Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
File: 3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: d4gYJGzMZm7Pu/8LjsEGXTBuLV3NQvBExaEjb9cxpbw=
Subject key identifier: 63:BE:9F:32:83:DA:EF:54:06:EE:2F:8C:77:19:7A:E4:C8:86:7E:AC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5D2B18AE1694FA56ABA8C267639F4C496D872FDA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:44 +0000
ROA not before: Fri 20 Oct 2023 13:36:44 +0000
ROA not after: Fri 18 Oct 2024 13:41:44 +0000
asID: 136787
IP address blocks: 185.197.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:2b:18:ae:16:94:fa:56:ab:a8:c2:67:63:9f:4c:49:6d:87:2f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:44 2023 GMT
Not After : Oct 18 13:41:44 2024 GMT
Subject: CN=63BE9F3283DAEF5406EE2F8C77197AE4C8867EAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:fa:37:83:e4:af:c0:6e:d9:da:36:d6:47:
84:54:99:2e:83:3b:87:6a:49:8a:7d:fe:99:4e:b1:
e0:23:9d:1d:29:dd:eb:19:70:b5:7c:a2:b2:8e:8f:
75:34:aa:bc:de:2a:61:4c:95:cb:e4:82:da:29:86:
ee:bc:53:13:4b:23:0e:9a:ff:15:f6:09:24:f2:e8:
cc:f9:dc:64:0e:aa:1f:9a:20:3f:6c:d1:c2:28:05:
9e:14:fb:0d:24:4a:10:93:11:7a:e6:5f:1c:d3:bb:
2e:02:40:1a:26:eb:57:39:2b:89:aa:45:8c:54:67:
7f:45:6a:4c:05:62:ef:0d:b7:0e:50:56:2a:95:9d:
08:bd:86:dc:0a:d1:3e:e7:56:ed:32:6b:67:41:b0:
36:f5:ab:e9:61:5e:da:42:d7:38:22:25:76:98:4a:
f4:8e:0c:33:39:27:24:1b:1e:74:c6:2d:72:e0:9a:
83:7a:63:3f:31:12:ae:76:34:06:89:09:cd:89:11:
95:35:12:9f:e1:fe:45:55:94:02:ac:75:0e:db:0d:
09:77:c1:1f:d2:1e:2a:d1:80:af:6f:9f:b4:c7:41:
4c:60:86:16:4c:0b:bc:b2:02:31:81:ff:49:36:78:
7f:8e:c7:5a:ed:b2:97:05:a5:9d:b8:fd:fb:9b:f0:
86:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BE:9F:32:83:DA:EF:54:06:EE:2F:8C:77:19:7A:E4:C8:86:7E:AC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.192.0/23
Signature Algorithm: sha256WithRSAEncryption
62:7b:41:f4:0e:79:23:44:c6:8d:1a:9b:1c:f0:4c:e9:f5:fe:
9e:7e:af:91:a4:e5:5e:06:eb:c3:ec:09:5b:be:6e:92:49:71:
0e:08:c7:46:fb:be:d0:06:1a:55:44:75:17:6d:2b:d8:a5:ee:
17:29:0d:b9:60:80:d7:02:93:37:02:eb:92:18:c8:b5:45:c8:
ec:2c:3e:18:27:26:79:50:6b:09:b3:31:ee:ec:b9:8f:e2:cc:
8f:25:24:7a:f7:3d:e1:3d:4b:d7:c3:63:df:c3:46:90:38:55:
46:d3:47:18:b0:34:71:f0:34:84:b1:5a:3c:59:22:40:a4:74:
fb:f8:db:f5:ea:3c:9b:5f:cd:a8:6b:3c:4c:93:76:57:5e:2e:
24:6f:ad:6c:32:cb:f3:38:a2:04:30:f9:37:4f:ca:2f:59:60:
b9:ac:4f:d7:3a:97:03:ae:05:51:d4:24:8b:3b:9e:f7:ba:b3:
1f:82:21:29:2e:6b:4b:be:98:e0:c6:29:c6:94:d4:27:75:5c:
50:14:3f:b8:ca:5b:7c:93:16:f3:a2:8a:f7:c8:89:ff:7f:38:
c2:f4:3a:bd:4b:4e:69:a2:4d:7d:71:0c:c1:0d:4b:ea:83:5a:
79:43:44:b8:4c:97:3d:a5:f1:0b:cd:21:fa:1d:e8:15:e8:c9:
8b:d1:af:04
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXSsYrhaU+larqMJnY59MSW2HL9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDRaFw0yNDEwMTgxMzQxNDRaMDMxMTAvBgNV
BAMTKDYzQkU5RjMyODNEQUVGNTQwNkVFMkY4Qzc3MTk3QUU0Qzg4NjdFQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGyPo3g+SvwG7Z2jbWR4RUmS6D
O4dqSYp9/plOseAjnR0p3esZcLV8orKOj3U0qrzeKmFMlcvkgtophu68UxNLIw6a
/xX2CSTy6Mz53GQOqh+aID9s0cIoBZ4U+w0kShCTEXrmXxzTuy4CQBom61c5K4mq
RYxUZ39FakwFYu8Ntw5QViqVnQi9htwK0T7nVu0ya2dBsDb1q+lhXtpC1zgiJXaY
SvSODDM5JyQbHnTGLXLgmoN6Yz8xEq52NAaJCc2JEZU1Ep/h/kVVlAKsdQ7bDQl3
wR/SHirRgK9vn7THQUxghhZMC7yyAjGB/0k2eH+Ox1rtspcFpZ24/fub8IYtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUY76fMoPa71QG7i+Mdxl65MiGfqwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMx
MzkzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbnFwDANBgkqhkiG9w0BAQsFAAOCAQEAYntB9A55I0TGjRqbHPBM6fX+nn6v
kaTlXgbrw+wJW75ukklxDgjHRvu+0AYaVUR1F20r2KXuFykNuWCA1wKTNwLrkhjI
tUXI7Cw+GCcmeVBrCbMx7uy5j+LMjyUkevc94T1L18Nj38NGkDhVRtNHGLA0cfA0
hLFaPFkiQKR0+/jb9eo8m1/NqGs8TJN2V14uJG+tbDLL8ziiBDD5N0/KL1lguaxP
1zqXA64FUdQkizue97qzH4IhKS5rS76Y4MYpxpTUJ3VcUBQ/uMpbfJMW86KK98iJ
/384wvQ6vUtOaaJNfXEMwQ1L6oNaeUNEuEyXPaXxC80h+h3oFejJi9GvBA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org