Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
File: 3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: BoIe8s6mfSfy4Efch01A8Jb3yk3ifPXLaM75XlEK9vk=
Subject key identifier: 37:30:51:24:1E:CE:1C:09:B3:F9:2D:46:2E:D0:9F:F0:A2:5F:85:57
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5EE08BBE6E3C26EA11203844881BF8DF98205EE0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:17 +0000
ROA not before: Mon 26 Feb 2024 08:48:17 +0000
ROA not after: Mon 24 Feb 2025 08:53:17 +0000
asID: 51167
IP address blocks: 185.209.230.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:e0:8b:be:6e:3c:26:ea:11:20:38:44:88:1b:f8:df:98:20:5e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:17 2024 GMT
Not After : Feb 24 08:53:17 2025 GMT
Subject: CN=373051241ECE1C09B3F92D462ED09FF0A25F8557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6b:ca:92:8e:58:9b:b6:d1:ba:b9:8b:94:96:
c3:43:e9:19:6a:da:c1:ec:37:43:f6:9c:0d:8a:49:
ad:36:b1:c7:87:0c:1c:43:b2:da:92:7d:df:c2:24:
73:de:de:fa:9c:0a:47:8c:33:30:8e:04:03:00:ba:
43:ac:a1:f2:e0:1f:26:1e:96:3a:37:be:89:24:b6:
8f:21:57:77:fb:98:95:34:6a:99:c6:c3:a8:71:2f:
8d:8c:42:d9:f9:1f:55:2a:7e:4c:54:f3:48:98:f9:
43:db:03:64:8e:bd:d2:c3:26:24:a1:d4:6d:87:65:
f3:66:7c:54:a3:81:d1:fe:9a:12:47:69:8c:ba:7b:
98:6d:de:80:7e:c7:16:3c:73:27:8a:f8:0d:40:b2:
5f:4c:2b:13:92:68:cf:85:5d:3e:ac:81:59:5d:a9:
15:f9:ab:84:4b:55:e3:01:f0:32:07:85:f3:60:3e:
d2:6a:11:e9:f0:8c:b3:64:c4:83:e0:90:37:03:9a:
71:7d:c5:89:e3:fc:73:75:c2:5c:b8:2a:f7:05:c7:
d6:1d:58:42:97:ed:70:eb:d3:a7:32:a6:f9:b8:4e:
21:5c:a9:c5:05:7b:0f:88:ed:fd:80:a9:cf:69:36:
d4:3f:31:5f:55:25:6c:61:e1:91:ef:8f:1d:f2:ed:
ff:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:30:51:24:1E:CE:1C:09:B3:F9:2D:46:2E:D0:9F:F0:A2:5F:85:57
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:13:10:c4:e1:11:03:24:a7:00:dd:2c:08:df:5a:de:e7:5b:
c3:d4:66:fe:e0:66:ad:ea:b7:77:3d:b2:1e:71:d1:a5:d0:a5:
73:55:e9:79:da:d7:c8:69:bd:fd:a8:bc:7a:17:54:4c:b8:66:
6f:0a:1f:08:b5:d5:f3:0d:f5:04:19:7c:2f:4a:25:d6:34:36:
45:9f:1b:70:5a:21:3a:1a:18:6d:96:c8:b2:ae:95:a7:1a:8a:
1e:9a:fb:3f:c3:8c:c3:8a:1a:53:97:e9:00:41:02:df:8d:6c:
2a:49:fe:56:f7:cb:0f:2b:3b:60:8c:cc:a2:da:b6:8d:d1:a4:
68:2d:22:a8:a4:64:3f:b9:8c:31:f8:2c:fd:b5:72:f4:e2:e3:
26:80:5c:9d:55:ab:1d:bd:ef:7b:13:11:52:74:4a:79:3e:fb:
da:b7:89:1d:c1:75:c2:ae:ee:c4:eb:66:eb:65:3f:4f:d9:b6:
3a:c1:28:4d:1b:32:f6:be:9f:b2:11:5d:3d:f3:1f:3e:9b:e7:
b9:d6:9b:e0:c2:da:62:3a:d9:0d:19:c2:ac:68:08:59:d1:44:
5e:3f:14:81:94:f9:cd:8a:c7:52:99:f3:f5:e7:1e:9c:4d:0d:
87:34:c1:9e:0a:93:dd:94:0b:c9:4c:20:12:96:1a:f4:9a:d6:
c4:d5:02:c1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXuCLvm48JuoRIDhEiBv435ggXuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTdaFw0yNTAyMjQwODUzMTdaMDMxMTAvBgNV
BAMTKDM3MzA1MTI0MUVDRTFDMDlCM0Y5MkQ0NjJFRDA5RkYwQTI1Rjg1NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPa8qSjlibttG6uYuUlsND6Rlq
2sHsN0P2nA2KSa02sceHDBxDstqSfd/CJHPe3vqcCkeMMzCOBAMAukOsofLgHyYe
ljo3vokkto8hV3f7mJU0apnGw6hxL42MQtn5H1UqfkxU80iY+UPbA2SOvdLDJiSh
1G2HZfNmfFSjgdH+mhJHaYy6e5ht3oB+xxY8cyeK+A1Asl9MKxOSaM+FXT6sgVld
qRX5q4RLVeMB8DIHhfNgPtJqEenwjLNkxIPgkDcDmnF9xYnj/HN1wly4KvcFx9Yd
WEKX7XDr06cypvm4TiFcqcUFew+I7f2Aqc9pNtQ/MV9VJWxh4ZHvjx3y7f8pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNzBRJB7OHAmz+S1GLtCf8KJfhVcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzMzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50eYwDQYJKoZIhvcNAQELBQADggEBAD8TEMThEQMkpwDdLAjfWt7nW8PUZv7g
Zq3qt3c9sh5x0aXQpXNV6Xna18hpvf2ovHoXVEy4Zm8KHwi11fMN9QQZfC9KJdY0
NkWfG3BaIToaGG2WyLKulacaih6a+z/DjMOKGlOX6QBBAt+NbCpJ/lb3yw8rO2CM
zKLato3RpGgtIqikZD+5jDH4LP21cvTi4yaAXJ1Vqx2973sTEVJ0Snk++9q3iR3B
dcKu7sTrZutlP0/ZtjrBKE0bMva+n7IRXT3zHz6b57nWm+DC2mI62Q0ZwqxoCFnR
RF4/FIGU+c2Kx1KZ8/XnHpxNDYc0wZ4Kk92UC8lMIBKWGvSa1sTVAsE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org