Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
File: 3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: dZZXBPoMqSu+x9bvHBc32qcz9PCfvQ9so+4RYVNXmkk=
Subject key identifier: 95:1E:3E:9B:38:45:42:A1:D2:4D:37:0D:D9:B3:A3:91:1B:12:8F:3C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2311F0B19A68355BCBA391D9B1E1EF4AB3D6DDDE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:32 +0000
ROA not before: Mon 26 Feb 2024 08:48:32 +0000
ROA not after: Mon 24 Feb 2025 08:53:32 +0000
asID: 51167
IP address blocks: 185.208.206.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:11:f0:b1:9a:68:35:5b:cb:a3:91:d9:b1:e1:ef:4a:b3:d6:dd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:32 2024 GMT
Not After : Feb 24 08:53:32 2025 GMT
Subject: CN=951E3E9B384542A1D24D370DD9B3A3911B128F3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:47:ac:ba:99:11:0a:d5:6c:24:73:8e:20:cf:
d2:d3:3e:4c:aa:8e:33:20:1e:e2:37:2b:77:79:11:
b1:ca:21:95:e3:15:73:87:1c:ce:1d:e6:12:26:41:
16:11:6c:a3:c1:f4:22:d3:8c:5a:8a:c8:33:3c:76:
27:29:39:8a:73:d7:85:19:32:28:e8:25:b9:48:69:
64:29:7a:b6:b7:c9:58:b6:26:b2:d5:91:6d:69:78:
94:26:b8:67:81:58:7a:4d:0a:fb:8d:a4:d8:52:53:
0e:52:9a:db:f9:6a:05:05:24:59:05:9f:2e:16:b9:
52:0d:ec:7e:ac:36:69:2f:99:18:0c:dc:3e:e2:8d:
09:a3:49:91:6f:35:b0:3e:56:86:3d:c0:be:cf:51:
7a:a4:b0:07:10:54:ed:b3:9c:62:5a:24:78:e7:14:
c5:bf:33:5d:7e:96:9d:f3:d4:88:83:77:b8:10:57:
4e:7a:e9:84:a5:84:66:89:d5:8d:46:25:66:9a:4b:
f9:71:fb:13:69:4b:95:3b:88:89:b3:f4:67:2a:23:
7e:d1:9e:50:78:f0:85:5a:aa:77:a4:80:c1:44:29:
3f:fb:29:cc:7f:d8:80:48:39:b7:bd:88:0f:c0:84:
38:85:59:0a:9f:58:cb:91:35:38:86:2a:0f:6b:99:
4b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1E:3E:9B:38:45:42:A1:D2:4D:37:0D:D9:B3:A3:91:1B:12:8F:3C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.206.0/24
Signature Algorithm: sha256WithRSAEncryption
60:ed:8a:99:e6:24:28:37:e2:f8:6c:e4:8b:d6:cb:00:56:c0:
47:32:6d:61:15:85:a1:df:bf:3c:d3:cf:dc:0c:a7:af:e2:65:
88:62:59:80:da:d0:4e:4c:16:7e:9d:7f:6e:11:4b:c8:9d:d9:
ba:b2:96:a9:d7:77:19:3d:74:8a:2e:9e:41:e5:c8:58:ca:cf:
be:c8:ba:09:f5:49:37:91:d7:37:b1:54:11:58:f2:ae:5a:96:
c8:4d:35:a5:a9:e5:e9:4d:5a:8d:07:0f:b9:07:80:63:24:5f:
d5:2b:e1:71:e1:85:f3:62:be:54:6b:6c:b1:52:85:d1:b2:16:
af:2c:61:fa:56:da:54:43:ef:46:2a:94:70:9f:3b:40:ce:d3:
e4:83:44:34:8f:f9:33:22:a9:24:12:03:3b:ed:da:80:2e:bc:
ba:c3:e0:a0:06:62:14:69:c1:4f:cd:15:74:57:63:a8:c9:16:
d4:c3:ee:65:21:7a:52:16:da:87:3d:c1:82:fd:ec:0c:a0:f3:
6c:9c:65:09:29:9e:06:b4:24:fc:dc:e5:e6:8b:2d:5c:e5:d2:
b3:ca:b5:85:f4:57:d7:b4:11:70:f7:60:dd:af:92:c8:24:1a:
8a:47:1c:e7:a4:5e:b9:06:d1:b6:db:75:40:c4:d8:72:bf:e2:
e3:22:d5:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIxHwsZpoNVvLo5HZseHvSrPW3d4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzJaFw0yNTAyMjQwODUzMzJaMDMxMTAvBgNV
BAMTKDk1MUUzRTlCMzg0NTQyQTFEMjREMzcwREQ5QjNBMzkxMUIxMjhGM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIR6y6mREK1Wwkc44gz9LTPkyq
jjMgHuI3K3d5EbHKIZXjFXOHHM4d5hImQRYRbKPB9CLTjFqKyDM8dicpOYpz14UZ
MijoJblIaWQpera3yVi2JrLVkW1peJQmuGeBWHpNCvuNpNhSUw5Smtv5agUFJFkF
ny4WuVIN7H6sNmkvmRgM3D7ijQmjSZFvNbA+VoY9wL7PUXqksAcQVO2znGJaJHjn
FMW/M11+lp3z1IiDd7gQV0566YSlhGaJ1Y1GJWaaS/lx+xNpS5U7iImz9GcqI37R
nlB48IVaqnekgMFEKT/7Kcx/2IBIObe9iA/AhDiFWQqfWMuRNTiGKg9rmUv5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlR4+mzhFQqHSTTcN2bOjkRsSjzwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50M4wDQYJKoZIhvcNAQELBQADggEBAGDtipnmJCg34vhs5IvWywBWwEcybWEV
haHfvzzTz9wMp6/iZYhiWYDa0E5MFn6df24RS8id2bqylqnXdxk9dIounkHlyFjK
z77Iugn1STeR1zexVBFY8q5alshNNaWp5elNWo0HD7kHgGMkX9Ur4XHhhfNivlRr
bLFShdGyFq8sYfpW2lRD70YqlHCfO0DO0+SDRDSP+TMiqSQSAzvt2oAuvLrD4KAG
YhRpwU/NFXRXY6jJFtTD7mUhelIW2oc9wYL97Ayg82ycZQkpnga0JPzc5eaLLVzl
0rPKtYX0V9e0EXD3YN2vksgkGopHHOekXrkG0bbbdUDE2HK/4uMi1R4=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org