Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zjhXAiXNRwVGEcDIRU1VgQPLxA1FtrV6Z43dKPIMp3A=
Subject key identifier: 73:FC:52:64:F4:14:AD:FD:1F:B6:C6:26:F6:8C:BD:BD:D1:C6:AA:22
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 752714AC0C52709F522B02FA8802768BC5B61EBC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:50:06 +0000
ROA not before: Sun 26 Nov 2023 19:45:06 +0000
ROA not after: Sun 24 Nov 2024 19:50:06 +0000
asID: 136787
IP address blocks: 185.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:27:14:ac:0c:52:70:9f:52:2b:02:fa:88:02:76:8b:c5:b6:1e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:45:06 2023 GMT
Not After : Nov 24 19:50:06 2024 GMT
Subject: CN=73FC5264F414ADFD1FB6C626F68CBDBDD1C6AA22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:8a:94:77:d6:05:be:87:f7:36:c5:16:bd:
22:1e:b6:0c:49:ab:a2:cc:c3:21:f8:ef:63:9b:bc:
b2:ed:1c:49:3e:4b:73:ab:44:05:ae:0c:e5:2d:aa:
a8:76:c5:fd:16:5a:a1:53:82:cc:9c:51:a9:15:cb:
5f:68:fa:5b:0b:80:71:bf:d2:2c:7b:86:a6:57:88:
77:4f:f0:d9:c4:22:61:e6:1d:16:14:8f:37:b9:02:
79:e2:d0:a7:34:48:2b:8a:a8:51:66:dc:c4:60:8c:
8f:e9:57:39:81:f0:63:fa:c5:2f:31:97:ef:b3:eb:
6b:ed:3e:36:6c:2e:97:e9:00:6d:32:b4:16:e0:e2:
1a:5d:68:11:ec:45:69:b3:07:1a:74:c6:fd:fb:fe:
8e:54:f0:01:6e:1d:1b:e0:89:fa:cd:ae:e4:b2:b5:
4b:9f:eb:aa:05:3d:06:5c:1f:33:58:a0:73:76:08:
44:e1:4a:3f:ad:fb:71:7f:92:9b:7c:11:fa:c8:49:
77:65:e8:12:0d:ea:2a:4a:1c:93:27:e5:f4:ef:51:
d2:33:34:23:e2:89:a7:2e:0f:d0:a8:3f:f1:05:4a:
06:c2:4a:7d:cf:1c:b7:2d:c7:e1:96:66:3e:6a:2a:
2b:5b:ea:88:9a:aa:ed:9a:ed:9d:67:6d:4a:d4:d8:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FC:52:64:F4:14:AD:FD:1F:B6:C6:26:F6:8C:BD:BD:D1:C6:AA:22
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b0:22:dc:3b:1d:33:3d:59:cb:7f:28:74:79:f3:99:24:6b:
26:b1:5d:f7:ce:0e:a0:e8:7e:38:51:9a:ec:6f:ae:78:c4:8d:
0f:72:62:3a:e1:03:92:38:91:68:60:9e:8d:b5:5b:92:7e:ea:
83:5d:49:8f:f0:75:1b:ac:d0:7c:b8:57:eb:ec:8f:de:90:05:
07:0b:a9:b4:77:ce:76:a6:b5:bc:37:1f:65:00:bd:ec:aa:6e:
14:98:80:4a:57:30:b7:4a:f4:5b:55:a3:83:80:f8:93:ec:6e:
47:04:9e:58:1a:17:b4:84:02:de:2a:29:45:11:c8:42:d2:c2:
4b:74:63:ac:d6:52:f2:79:9d:47:4e:64:6a:9b:ac:38:45:07:
8e:a9:bc:79:16:9f:11:ce:d4:59:26:0a:89:2a:1e:ab:ab:99:
0b:56:8b:3f:8c:c4:b4:17:52:63:00:4f:fb:f0:18:b4:fb:9b:
d4:47:19:2a:24:aa:bc:57:af:02:5e:b5:58:98:14:27:01:0d:
83:4f:31:23:b1:a0:cd:0b:e5:95:6e:9f:73:68:3e:7d:2a:96:
61:95:55:e3:0f:c5:31:1a:69:7e:00:d4:85:30:48:0b:f7:a0:
d6:96:8c:a0:2a:f9:48:00:8f:6f:90:89:36:4c:b4:ac:1d:c2:
bd:4f:fc:29
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdScUrAxScJ9SKwL6iAJ2i8W2HrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ1MDZaFw0yNDExMjQxOTUwMDZaMDMxMTAvBgNV
BAMTKDczRkM1MjY0RjQxNEFERkQxRkI2QzYyNkY2OENCREJERDFDNkFBMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+F4qUd9YFvof3NsUWvSIetgxJ
q6LMwyH472ObvLLtHEk+S3OrRAWuDOUtqqh2xf0WWqFTgsycUakVy19o+lsLgHG/
0ix7hqZXiHdP8NnEImHmHRYUjze5Anni0Kc0SCuKqFFm3MRgjI/pVzmB8GP6xS8x
l++z62vtPjZsLpfpAG0ytBbg4hpdaBHsRWmzBxp0xv37/o5U8AFuHRvgifrNruSy
tUuf66oFPQZcHzNYoHN2CEThSj+t+3F/kpt8EfrISXdl6BIN6ipKHJMn5fTvUdIz
NCPiiacuD9CoP/EFSgbCSn3PHLctx+GWZj5qKitb6oiaqu2a7Z1nbUrU2LErAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUc/xSZPQUrf0ftsYm9oy9vdHGqiIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR5zANBgkqhkiG9w0BAQsFAAOCAQEAi7Ai3DsdMz1Zy38odHnzmSRrJrFd
984OoOh+OFGa7G+ueMSND3JiOuEDkjiRaGCejbVbkn7qg11Jj/B1G6zQfLhX6+yP
3pAFBwuptHfOdqa1vDcfZQC97KpuFJiASlcwt0r0W1Wjg4D4k+xuRwSeWBoXtIQC
3iopRRHIQtLCS3RjrNZS8nmdR05kapusOEUHjqm8eRafEc7UWSYKiSoeq6uZC1aL
P4zEtBdSYwBP+/AYtPub1EcZKiSqvFevAl61WJgUJwENg08xI7GgzQvllW6fc2g+
fSqWYZVV4w/FMRppfgDUhTBIC/eg1paMoCr5SACPb5CJNky0rB3CvU/8KQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org