Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
File: 3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: iKoimXZcCdPbEeY4PIvmfSjYrYy/DUQ9Jpn8YMsJZX0=
Subject key identifier: 9D:BD:67:B4:2F:BC:61:7A:CF:82:55:B5:65:B8:A0:DC:C4:02:CA:2D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30D2D20FC9137BF3ACA7F277BC2739E92FFE628A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
Signing time: Fri 20 Sep 2024 14:04:55 +0000
ROA not before: Fri 20 Sep 2024 13:59:55 +0000
ROA not after: Fri 19 Sep 2025 14:04:55 +0000
asID: 47583
IP address blocks: 185.214.132.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d2:d2:0f:c9:13:7b:f3:ac:a7:f2:77:bc:27:39:e9:2f:fe:62:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:55 2024 GMT
Not After : Sep 19 14:04:55 2025 GMT
Subject: CN=9DBD67B42FBC617ACF8255B565B8A0DCC402CA2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:7c:3d:d0:cf:30:92:90:5a:d6:81:61:20:
8e:ac:19:ac:40:b1:0f:56:c2:28:23:c7:84:29:bd:
7e:2b:9b:54:d3:4f:2d:5f:88:83:cb:77:e1:78:24:
8b:a0:60:46:66:0d:92:a6:83:bf:22:86:1e:b7:6c:
56:f4:8b:71:e7:5b:0c:9a:da:72:18:d9:bf:f3:a7:
69:b5:90:cb:e9:fa:c5:b5:83:c2:41:93:2d:ca:ae:
25:f2:93:64:33:6d:ad:84:2c:08:be:77:be:b7:b0:
f6:4f:a5:71:e7:62:34:9b:3a:73:ba:62:cc:d1:a9:
b9:86:c4:0b:43:b6:c9:30:87:eb:b5:05:b6:ed:eb:
7a:93:7e:3f:00:1d:de:2e:39:d0:eb:da:d5:13:42:
b4:26:07:62:80:d0:5f:10:1d:b8:a8:d1:3f:e7:ad:
92:2d:3c:36:5f:8f:0b:ac:de:25:84:cb:e0:54:6c:
ea:4a:bc:3c:3f:e8:88:f5:aa:65:8d:92:b7:d3:8e:
53:78:54:51:23:04:7a:06:66:be:8f:da:3f:31:1e:
18:ce:ed:c1:d9:1b:c3:12:94:fd:6c:a4:a6:9c:6e:
8e:e8:e4:fa:90:3e:fd:19:3c:99:4a:fb:01:50:0e:
71:3a:f0:f1:2a:45:54:55:96:e9:c8:30:d5:23:7c:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BD:67:B4:2F:BC:61:7A:CF:82:55:B5:65:B8:A0:DC:C4:02:CA:2D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133322e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.132.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:57:46:e6:13:66:17:a8:7c:47:d2:f8:18:03:ac:99:1d:2f:
73:50:30:e5:22:04:13:04:98:3d:94:2a:8e:1d:0a:38:c1:92:
ca:e0:62:ad:05:05:49:46:cd:7b:ce:e5:be:3a:44:6f:4a:3c:
1b:b0:0c:6d:40:13:f1:9f:88:48:05:5a:64:41:1c:fa:3a:45:
09:a5:22:20:dd:9d:86:69:de:62:23:40:c0:8f:db:d7:83:6e:
94:7b:c7:8f:d9:04:5a:36:c9:a3:50:1a:63:7c:ea:5d:9e:15:
0d:0d:4f:a6:bb:c6:f2:03:6f:35:50:a8:27:96:89:1d:a2:f8:
3a:c5:33:f2:1c:f7:af:01:ea:03:da:0a:a1:08:d0:6d:05:ae:
8c:7a:51:da:2e:d6:6b:b9:83:22:fe:be:5e:cf:bf:dc:d3:df:
4e:02:f4:df:e5:93:8f:8d:51:e4:ba:d2:25:fd:f7:43:9d:05:
a9:7e:c7:5b:06:80:c6:dc:c2:08:3a:8c:25:7e:2d:ee:11:6a:
ca:54:47:cc:69:73:36:e5:01:50:27:ac:bd:72:55:1b:93:9b:
92:11:0e:00:3b:9b:49:29:4a:66:85:be:6f:6b:29:40:f9:2c:
c1:7e:5d:38:03:c5:2d:d6:6d:06:e1:48:7a:fa:7f:4c:e7:0a:
75:78:f4:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMNLSD8kTe/Osp/J3vCc56S/+YoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTVaFw0yNTA5MTkxNDA0NTVaMDMxMTAvBgNV
BAMTKDlEQkQ2N0I0MkZCQzYxN0FDRjgyNTVCNTY1QjhBMERDQzQwMkNBMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqOXw90M8wkpBa1oFhII6sGaxA
sQ9Wwigjx4QpvX4rm1TTTy1fiIPLd+F4JIugYEZmDZKmg78ihh63bFb0i3HnWwya
2nIY2b/zp2m1kMvp+sW1g8JBky3KriXyk2Qzba2ELAi+d763sPZPpXHnYjSbOnO6
YszRqbmGxAtDtskwh+u1Bbbt63qTfj8AHd4uOdDr2tUTQrQmB2KA0F8QHbio0T/n
rZItPDZfjwus3iWEy+BUbOpKvDw/6Ij1qmWNkrfTjlN4VFEjBHoGZr6P2j8xHhjO
7cHZG8MSlP1spKacbo7o5PqQPv0ZPJlK+wFQDnE68PEqRVRVlunIMNUjfEJjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnb1ntC+8YXrPglW1Zbig3MQCyi0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTMx
MzMzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG51oQwDQYJKoZIhvcNAQELBQADggEBADpXRuYTZheofEfS+BgDrJkdL3NQMOUi
BBMEmD2UKo4dCjjBksrgYq0FBUlGzXvO5b46RG9KPBuwDG1AE/GfiEgFWmRBHPo6
RQmlIiDdnYZp3mIjQMCP29eDbpR7x4/ZBFo2yaNQGmN86l2eFQ0NT6a7xvIDbzVQ
qCeWiR2i+DrFM/Ic968B6gPaCqEI0G0Frox6Udou1mu5gyL+vl7Pv9zT304C9N/l
k4+NUeS60iX990OdBal+x1sGgMbcwgg6jCV+Le4RaspUR8xpczblAVAnrL1yVRuT
m5IRDgA7m0kpSmaFvm9rKUD5LMF+XTgDxS3WbQbhSHr6f0znCnV49Bg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org