Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
File: 3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: w9VHG9CyeKE4jb+CBRPZsoV6z12z/GplV9p4kz9p6GA=
Subject key identifier: 2D:F2:8E:1B:DF:13:10:77:42:31:CC:3B:B8:91:14:8E:A7:34:A8:4C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2BEA40739ECE0ED4BFD607206E51A7D1D4833D95
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:09 +0000
ROA not before: Mon 26 Feb 2024 08:48:09 +0000
ROA not after: Mon 24 Feb 2025 08:53:09 +0000
asID: 47583
IP address blocks: 185.210.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ea:40:73:9e:ce:0e:d4:bf:d6:07:20:6e:51:a7:d1:d4:83:3d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:09 2024 GMT
Not After : Feb 24 08:53:09 2025 GMT
Subject: CN=2DF28E1BDF1310774231CC3BB891148EA734A84C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:5c:4f:52:ff:f2:f8:b6:6a:4d:9e:da:69:
14:9f:aa:01:90:f3:12:c8:28:41:88:61:c8:d3:9b:
73:4f:4b:55:96:b9:66:56:4b:1a:9e:6c:c0:09:f2:
49:35:c5:b6:a9:91:f6:62:0f:75:3f:eb:a6:61:10:
d5:3c:6f:22:a0:21:3d:d4:bc:0d:f2:e6:37:7b:f8:
0f:8c:ad:a7:78:7e:c3:d1:81:22:68:8c:09:29:09:
c0:e1:c2:e5:34:41:24:84:34:82:ca:07:df:f7:05:
27:44:c3:61:07:80:c4:93:66:27:4f:bc:e0:29:71:
f1:39:6a:31:f9:e5:25:a2:f8:bd:50:e1:33:8c:58:
ac:68:49:6d:c2:81:5d:56:ce:6d:47:56:9a:e0:19:
e9:85:0c:8e:d2:c8:a9:1b:a8:60:52:30:33:c7:e3:
d2:18:b2:69:7c:c7:de:a6:cc:06:66:76:1d:73:ec:
90:19:39:9c:ed:54:23:a1:64:c6:9c:e3:5b:d9:f7:
07:af:72:79:a5:41:fb:20:78:2b:5e:a0:07:1a:07:
db:70:77:8c:eb:42:8e:6b:db:39:c9:0c:6f:02:21:
14:4f:f8:c2:88:36:bf:4a:55:42:ab:f1:a3:f5:97:
bc:48:f7:6a:df:f6:83:af:e2:41:e3:ee:ff:37:e3:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F2:8E:1B:DF:13:10:77:42:31:CC:3B:B8:91:14:8E:A7:34:A8:4C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.144.0/22
Signature Algorithm: sha256WithRSAEncryption
28:92:ca:2b:e9:e5:47:1d:44:de:a7:b0:04:6b:1c:76:ca:28:
5a:9f:af:ec:0f:57:80:ee:b9:94:2f:0b:2e:43:17:cb:63:2c:
8f:37:55:74:c9:56:a8:db:d7:3d:32:48:18:7b:90:40:4a:65:
c6:2c:b5:13:39:66:12:3d:f4:02:d8:b6:3c:1d:bd:46:2e:70:
c8:cc:95:54:0f:21:38:bf:87:81:f8:d1:13:18:c4:04:61:28:
ed:c7:8d:e5:29:1d:5c:9c:69:32:bc:2f:e4:9c:60:e3:c0:f5:
cd:e6:b9:ab:b6:c5:df:95:61:cb:3a:83:ab:a0:e7:04:b9:d5:
b7:46:bc:31:d7:86:77:c8:99:58:47:ce:48:46:23:96:7f:7b:
03:86:eb:d8:7d:43:63:18:e4:0f:da:24:39:20:d2:6f:4a:8b:
3c:6e:c3:5b:ff:d4:cd:83:a5:8f:53:c0:58:49:b6:d5:20:8d:
f2:36:18:9e:b3:99:a4:07:9d:4f:77:8b:6d:83:48:60:cf:39:
42:93:42:03:32:31:97:bf:51:3b:45:d5:94:20:02:43:1e:90:
8a:5c:e7:95:12:8f:e0:33:68:c2:af:48:d2:a3:07:6c:c1:bb:
d8:f5:74:ce:0f:70:fe:7c:ca:e4:01:0b:c4:9e:12:bf:dc:78:
a3:2f:19:c4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK+pAc57ODtS/1gcgblGn0dSDPZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDlaFw0yNTAyMjQwODUzMDlaMDMxMTAvBgNV
BAMTKDJERjI4RTFCREYxMzEwNzc0MjMxQ0MzQkI4OTExNDhFQTczNEE4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8EFxPUv/y+LZqTZ7aaRSfqgGQ
8xLIKEGIYcjTm3NPS1WWuWZWSxqebMAJ8kk1xbapkfZiD3U/66ZhENU8byKgIT3U
vA3y5jd7+A+Mrad4fsPRgSJojAkpCcDhwuU0QSSENILKB9/3BSdEw2EHgMSTZidP
vOApcfE5ajH55SWi+L1Q4TOMWKxoSW3CgV1Wzm1HVprgGemFDI7SyKkbqGBSMDPH
49IYsml8x96mzAZmdh1z7JAZOZztVCOhZMac41vZ9wevcnmlQfsgeCteoAcaB9tw
d4zrQo5r2znJDG8CIRRP+MKINr9KVUKr8aP1l7xI92rf9oOv4kHj7v834+gXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULfKOG98TEHdCMcw7uJEUjqc0qEwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzAyZTMx
MzQzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK50pAwDQYJKoZIhvcNAQELBQADggEBACiSyivp5UcdRN6nsARrHHbKKFqfr+wP
V4DuuZQvCy5DF8tjLI83VXTJVqjb1z0ySBh7kEBKZcYstRM5ZhI99ALYtjwdvUYu
cMjMlVQPITi/h4H40RMYxARhKO3HjeUpHVycaTK8L+ScYOPA9c3muau2xd+VYcs6
g6ug5wS51bdGvDHXhnfImVhHzkhGI5Z/ewOG69h9Q2MY5A/aJDkg0m9Kizxuw1v/
1M2DpY9TwFhJttUgjfI2GJ6zmaQHnU93i22DSGDPOUKTQgMyMZe/UTtF1ZQgAkMe
kIpc55USj+AzaMKvSNKjB2zBu9j1dM4PcP58yuQBC8SeEr/ceKMvGcQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org