Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
File: 3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa (raw, json)
Hash identifier: MGbhM8PoVv2+swZ3l6VFC0HpciCh2Bkq9WXawQj/DsM=
Subject key identifier: A9:59:99:2D:0E:90:0C:D4:FE:E3:CA:65:7E:98:78:30:BC:E8:7D:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1EB9EDA4B21E5509D9405B000FEA758D9376AC94
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
Signing time: Fri 20 Oct 2023 13:41:57 +0000
ROA not before: Fri 20 Oct 2023 13:36:57 +0000
ROA not after: Fri 18 Oct 2024 13:41:57 +0000
asID: 213122
IP address blocks: 185.216.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b9:ed:a4:b2:1e:55:09:d9:40:5b:00:0f:ea:75:8d:93:76:ac:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:57 2023 GMT
Not After : Oct 18 13:41:57 2024 GMT
Subject: CN=A959992D0E900CD4FEE3CA657E987830BCE87D71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:46:83:21:c2:9a:49:38:1c:03:40:7f:10:
4b:6d:ef:d1:cb:ba:61:0a:60:f6:43:d8:9e:d6:f8:
c5:7a:30:08:9b:91:d9:52:e8:ac:ab:c8:64:ce:66:
6f:a5:4f:c4:72:69:43:2e:37:25:d9:ff:e8:bb:c6:
2c:54:bc:66:5c:a6:96:09:02:68:07:8c:99:63:9d:
f0:1d:99:c5:4e:78:85:e0:82:b8:92:7f:79:6f:4e:
2e:7f:c9:bc:38:84:90:d3:87:82:f2:46:38:dd:0b:
e8:0f:67:03:c0:79:08:53:30:34:f0:08:4c:05:89:
fc:e5:9f:db:9e:ea:b6:a4:ed:9d:02:7c:23:c8:9f:
44:d0:50:55:dc:f5:fb:bf:88:27:aa:7b:8c:8d:c8:
28:57:5f:b2:83:db:10:d6:ed:3b:54:dd:9a:f3:95:
90:07:af:74:12:99:e7:51:ee:1f:38:84:1c:82:ca:
f2:98:17:c2:da:c0:99:36:7c:2b:72:d9:41:29:01:
25:4f:cc:3b:2b:34:eb:a6:12:cd:ce:10:72:e4:c5:
b9:cb:7c:b4:7a:39:52:cd:64:47:12:18:35:de:2f:
bb:3a:76:35:58:20:71:50:c1:87:c5:12:56:d8:76:
8f:74:0b:e5:b4:1a:aa:1e:e0:b0:be:34:99:a1:3e:
2e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:59:99:2D:0E:90:0C:D4:FE:E3:CA:65:7E:98:78:30:BC:E8:7D:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.72.0/24
Signature Algorithm: sha256WithRSAEncryption
24:97:9a:f8:2d:a0:20:0a:43:f8:f3:41:40:75:62:37:a6:47:
cd:22:47:51:ea:4e:13:75:ba:e3:84:30:58:f6:e9:52:b1:44:
65:c2:f2:8e:89:9f:b6:b9:d7:29:97:e9:a9:67:54:4a:14:81:
0c:9e:38:70:00:bd:dc:23:a0:95:08:66:97:cf:95:65:a7:6c:
1e:e8:24:83:66:31:d0:fe:8d:79:3d:3c:43:2e:2f:88:1d:3e:
6c:06:d9:04:a5:65:34:81:c6:80:22:7c:2a:a0:85:70:84:df:
47:14:60:5e:23:b5:a6:10:54:9c:80:f9:b1:4a:02:09:33:56:
7b:57:7e:46:1a:ce:83:24:a9:00:6e:32:09:a6:37:83:64:4d:
1d:13:fc:f5:86:7f:14:85:3b:19:3f:ee:a9:cc:de:9c:0f:5c:
6a:0e:a7:ec:dc:62:58:36:b4:3d:5a:82:5b:ca:02:cb:d3:d9:
17:ea:7a:e0:87:36:c3:33:03:93:e7:fd:e9:c5:d9:c3:e1:98:
1e:34:0c:06:1a:4b:01:a8:1e:4a:86:80:ac:1f:99:89:d6:51:
82:68:42:83:0d:d3:f4:7d:56:10:a1:bb:18:93:a0:36:e3:cc:
d2:11:3a:48:1b:63:90:57:d3:01:f5:6e:56:b3:f1:35:32:8a:
ff:75:f1:c4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHrntpLIeVQnZQFsAD+p1jZN2rJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTdaFw0yNDEwMTgxMzQxNTdaMDMxMTAvBgNV
BAMTKEE5NTk5OTJEMEU5MDBDRDRGRUUzQ0E2NTdFOTg3ODMwQkNFODdENzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ZEaDIcKaSTgcA0B/EEtt79HL
umEKYPZD2J7W+MV6MAibkdlS6KyryGTOZm+lT8RyaUMuNyXZ/+i7xixUvGZcppYJ
AmgHjJljnfAdmcVOeIXggriSf3lvTi5/ybw4hJDTh4LyRjjdC+gPZwPAeQhTMDTw
CEwFifzln9ue6rak7Z0CfCPIn0TQUFXc9fu/iCeqe4yNyChXX7KD2xDW7TtU3Zrz
lZAHr3QSmedR7h84hByCyvKYF8LawJk2fCty2UEpASVPzDsrNOumEs3OEHLkxbnL
fLR6OVLNZEcSGDXeL7s6djVYIHFQwYfFElbYdo90C+W0Gqoe4LC+NJmhPi4ZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqVmZLQ6QDNT+48plfph4MLzofXEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMTMyMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EgwDQYJKoZIhvcNAQELBQADggEBACSXmvgtoCAKQ/jzQUB1YjemR80iR1Hq
ThN1uuOEMFj26VKxRGXC8o6Jn7a51ymX6alnVEoUgQyeOHAAvdwjoJUIZpfPlWWn
bB7oJINmMdD+jXk9PEMuL4gdPmwG2QSlZTSBxoAifCqghXCE30cUYF4jtaYQVJyA
+bFKAgkzVntXfkYazoMkqQBuMgmmN4NkTR0T/PWGfxSFOxk/7qnM3pwPXGoOp+zc
Ylg2tD1aglvKAsvT2RfqeuCHNsMzA5Pn/enF2cPhmB40DAYaSwGoHkqGgKwfmYnW
UYJoQoMN0/R9VhChuxiToDbjzNIROkgbY5BX0wH1blaz8TUyiv918cQ=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org