Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NR58au9C7EL92UkKr3nHoE/kLxNHEwNHOfXQeIO4Rtc=
Subject key identifier: 75:7B:96:2E:01:FB:23:EF:D0:AE:F7:5A:3E:B8:22:66:95:A3:1A:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 395BBDFA76E3378EDF171185D018EA4338CF4970
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:04:53 +0000
ROA not before: Fri 20 Sep 2024 13:59:53 +0000
ROA not after: Fri 19 Sep 2025 14:04:53 +0000
asID: 136787
IP address blocks: 185.216.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:5b:bd:fa:76:e3:37:8e:df:17:11:85:d0:18:ea:43:38:cf:49:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:53 2024 GMT
Not After : Sep 19 14:04:53 2025 GMT
Subject: CN=757B962E01FB23EFD0AEF75A3EB8226695A31A19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:af:13:c4:b5:f1:5d:19:94:a4:6b:13:4b:5c:
39:21:99:91:af:eb:9a:29:21:95:1b:2a:03:0a:3d:
69:fc:c4:c5:87:a6:4b:5b:5b:66:80:94:1b:f3:fd:
0f:0e:fd:69:d1:94:7e:91:9d:33:aa:68:bd:f3:7b:
32:3c:53:0b:b7:f8:54:2f:ea:7d:7c:97:69:c8:72:
03:df:9b:29:68:cc:d9:07:43:8a:ac:bc:24:e2:39:
40:e8:60:17:b7:7a:48:57:0f:79:e3:c7:67:d1:6b:
99:ac:98:2b:4f:5a:01:68:17:c4:6e:6b:00:94:38:
20:01:60:d0:d6:bf:71:47:bc:c5:fa:61:52:39:6e:
63:26:d1:50:4b:57:eb:1e:53:ea:fb:3e:16:dc:5e:
9e:09:60:f5:09:ba:45:d9:56:88:5a:4b:e6:e1:7b:
7d:b5:f0:3e:32:c0:6c:ac:e3:07:d0:38:55:cb:99:
8a:c2:14:58:e5:b7:7d:16:32:37:73:69:4c:b0:2d:
55:08:a2:fd:ef:42:3f:6d:ce:2c:82:ab:45:e3:8b:
84:3f:f1:3a:86:ea:5f:0d:a9:9f:3b:c1:c6:9a:a1:
a3:1c:f1:7b:73:c9:d8:06:a6:7c:49:0f:fc:d5:af:
18:a9:dc:77:ca:93:32:e4:98:90:ba:f0:c0:9a:c0:
d5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7B:96:2E:01:FB:23:EF:D0:AE:F7:5A:3E:B8:22:66:95:A3:1A:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.73.0/24
Signature Algorithm: sha256WithRSAEncryption
57:bd:59:e2:c4:64:28:60:2a:d5:c8:28:58:84:57:b8:0f:05:
67:3c:3e:2d:e0:1b:e3:41:2e:cb:7b:10:52:8b:7d:8b:e6:fd:
22:74:69:b6:ad:35:f8:94:67:1b:f9:a6:bd:af:5f:f3:ca:8f:
f1:2f:a6:4a:97:e1:97:52:7c:29:08:e8:4f:18:16:09:24:a0:
2c:fc:e5:41:fc:83:83:d6:3f:73:31:fa:18:8d:64:c5:96:ca:
43:05:ba:02:9b:93:ff:bc:a9:62:12:8e:46:3e:ad:75:ba:40:
9b:e0:56:d7:00:3e:0b:6d:3e:81:55:b3:6f:91:31:c1:54:a3:
cf:4b:c1:db:8f:28:2a:f6:9a:21:98:a5:d9:6b:0e:2f:2d:66:
df:0c:5f:e2:f1:ae:1e:b7:ca:9e:90:c6:37:9b:cc:e7:55:b1:
e9:83:2a:10:8c:11:b2:77:ac:9c:4a:21:09:95:c2:fe:5f:62:
1d:fb:41:98:17:94:7c:cc:b8:7a:17:30:a5:b1:3b:4d:cb:00:
52:0a:b0:81:78:23:91:38:25:04:0f:69:c7:5d:7c:aa:e4:1b:
35:8f:e9:95:5d:49:8f:94:fe:54:01:22:57:c2:e6:0f:05:cf:
00:ec:bb:32:9d:31:cd:4a:63:59:2c:d8:50:c5:fa:a6:52:36:
7f:f9:54:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOVu9+nbjN47fFxGF0BjqQzjPSXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTNaFw0yNTA5MTkxNDA0NTNaMDMxMTAvBgNV
BAMTKDc1N0I5NjJFMDFGQjIzRUZEMEFFRjc1QTNFQjgyMjY2OTVBMzFBMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNrxPEtfFdGZSkaxNLXDkhmZGv
65opIZUbKgMKPWn8xMWHpktbW2aAlBvz/Q8O/WnRlH6RnTOqaL3zezI8Uwu3+FQv
6n18l2nIcgPfmylozNkHQ4qsvCTiOUDoYBe3ekhXD3njx2fRa5msmCtPWgFoF8Ru
awCUOCABYNDWv3FHvMX6YVI5bmMm0VBLV+seU+r7PhbcXp4JYPUJukXZVohaS+bh
e3218D4ywGys4wfQOFXLmYrCFFjlt30WMjdzaUywLVUIov3vQj9tziyCq0Xji4Q/
8TqG6l8NqZ87wcaaoaMc8XtzydgGpnxJD/zVrxip3HfKkzLkmJC68MCawNX5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdXuWLgH7I+/QrvdaPrgiZpWjGhkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EkwDQYJKoZIhvcNAQELBQADggEBAFe9WeLEZChgKtXIKFiEV7gPBWc8Pi3g
G+NBLst7EFKLfYvm/SJ0abatNfiUZxv5pr2vX/PKj/EvpkqX4ZdSfCkI6E8YFgkk
oCz85UH8g4PWP3Mx+hiNZMWWykMFugKbk/+8qWISjkY+rXW6QJvgVtcAPgttPoFV
s2+RMcFUo89LwduPKCr2miGYpdlrDi8tZt8MX+Lxrh63yp6QxjebzOdVsemDKhCM
EbJ3rJxKIQmVwv5fYh37QZgXlHzMuHoXMKWxO03LAFIKsIF4I5E4JQQPacddfKrk
GzWP6ZVdSY+U/lQBIlfC5g8FzwDsuzKdMc1KY1ks2FDF+qZSNn/5VOE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org