Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36362e302f32332d3332203d3e203531313637.roa
File: 3138352e3139332e36362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: T5M/AZTRXc45AxQ7zKc/2kmzl2zg+ItWf25ua4BCRd4=
Subject key identifier: A3:85:20:80:B9:69:F7:89:F0:59:7B:28:10:15:25:94:97:13:FF:BD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 708E72731FDD0472174735F5105945C4C5908A28
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:49 +0000
ROA not before: Fri 20 Sep 2024 13:59:49 +0000
ROA not after: Fri 19 Sep 2025 14:04:49 +0000
asID: 51167
IP address blocks: 185.193.66.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:8e:72:73:1f:dd:04:72:17:47:35:f5:10:59:45:c4:c5:90:8a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:49 2024 GMT
Not After : Sep 19 14:04:49 2025 GMT
Subject: CN=A3852080B969F789F0597B28101525949713FFBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:b4:4d:59:6a:bf:ef:8d:55:05:2f:8c:76:
5e:20:57:3b:7b:82:dd:b7:a1:fe:10:8f:17:f7:9a:
07:6c:35:69:74:e6:09:4b:fa:05:55:1b:e4:4f:25:
79:02:58:06:72:d6:2a:6e:83:c6:1a:db:7a:01:8d:
bf:cd:b2:c0:ec:8b:c4:b2:74:57:30:45:e2:98:0b:
0c:24:c1:0e:36:f6:a1:ca:7d:a8:da:67:a0:01:39:
42:65:9a:39:82:0f:f1:a1:08:75:a4:dc:4d:58:1e:
5f:a8:23:ac:c9:25:b0:08:a0:84:55:38:39:be:36:
3a:c2:49:b0:62:44:10:2e:97:15:24:aa:b4:2a:61:
73:ce:e4:49:3e:bd:36:89:a0:fe:f1:82:9f:da:51:
58:23:d0:11:55:a7:c3:c7:35:86:bb:af:76:36:5a:
15:14:9c:fc:91:e8:66:dc:e8:fb:23:fc:3b:54:b0:
92:0e:ad:ed:ac:99:0b:66:e8:5d:7d:c7:9c:3a:a7:
29:e0:07:ff:01:71:0c:f4:5a:23:6f:f6:b7:42:a2:
63:cb:cc:02:c2:bf:f0:da:60:8c:25:c0:ec:a6:6e:
21:e6:0b:1d:e5:27:71:4a:8e:fb:bd:14:ed:d5:69:
d7:ba:74:c4:9b:2b:b8:0c:ad:3b:77:8c:fd:b1:7d:
17:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:85:20:80:B9:69:F7:89:F0:59:7B:28:10:15:25:94:97:13:FF:BD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.66.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:41:36:56:3e:04:c0:25:f9:16:7b:55:a4:06:f7:69:e0:29:
82:40:ed:28:80:2b:fd:0d:9e:5d:4c:ea:ee:ff:0c:b3:d7:8f:
c9:fb:16:e7:f4:ac:0c:d2:e0:94:f1:b3:96:be:05:ef:a6:19:
46:84:52:13:68:3f:ea:ec:fb:24:fc:b2:5d:b2:fe:d5:b7:7f:
76:d8:53:9d:48:8e:f6:25:ac:27:ae:d2:4a:03:90:a9:19:bf:
98:5d:40:ce:14:48:73:33:89:ab:6e:fb:60:26:2e:4a:55:3e:
41:6f:50:97:f3:80:29:34:62:17:a5:f9:1a:44:4e:a5:d5:3b:
6f:5f:6a:0c:44:76:62:12:ee:cc:00:56:68:3f:4e:67:4c:66:
e2:8e:f5:35:d7:a4:84:d8:b4:91:1d:63:a5:ea:df:65:19:23:
61:e0:42:2d:ca:55:c3:b9:67:2d:fd:1c:f9:41:af:0c:eb:95:
55:7b:58:39:b0:55:9d:85:fc:46:4f:f7:e8:13:b6:55:65:68:
dd:ad:7a:ac:e6:97:f0:c1:62:d7:f4:d0:6d:31:0d:87:d9:36:
58:87:d0:d2:84:7c:37:c5:d2:9a:42:c5:06:04:c7:c0:c2:dc:
cf:a3:cd:9f:c0:7e:bc:ad:fc:d7:8d:24:79:04:bb:26:6b:56:
12:da:d3:1b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcI5ycx/dBHIXRzX1EFlFxMWQiigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NDlaFw0yNTA5MTkxNDA0NDlaMDMxMTAvBgNV
BAMTKEEzODUyMDgwQjk2OUY3ODlGMDU5N0IyODEwMTUyNTk0OTcxM0ZGQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXELRNWWq/741VBS+Mdl4gVzt7
gt23of4Qjxf3mgdsNWl05glL+gVVG+RPJXkCWAZy1ipug8Ya23oBjb/NssDsi8Sy
dFcwReKYCwwkwQ429qHKfajaZ6ABOUJlmjmCD/GhCHWk3E1YHl+oI6zJJbAIoIRV
ODm+NjrCSbBiRBAulxUkqrQqYXPO5Ek+vTaJoP7xgp/aUVgj0BFVp8PHNYa7r3Y2
WhUUnPyR6Gbc6Psj/DtUsJIOre2smQtm6F19x5w6pyngB/8BcQz0WiNv9rdComPL
zALCv/DaYIwlwOymbiHmCx3lJ3FKjvu9FO3Vade6dMSbK7gMrTt3jP2xfRenAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUo4UggLlp94nwWXsoEBUllJcT/70wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzMyZTM2
MzYyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
ucFCMA0GCSqGSIb3DQEBCwUAA4IBAQBKQTZWPgTAJfkWe1WkBvdp4CmCQO0ogCv9
DZ5dTOru/wyz14/J+xbn9KwM0uCU8bOWvgXvphlGhFITaD/q7Psk/LJdsv7Vt392
2FOdSI72JawnrtJKA5CpGb+YXUDOFEhzM4mrbvtgJi5KVT5Bb1CX84ApNGIXpfka
RE6l1TtvX2oMRHZiEu7MAFZoP05nTGbijvU116SE2LSRHWOl6t9lGSNh4EItylXD
uWct/Rz5Qa8M65VVe1g5sFWdhfxGT/foE7ZVZWjdrXqs5pfwwWLX9NBtMQ2H2TZY
h9DShHw3xdKaQsUGBMfAwtzPo82fwH68rfzXjSR5BLsma1YS2tMb
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org