Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
File: 3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: /w4tUTR2SpqGjo6W0ebv+JuOWGN1JZ0Ksa/LI8xJxnk=
Subject key identifier: 07:70:71:2A:D0:83:17:DE:57:AF:E0:E8:FD:11:AF:6C:E2:A6:0E:E3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 613D7201E1083157D4DD694457ECC6AFB74BCFF9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
Signing time: Fri 20 Oct 2023 13:41:53 +0000
ROA not before: Fri 20 Oct 2023 13:36:53 +0000
ROA not after: Fri 18 Oct 2024 13:41:53 +0000
asID: 47583
IP address blocks: 185.214.132.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:3d:72:01:e1:08:31:57:d4:dd:69:44:57:ec:c6:af:b7:4b:cf:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:53 2023 GMT
Not After : Oct 18 13:41:53 2024 GMT
Subject: CN=0770712AD08317DE57AFE0E8FD11AF6CE2A60EE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4b:bd:8c:ce:e7:57:da:b7:ca:f9:68:66:c2:
d7:23:1c:54:f9:0f:9e:c9:d3:ad:d7:f9:18:e1:5f:
eb:46:8c:6a:8c:ff:36:84:6f:33:93:17:e5:d6:31:
45:d7:34:3b:ec:67:00:b0:9c:83:ce:4a:80:5a:e9:
aa:ff:c9:92:25:1f:f6:83:31:f2:b5:6b:de:c3:58:
5f:8d:c2:13:17:d0:1c:74:c4:b0:16:ee:d1:b3:ff:
fd:f0:d5:f7:43:9c:e9:63:f7:d8:04:c7:79:1d:11:
3d:b8:6a:dd:87:72:a6:fb:bf:53:41:fd:bc:dd:44:
68:7c:ae:5e:00:ca:02:55:c7:34:f1:91:4f:ea:76:
62:88:04:fc:79:f9:e9:b9:64:92:66:f4:84:bc:5b:
10:e3:68:23:b0:11:a4:8e:36:8f:81:80:62:79:d4:
52:3f:8e:8b:98:93:a6:a0:a0:f0:8b:55:f6:6c:8a:
f4:99:8b:18:3e:ce:76:a3:58:64:bf:2b:06:c6:b5:
bc:20:64:4d:63:b8:b8:7e:70:43:10:64:4f:df:ff:
a6:8c:98:a9:83:af:d6:64:36:59:5e:97:69:99:3d:
91:f1:e8:a4:88:97:ef:8c:46:a1:20:a5:3f:fe:a2:
ad:bd:fb:bd:c7:f0:07:ef:65:46:1d:9b:c9:4b:65:
1a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:70:71:2A:D0:83:17:DE:57:AF:E0:E8:FD:11:AF:6C:E2:A6:0E:E3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.132.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:a7:b6:4e:5e:97:a0:b1:21:2f:a8:e6:61:8b:be:cb:ee:5c:
31:a4:dd:f4:bd:21:b3:44:d3:e7:ed:c3:a6:a0:70:20:ba:a3:
2b:ec:c0:46:69:ee:d0:41:76:90:6e:e7:fa:90:a9:03:8a:55:
15:9d:45:8e:ff:c1:f1:5a:ae:73:4f:48:4c:33:d3:62:3b:cb:
bc:27:da:c8:f6:17:c8:3f:f4:33:31:1e:f0:fd:88:be:9c:aa:
20:80:c6:a8:1a:56:84:89:5c:77:89:d9:e6:4d:de:cf:ba:59:
2e:bb:1b:04:56:45:ab:57:16:af:1e:89:49:78:ba:3a:aa:07:
3c:99:89:b4:b9:4a:0e:6f:ec:f0:da:74:1e:72:f9:ea:cf:c5:
36:e7:a2:f0:88:da:55:5f:19:cc:e2:94:82:4d:f3:94:53:fb:
db:0a:b3:8d:2f:b2:45:e6:81:57:ad:e2:c0:fc:cb:3f:5d:f4:
cf:25:c8:9f:5a:8b:37:3a:39:39:38:f5:86:62:e7:a5:d7:66:
79:5a:10:03:78:62:1c:d8:8a:64:6e:71:8d:2a:71:72:f0:1d:
17:00:be:52:ce:7e:a2:7f:ab:7d:88:96:c6:0b:20:9e:4f:24:
95:c8:b3:41:1c:d3:e7:d8:70:c0:71:14:95:18:50:0e:44:f2:
c8:25:c9:50
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYT1yAeEIMVfU3WlEV+zGr7dLz/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTNaFw0yNDEwMTgxMzQxNTNaMDMxMTAvBgNV
BAMTKDA3NzA3MTJBRDA4MzE3REU1N0FGRTBFOEZEMTFBRjZDRTJBNjBFRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdS72MzudX2rfK+WhmwtcjHFT5
D57J063X+RjhX+tGjGqM/zaEbzOTF+XWMUXXNDvsZwCwnIPOSoBa6ar/yZIlH/aD
MfK1a97DWF+NwhMX0Bx0xLAW7tGz//3w1fdDnOlj99gEx3kdET24at2Hcqb7v1NB
/bzdRGh8rl4AygJVxzTxkU/qdmKIBPx5+em5ZJJm9IS8WxDjaCOwEaSONo+BgGJ5
1FI/jouYk6agoPCLVfZsivSZixg+znajWGS/KwbGtbwgZE1juLh+cEMQZE/f/6aM
mKmDr9ZkNllel2mZPZHx6KSIl++MRqEgpT/+oq29+73H8AfvZUYdm8lLZRodAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUB3BxKtCDF95Xr+Do/RGvbOKmDuMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTMx
MzMzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG51oQwDQYJKoZIhvcNAQELBQADggEBAI+ntk5el6CxIS+o5mGLvsvuXDGk3fS9
IbNE0+ftw6agcCC6oyvswEZp7tBBdpBu5/qQqQOKVRWdRY7/wfFarnNPSEwz02I7
y7wn2sj2F8g/9DMxHvD9iL6cqiCAxqgaVoSJXHeJ2eZN3s+6WS67GwRWRatXFq8e
iUl4ujqqBzyZibS5Sg5v7PDadB5y+erPxTbnovCI2lVfGczilIJN85RT+9sKs40v
skXmgVet4sD8yz9d9M8lyJ9aizc6OTk49YZi56XXZnlaEAN4YhzYimRucY0qcXLw
HRcAvlLOfqJ/q32IlsYLIJ5PJJXIs0Ec0+fYcMBxFJUYUA5E8sglyVA=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org