Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235302e302f32342d3332203d3e203531313637.roa
File: 3138352e3230372e3235302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 8BafscRYZWFcK4Df7xsvdJRzQ87cY4b1PbZoqJ6I0Cg=
Subject key identifier: 6E:31:68:65:B1:49:53:C5:21:BB:F8:C5:B6:4D:DE:3F:9A:71:C6:D7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 78C3BE2C7366BDABD6F071B6CAF1B4A7D7790171
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235302e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 51167
IP address blocks: 185.207.250.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c3:be:2c:73:66:bd:ab:d6:f0:71:b6:ca:f1:b4:a7:d7:79:01:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=6E316865B14953C521BBF8C5B64DDE3F9A71C6D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3c:43:41:ce:c5:a0:5d:14:8a:41:36:f6:bf:
d8:04:99:9a:41:49:a9:76:d6:60:7f:55:cb:a4:29:
5b:d9:c2:11:da:a6:45:1f:27:64:8c:ae:8f:4c:75:
61:8e:9f:1f:7c:77:b5:69:68:64:0f:a4:5e:ff:1d:
82:9e:df:cb:9b:e1:6a:ac:d2:3c:a3:71:82:5f:81:
c0:9a:e7:58:e8:60:36:1f:4e:4b:f6:84:e8:0b:1c:
b4:51:f6:2d:bb:c8:f1:aa:45:26:94:47:5e:7b:2f:
39:24:1f:55:8d:5b:0f:01:c6:34:bf:1c:c3:bb:4c:
ee:00:a1:fb:9d:cf:ef:49:68:05:ae:96:c6:a8:95:
e4:ae:f5:68:46:89:27:8e:a1:fb:19:0a:37:55:83:
51:ca:e4:78:ea:4c:ec:0e:d8:70:ff:3c:06:d3:17:
22:61:7c:91:71:32:ef:eb:85:ea:e9:d0:ce:4f:c9:
1c:e7:21:65:e3:0b:a5:5f:f3:a7:eb:6e:d3:22:0f:
f9:c0:e1:4a:21:56:da:b2:3e:6c:33:62:c8:e7:c0:
82:6f:de:fa:0d:b7:24:6a:62:a4:53:63:38:0b:1f:
f4:4d:76:91:52:c1:17:0d:bc:72:8b:7f:3e:e6:63:
9f:ef:99:f6:ca:21:ad:1b:3c:73:05:8a:26:c6:3b:
35:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:31:68:65:B1:49:53:C5:21:BB:F8:C5:B6:4D:DE:3F:9A:71:C6:D7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.250.0/24
Signature Algorithm: sha256WithRSAEncryption
53:db:5c:a1:f6:1b:2c:1a:5c:d2:c8:f3:ec:0f:03:b7:fa:d4:
9e:de:88:94:29:b5:ab:58:88:bb:c6:74:91:16:65:e6:a0:e8:
8d:d0:a6:54:f1:64:9a:9e:02:65:8c:d8:27:c5:8c:68:80:83:
12:b2:3b:a5:71:bb:ed:dd:88:15:48:83:4e:78:ae:bb:e1:a5:
e0:51:dd:b5:b4:90:45:78:32:5f:b5:19:6f:5f:37:58:09:64:
4f:57:3c:27:2a:e1:ae:53:f1:8e:76:3b:85:1c:7f:eb:01:9e:
5b:c8:c5:46:ec:b4:97:52:25:33:8a:57:db:32:49:53:81:44:
4b:e4:e5:a8:b4:c7:1a:8c:24:9b:b3:11:f0:ca:71:b4:00:8e:
8e:09:48:c9:d9:8d:ee:fe:56:44:97:4b:c6:a3:06:13:f2:ff:
53:40:55:57:27:43:b3:00:79:89:0d:7e:cc:6c:a2:78:87:be:
34:be:90:22:7c:50:ea:83:6b:a3:64:26:6c:9b:82:9e:df:2d:
17:45:d7:11:8d:e5:ee:ea:36:df:8a:40:52:5a:13:44:7f:f6:
20:46:79:d9:ed:e5:b7:3e:88:c6:37:4c:5e:18:77:12:9b:83:
73:55:cd:00:8b:78:59:38:72:59:74:ba:6a:26:42:be:be:0c:
7b:fb:79:c6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeMO+LHNmvavW8HG2yvG0p9d5AXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKDZFMzE2ODY1QjE0OTUzQzUyMUJCRjhDNUI2NERERTNGOUE3MUM2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFPENBzsWgXRSKQTb2v9gEmZpB
Sal21mB/VcukKVvZwhHapkUfJ2SMro9MdWGOnx98d7VpaGQPpF7/HYKe38ub4Wqs
0jyjcYJfgcCa51joYDYfTkv2hOgLHLRR9i27yPGqRSaUR157LzkkH1WNWw8BxjS/
HMO7TO4Aofudz+9JaAWulsaoleSu9WhGiSeOofsZCjdVg1HK5HjqTOwO2HD/PAbT
FyJhfJFxMu/rherp0M5PyRznIWXjC6Vf86frbtMiD/nA4UohVtqyPmwzYsjnwIJv
3voNtyRqYqRTYzgLH/RNdpFSwRcNvHKLfz7mY5/vmfbKIa0bPHMFiibGOzXJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbjFoZbFJU8Uhu/jFtk3eP5pxxtcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzcyZTMy
MzUzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5z/owDQYJKoZIhvcNAQELBQADggEBAFPbXKH2GywaXNLI8+wPA7f61J7eiJQp
tatYiLvGdJEWZeag6I3QplTxZJqeAmWM2CfFjGiAgxKyO6Vxu+3diBVIg054rrvh
peBR3bW0kEV4Ml+1GW9fN1gJZE9XPCcq4a5T8Y52O4Ucf+sBnlvIxUbstJdSJTOK
V9sySVOBREvk5ai0xxqMJJuzEfDKcbQAjo4JSMnZje7+VkSXS8ajBhPy/1NAVVcn
Q7MAeYkNfsxsoniHvjS+kCJ8UOqDa6NkJmybgp7fLRdF1xGN5e7qNt+KQFJaE0R/
9iBGednt5bc+iMY3TF4YdxKbg3NVzQCLeFk4cll0umomQr6+DHv7ecY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org