Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
File: 3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: eYrvK7kQ4IeUFqrMXuO/1W6/6HnFAE6pMChbR/Nb2xo=
Subject key identifier: 22:91:4D:27:A0:CF:0D:6A:D9:F9:1D:55:56:CE:FB:9E:85:13:5B:01
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42D8E8237E8A420A09BAFB390AF4B33AB4B47798
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:01 +0000
ROA not before: Mon 26 Feb 2024 08:48:01 +0000
ROA not after: Mon 24 Feb 2025 08:53:01 +0000
asID: 51167
IP address blocks: 185.215.164.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d8:e8:23:7e:8a:42:0a:09:ba:fb:39:0a:f4:b3:3a:b4:b4:77:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:01 2024 GMT
Not After : Feb 24 08:53:01 2025 GMT
Subject: CN=22914D27A0CF0D6AD9F91D5556CEFB9E85135B01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:65:e3:24:e2:8a:84:67:91:82:48:54:53:
7e:50:20:fb:46:5e:76:55:f9:ea:be:9e:c6:fe:8e:
bd:86:e3:7e:6e:d1:87:1f:ca:90:02:eb:fd:c2:57:
42:33:41:21:fd:f8:a0:8f:bf:b1:3a:94:de:72:f8:
03:26:f9:38:91:70:43:59:40:42:b6:2c:42:bc:cd:
6d:9b:2d:49:f5:18:f6:01:6f:6b:78:11:7b:b6:1d:
6e:23:b3:be:96:11:d9:4e:57:4c:67:5a:ad:6e:97:
1c:1c:e9:5c:f9:5d:f2:35:b5:92:3d:10:dc:6d:83:
9c:91:da:d4:9e:36:81:d3:27:80:33:ca:79:84:b0:
70:a3:3a:db:a6:9c:0c:ce:4d:24:77:06:2a:2e:09:
53:12:23:26:4d:64:96:63:de:84:9a:0f:be:43:d2:
73:2b:18:f7:cf:c2:a9:fb:9d:a7:06:35:39:e2:b5:
ce:39:f6:6e:38:f0:a9:02:d3:f3:9b:95:be:d2:4e:
cf:92:7d:78:d7:01:77:b0:0a:ef:82:f5:24:50:fc:
96:dd:98:af:2a:4f:3c:b1:b2:6e:a6:a0:cd:c5:0d:
89:31:33:31:dc:ed:48:45:7b:94:3d:b2:53:11:e7:
ef:c1:52:7c:b2:c6:fb:10:cd:00:b0:e4:a0:48:3f:
12:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:91:4D:27:A0:CF:0D:6A:D9:F9:1D:55:56:CE:FB:9E:85:13:5B:01
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.164.0/23
Signature Algorithm: sha256WithRSAEncryption
39:b3:14:be:01:42:91:37:6c:11:f0:24:4d:b8:9b:7e:4c:85:
bb:9f:20:17:4c:99:7e:56:40:71:62:b1:be:61:01:d8:91:0d:
8a:eb:4b:94:71:36:b5:6a:4c:6c:f2:67:23:c4:ad:92:63:f5:
05:51:60:14:e9:7b:bc:cd:b1:88:2c:1b:3a:ab:77:99:e2:ac:
ed:68:af:b4:a9:64:a1:07:3a:9b:f0:e3:78:5e:e3:39:6a:c3:
e7:ff:1b:27:7c:b9:12:33:1e:ce:64:c6:37:37:69:7c:8f:de:
07:3c:f9:eb:f2:d7:28:f7:46:c0:a2:45:60:fe:a6:28:03:7f:
9f:88:11:42:09:a2:47:75:af:49:90:2d:a1:74:82:83:ad:60:
2d:43:45:40:a0:55:01:ae:74:85:7d:73:dc:38:57:9b:43:57:
45:b4:cf:a3:ae:4f:bc:94:9c:d9:b1:63:ed:72:04:67:7a:f4:
e8:7a:d1:a5:71:c9:21:33:f7:5f:d4:ce:4f:af:83:94:40:20:
95:e8:ad:22:d8:07:cc:ca:96:28:76:7a:ec:06:67:b2:79:55:
de:d8:c9:ae:5e:1b:00:1a:05:b6:48:98:8b:79:c3:d2:68:61:
13:fc:45:4e:a3:bd:6f:8f:9a:dc:11:2f:94:8a:6d:85:66:77:
cf:41:76:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQtjoI36KQgoJuvs5CvSzOrS0d5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDFaFw0yNTAyMjQwODUzMDFaMDMxMTAvBgNV
BAMTKDIyOTE0RDI3QTBDRjBENkFEOUY5MUQ1NTU2Q0VGQjlFODUxMzVCMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn0WXjJOKKhGeRgkhUU35QIPtG
XnZV+eq+nsb+jr2G435u0YcfypAC6/3CV0IzQSH9+KCPv7E6lN5y+AMm+TiRcENZ
QEK2LEK8zW2bLUn1GPYBb2t4EXu2HW4js76WEdlOV0xnWq1ulxwc6Vz5XfI1tZI9
ENxtg5yR2tSeNoHTJ4AzynmEsHCjOtumnAzOTSR3BiouCVMSIyZNZJZj3oSaD75D
0nMrGPfPwqn7nacGNTnitc459m448KkC0/Oblb7STs+SfXjXAXewCu+C9SRQ/Jbd
mK8qTzyxsm6moM3FDYkxMzHc7UhFe5Q9slMR5+/BUnyyxvsQzQCw5KBIPxJlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIpFNJ6DPDWrZ+R1VVs77noUTWwEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzUyZTMx
MzYzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG516QwDQYJKoZIhvcNAQELBQADggEBADmzFL4BQpE3bBHwJE24m35MhbufIBdM
mX5WQHFisb5hAdiRDYrrS5RxNrVqTGzyZyPErZJj9QVRYBTpe7zNsYgsGzqrd5ni
rO1or7SpZKEHOpvw43he4zlqw+f/Gyd8uRIzHs5kxjc3aXyP3gc8+evy1yj3RsCi
RWD+pigDf5+IEUIJokd1r0mQLaF0goOtYC1DRUCgVQGudIV9c9w4V5tDV0W0z6Ou
T7yUnNmxY+1yBGd69Oh60aVxySEz91/Uzk+vg5RAIJXorSLYB8zKlih2euwGZ7J5
Vd7Yya5eGwAaBbZImIt5w9JoYRP8RU6jvW+PmtwRL5SKbYVmd89Bdp0=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org