Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0bnPbk+UZ4ywM8Uht+/69y2Mz+6Yjsy7ovh+WVqeMcs=
Subject key identifier: 85:23:E0:BA:90:9D:EE:60:D7:C9:B8:4C:BF:7D:EC:82:03:A7:54:01
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 716D126399A84EBD90CA63D2F3FD853D4CDA6423
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:00:57 +0000
ROA not before: Sun 11 Jun 2023 10:55:57 +0000
ROA not after: Sun 09 Jun 2024 11:00:57 +0000
asID: 136787
IP address blocks: 185.200.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:6d:12:63:99:a8:4e:bd:90:ca:63:d2:f3:fd:85:3d:4c:da:64:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:55:57 2023 GMT
Not After : Jun 9 11:00:57 2024 GMT
Subject: CN=8523E0BA909DEE60D7C9B84CBF7DEC8203A75401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5a:d0:0d:39:09:ee:63:74:ce:ea:76:0e:7e:
a0:41:60:bd:1e:cb:05:da:58:29:f1:bc:a7:a1:7c:
0d:bd:9d:64:be:ca:de:08:4c:0a:c9:41:24:fb:d1:
6d:b3:95:dc:80:ee:24:7e:d3:c6:39:19:87:ac:82:
f6:22:8e:08:27:a2:b9:b2:59:2c:5b:7f:f9:7b:bf:
55:4c:20:6c:73:a5:73:fc:a2:43:dc:12:d6:bb:45:
35:5d:7a:f6:28:9e:aa:59:09:66:6a:eb:8a:48:38:
51:dd:b6:56:3e:ae:ac:5f:c2:a0:7b:e9:5c:cb:d0:
1a:1f:94:b0:cb:ee:93:1d:43:18:58:c1:f4:7a:21:
8b:27:02:17:b7:b5:55:a8:10:3d:98:81:0b:6b:d4:
33:b3:af:de:45:11:e2:de:ac:d8:93:40:51:1d:e7:
d7:f3:a9:2c:79:0e:c5:92:f8:0e:80:f4:75:d5:a4:
ed:b5:c6:08:3e:7e:e7:12:0f:11:8d:5f:c3:52:a0:
81:80:ad:67:ac:88:d2:ca:27:65:e8:b9:7b:95:a6:
d3:0a:2f:46:74:19:12:fb:58:83:01:6d:41:12:1e:
c2:61:f8:b5:ed:7d:dc:f5:28:fc:c5:b8:cd:fd:6e:
a9:82:35:7a:76:11:12:7b:f0:57:14:09:7b:22:d5:
80:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:23:E0:BA:90:9D:EE:60:D7:C9:B8:4C:BF:7D:EC:82:03:A7:54:01
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.34.0/24
Signature Algorithm: sha256WithRSAEncryption
42:97:7b:81:db:f3:a1:50:51:a3:d3:9a:08:88:c1:54:b8:ed:
43:22:fb:0b:e9:84:c4:16:47:57:7e:f0:eb:3e:d0:c7:37:17:
11:ac:13:a4:f2:f8:50:dd:e6:21:c2:7a:ad:a2:a8:f5:fc:e9:
a6:5f:57:0c:4e:58:47:40:14:4e:8d:1d:44:fd:ea:60:dc:40:
ad:8a:4a:a6:e5:36:43:9b:44:3f:3d:ff:33:a6:ce:58:61:02:
26:5b:9f:88:c4:b5:bb:bf:f1:5d:27:cd:7f:80:5b:46:6c:d6:
0e:6f:0c:26:fc:b7:34:7b:1c:1a:55:0c:7d:eb:45:6a:f7:37:
b6:07:3c:55:0d:e1:35:df:29:df:cd:7b:9a:b9:28:3c:81:27:
68:74:b0:15:4c:a8:8d:76:47:0e:65:9d:89:a8:13:23:77:60:
6c:5d:2d:a4:eb:ef:b1:db:77:61:b6:f5:05:15:7d:b1:87:52:
88:16:ff:73:b3:46:84:dd:dd:d5:bd:6e:b4:4d:be:3a:46:b7:
ab:a2:cd:bc:4d:18:ca:b9:27:1f:c8:5c:93:f6:6f:e2:93:54:
6d:2f:d1:3c:ef:a3:13:8b:63:47:e1:17:89:28:33:ea:15:1d:
8c:a3:cd:85:38:dc:09:2a:55:f1:53:30:eb:91:ab:89:5e:39:
f6:be:1d:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcW0SY5moTr2QymPS8/2FPUzaZCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU1NTdaFw0yNDA2MDkxMTAwNTdaMDMxMTAvBgNV
BAMTKDg1MjNFMEJBOTA5REVFNjBEN0M5Qjg0Q0JGN0RFQzgyMDNBNzU0MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2WtANOQnuY3TO6nYOfqBBYL0e
ywXaWCnxvKehfA29nWS+yt4ITArJQST70W2zldyA7iR+08Y5GYesgvYijggnormy
WSxbf/l7v1VMIGxzpXP8okPcEta7RTVdevYonqpZCWZq64pIOFHdtlY+rqxfwqB7
6VzL0BoflLDL7pMdQxhYwfR6IYsnAhe3tVWoED2YgQtr1DOzr95FEeLerNiTQFEd
59fzqSx5DsWS+A6A9HXVpO21xgg+fucSDxGNX8NSoIGArWesiNLKJ2XouXuVptMK
L0Z0GRL7WIMBbUESHsJh+LXtfdz1KPzFuM39bqmCNXp2ERJ78FcUCXsi1YCnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhSPgupCd7mDXybhMv33sggOnVAEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzAyZTMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yCIwDQYJKoZIhvcNAQELBQADggEBAEKXe4Hb86FQUaPTmgiIwVS47UMi+wvp
hMQWR1d+8Os+0Mc3FxGsE6Ty+FDd5iHCeq2iqPX86aZfVwxOWEdAFE6NHUT96mDc
QK2KSqblNkObRD89/zOmzlhhAiZbn4jEtbu/8V0nzX+AW0Zs1g5vDCb8tzR7HBpV
DH3rRWr3N7YHPFUN4TXfKd/Ne5q5KDyBJ2h0sBVMqI12Rw5lnYmoEyN3YGxdLaTr
77Hbd2G29QUVfbGHUogW/3OzRoTd3dW9brRNvjpGt6uizbxNGMq5Jx/IXJP2b+KT
VG0v0TzvoxOLY0fhF4koM+oVHYyjzYU43AkqVfFTMOuRq4leOfa+HTg=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org