Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138382e3235312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: lI2bChSyEnCWw5E/6oirkStBwkzh/W28Kr/pwTMnCJc=
Subject key identifier: 73:6C:B1:BE:B3:5C:DE:EE:25:C6:55:A8:AF:74:2A:97:E7:16:48:0A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1508E5FE4D9EDA96C701B4E3218F87B71F4F4777
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:03 +0000
ROA not before: Mon 26 Feb 2024 08:48:03 +0000
ROA not after: Mon 24 Feb 2025 08:53:03 +0000
asID: 136787
IP address blocks: 185.188.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:08:e5:fe:4d:9e:da:96:c7:01:b4:e3:21:8f:87:b7:1f:4f:47:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:03 2024 GMT
Not After : Feb 24 08:53:03 2025 GMT
Subject: CN=736CB1BEB35CDEEE25C655A8AF742A97E716480A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:94:62:28:b5:f0:2d:36:88:4d:0f:23:95:65:
91:f5:23:d2:a6:5a:91:e6:17:76:03:ab:23:58:fd:
d5:7d:2a:3d:4b:07:1c:0e:29:79:1d:87:5c:6d:84:
05:c3:a6:6b:aa:18:6f:20:8d:5c:73:04:e3:0a:84:
10:a9:da:51:fc:5e:ea:7f:80:95:d4:0b:62:48:2c:
64:ed:49:5f:f9:aa:ac:c1:40:2b:a5:ca:ff:c5:2b:
a8:4d:03:6a:06:bd:8a:f3:70:ab:68:33:74:dc:24:
62:08:62:db:e0:3a:35:dd:9a:5a:f0:98:c8:c7:96:
3e:c7:b8:8e:81:a3:6a:e9:5a:7a:64:af:ed:b9:65:
86:b5:ad:71:b8:d1:2e:f4:56:e6:58:13:89:d7:9d:
b2:5a:b6:c6:6b:a8:16:5d:42:ed:e3:8f:29:ee:b8:
1d:16:ac:20:ec:bf:96:34:24:22:b5:0a:16:e5:ba:
9e:43:43:77:70:9c:e1:3c:19:82:2f:4d:b1:d9:5a:
18:76:bd:a2:10:62:91:c2:05:0e:10:93:c8:d7:6b:
3d:88:97:92:52:d8:10:86:18:61:ee:d4:df:10:90:
d4:49:af:fe:d9:ff:6f:f5:67:13:45:8d:40:62:ed:
ba:29:38:df:ac:03:0f:e8:ac:4c:a8:cd:2d:38:0b:
9a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6C:B1:BE:B3:5C:DE:EE:25:C6:55:A8:AF:74:2A:97:E7:16:48:0A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138382e3235312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.251.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b2:e2:97:24:60:26:d3:1d:66:f8:a8:70:25:71:50:77:ec:
0e:e2:ef:49:20:76:68:a2:e0:ec:e9:1a:4e:77:fe:aa:3d:5e:
51:b8:55:fe:b6:74:64:d2:db:0c:85:e7:ba:b0:9b:a6:94:1f:
d7:ee:b0:8c:4c:68:56:66:97:dd:c6:0a:a2:d4:73:92:5f:08:
01:c6:d7:d5:47:d8:78:6e:5f:5d:ba:b2:63:d3:af:da:6e:2a:
27:7b:25:b8:68:bc:21:89:26:46:e7:3a:7f:b2:01:d9:11:f8:
4e:e3:e0:98:88:99:a8:60:ce:ed:bb:94:ce:14:24:2c:73:35:
8e:f4:79:53:bf:dc:36:98:09:a2:9a:c8:60:41:a3:3c:04:b6:
15:ae:96:6c:69:13:17:c5:06:cf:c1:38:7d:12:c5:28:b0:b6:
4b:5f:9a:39:92:b1:35:3d:d9:71:8d:5d:e8:50:07:aa:2d:bd:
34:e1:6b:b8:45:32:a7:2c:f5:e6:9f:31:a9:e5:6f:83:e1:60:
3e:7d:94:19:76:67:6e:60:94:be:ed:b5:4a:b8:b6:26:c6:7f:
18:86:84:88:34:12:72:9f:0c:43:17:e5:54:6e:8e:0b:7f:b7:
4e:b4:4a:31:6e:91:b7:68:d9:d1:5b:bb:a2:e0:e1:1d:8a:89:
a1:03:76:d9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFQjl/k2e2pbHAbTjIY+Htx9PR3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDNaFw0yNTAyMjQwODUzMDNaMDMxMTAvBgNV
BAMTKDczNkNCMUJFQjM1Q0RFRUUyNUM2NTVBOEFGNzQyQTk3RTcxNjQ4MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQColGIotfAtNohNDyOVZZH1I9Km
WpHmF3YDqyNY/dV9Kj1LBxwOKXkdh1xthAXDpmuqGG8gjVxzBOMKhBCp2lH8Xup/
gJXUC2JILGTtSV/5qqzBQCulyv/FK6hNA2oGvYrzcKtoM3TcJGIIYtvgOjXdmlrw
mMjHlj7HuI6Bo2rpWnpkr+25ZYa1rXG40S70VuZYE4nXnbJatsZrqBZdQu3jjynu
uB0WrCDsv5Y0JCK1Chblup5DQ3dwnOE8GYIvTbHZWhh2vaIQYpHCBQ4Qk8jXaz2I
l5JS2BCGGGHu1N8QkNRJr/7Z/2/1ZxNFjUBi7bopON+sAw/orEyozS04C5phAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUc2yxvrNc3u4lxlWor3Qql+cWSAowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzgyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm8+zANBgkqhkiG9w0BAQsFAAOCAQEAcLLilyRgJtMdZviocCVxUHfsDuLv
SSB2aKLg7OkaTnf+qj1eUbhV/rZ0ZNLbDIXnurCbppQf1+6wjExoVmaX3cYKotRz
kl8IAcbX1UfYeG5fXbqyY9Ov2m4qJ3sluGi8IYkmRuc6f7IB2RH4TuPgmIiZqGDO
7buUzhQkLHM1jvR5U7/cNpgJoprIYEGjPAS2Fa6WbGkTF8UGz8E4fRLFKLC2S1+a
OZKxNT3ZcY1d6FAHqi29NOFruEUypyz15p8xqeVvg+FgPn2UGXZnbmCUvu21Sri2
JsZ/GIaEiDQScp8MQxflVG6OC3+3TrRKMW6Rt2jZ0Vu7ouDhHYqJoQN22Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org