Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
File: 3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: EEmLLDaHiLMQhRxZp8Al8Sc1aRGJ0/5rCo6aWh9of+g=
Subject key identifier: 3A:B0:E5:20:35:1B:66:DC:74:5F:BD:B3:82:02:D7:E2:29:65:A2:9B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7BD9D52F46377F05B81424428FD13ACE7F9751B6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:50 +0000
ROA not before: Fri 20 Sep 2024 13:59:50 +0000
ROA not after: Fri 19 Sep 2025 14:04:50 +0000
asID: 51167
IP address blocks: 185.202.236.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:d9:d5:2f:46:37:7f:05:b8:14:24:42:8f:d1:3a:ce:7f:97:51:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:50 2024 GMT
Not After : Sep 19 14:04:50 2025 GMT
Subject: CN=3AB0E520351B66DC745FBDB38202D7E22965A29B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b0:83:de:1b:14:40:b6:53:f4:ed:8f:86:b4:
53:b4:fa:dc:a9:bd:0e:b9:e7:8d:bf:ef:74:b5:27:
a4:4a:36:4e:cd:23:d2:7a:35:fd:9d:de:0a:6e:7b:
51:f9:98:11:56:04:e9:2b:11:f6:ed:63:d4:4c:78:
e1:4e:44:76:94:21:8c:b2:06:fc:49:5c:f4:36:69:
45:b7:aa:88:5a:9b:38:f3:d7:b6:8f:4f:27:23:34:
a9:60:f7:bb:08:5a:ff:15:b9:ea:9c:14:d3:b4:ac:
7b:34:93:f0:d0:09:8c:fb:35:56:f5:c2:a0:f4:d4:
46:ec:5d:14:56:6f:00:b2:3d:77:2b:cc:97:8d:e0:
b6:5d:8e:ab:1c:f1:eb:8d:3b:9f:7a:2b:64:9f:2a:
15:a1:e0:a0:40:90:ee:0c:9f:ef:21:03:eb:5c:40:
97:2e:54:41:24:43:8b:6e:d9:ce:cb:af:bb:cc:c2:
d8:bd:e2:8b:c5:09:b2:42:60:75:36:f6:2f:fd:ae:
d7:75:bc:75:c5:3b:6a:4a:48:6e:d5:d3:b9:98:d4:
00:8e:8c:72:7e:7a:dd:59:1c:c0:57:e6:2b:fc:2c:
90:2a:63:f6:8a:cf:14:81:53:e1:79:27:3d:c6:1a:
46:60:72:cc:48:07:a2:ec:03:73:84:57:ae:f1:ab:
54:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B0:E5:20:35:1B:66:DC:74:5F:BD:B3:82:02:D7:E2:29:65:A2:9B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.236.0/24
Signature Algorithm: sha256WithRSAEncryption
31:e2:88:ba:37:34:14:49:1b:de:67:2c:14:6e:02:25:f5:f8:
90:4a:80:43:b3:e9:76:74:77:60:30:0b:f2:40:4f:23:a5:d2:
fc:4e:81:48:0f:38:cf:3b:1a:8a:c3:6e:dd:00:86:6f:00:25:
30:b1:8a:05:70:22:10:c3:3b:40:76:54:3a:3b:6d:0c:64:98:
c0:12:19:1d:7a:8b:35:d2:ae:f1:9d:6d:aa:ca:c2:ad:c6:3a:
93:6f:bb:91:cc:de:c5:e9:32:ff:85:3e:e1:d6:53:22:6b:d9:
be:0a:a9:2c:af:fd:07:8e:2b:9b:b8:7c:08:f7:84:f3:64:dd:
f9:f8:e3:5e:d0:5d:cf:19:74:8a:98:88:fc:bc:21:4e:15:a8:
77:4a:42:75:78:56:15:1b:68:22:3b:6d:12:33:fc:48:13:6a:
57:5f:4d:3b:d2:36:6f:75:af:37:d8:f1:64:7c:f9:c2:64:7a:
de:e5:2d:68:a8:57:a2:bd:b7:24:2c:f3:8a:1b:f1:e8:07:78:
2e:de:49:84:a4:71:b7:bc:e7:9e:81:e5:fb:ed:55:96:6a:15:
05:71:43:82:51:ca:24:0b:d5:a9:7b:20:f8:45:49:b9:cc:7d:
29:b1:60:93:e1:e5:e6:f7:3b:a3:29:55:a4:3c:cf:f3:26:d7:
13:78:88:87
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUe9nVL0Y3fwW4FCRCj9E6zn+XUbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTBaFw0yNTA5MTkxNDA0NTBaMDMxMTAvBgNV
BAMTKDNBQjBFNTIwMzUxQjY2REM3NDVGQkRCMzgyMDJEN0UyMjk2NUEyOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCssIPeGxRAtlP07Y+GtFO0+typ
vQ65542/73S1J6RKNk7NI9J6Nf2d3gpue1H5mBFWBOkrEfbtY9RMeOFORHaUIYyy
BvxJXPQ2aUW3qohamzjz17aPTycjNKlg97sIWv8VueqcFNO0rHs0k/DQCYz7NVb1
wqD01EbsXRRWbwCyPXcrzJeN4LZdjqsc8euNO596K2SfKhWh4KBAkO4Mn+8hA+tc
QJcuVEEkQ4tu2c7Lr7vMwti94ovFCbJCYHU29i/9rtd1vHXFO2pKSG7V07mY1ACO
jHJ+et1ZHMBX5iv8LJAqY/aKzxSBU+F5Jz3GGkZgcsxIB6LsA3OEV67xq1QZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOrDlIDUbZtx0X72zggLX4illopswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzMzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yuwwDQYJKoZIhvcNAQELBQADggEBADHiiLo3NBRJG95nLBRuAiX1+JBKgEOz
6XZ0d2AwC/JATyOl0vxOgUgPOM87GorDbt0Ahm8AJTCxigVwIhDDO0B2VDo7bQxk
mMASGR16izXSrvGdbarKwq3GOpNvu5HM3sXpMv+FPuHWUyJr2b4KqSyv/QeOK5u4
fAj3hPNk3fn4417QXc8ZdIqYiPy8IU4VqHdKQnV4VhUbaCI7bRIz/EgTaldfTTvS
Nm91rzfY8WR8+cJket7lLWioV6K9tyQs84ob8egHeC7eSYSkcbe8556B5fvtVZZq
FQVxQ4JRyiQL1al7IPhFSbnMfSmxYJPh5eb3O6MpVaQ8z/Mm1xN4iIc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org