKoZIhvcNAQELBQADggEBAHUkmTWJCd43GSezX5kas3idQpSkwZgM
ql5wWUE5lxefOB0vpalbcd6yYUN5FeSL5rmftIkUyv8IWk1FgTv6TjuARQ7z34AW
E5K7uFwmO3GBbq89prRju87I8hd4OnhKes35g3okxzSkpVH6ptUibUTnF0kepzu7
Z9eF6L1w5P28PEH8r35nx4Ry3r/LZvZ7kyM/hS3TXEOZjcUyGV3/PVEz7iC6d4wr
tWl04Xd1TMI5W0gSWIQNyeMHAUw7lYM6SpwhXfSIPn+ck+uhx69I4yS7cgn5e4+8
cAzCc4rTdLWI+rbJligbTHfoKtcPD2spsChHu5qpVBIM7zl6mdzEmbI=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org