Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
File: 3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: vDg2LDy6BmgudA82pBPuENUgKqG6DG+mLhnSd6a5D7o=
Subject key identifier: 68:82:A6:C9:77:46:6D:63:5A:51:EB:35:A6:5D:1C:35:B1:3F:DD:A5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4B60EE8D16ABBA51A6E6805DA4500432852AC835
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:48 +0000
ROA not before: Fri 20 Oct 2023 13:36:48 +0000
ROA not after: Fri 18 Oct 2024 13:41:48 +0000
asID: 51167
IP address blocks: 185.217.125.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:60:ee:8d:16:ab:ba:51:a6:e6:80:5d:a4:50:04:32:85:2a:c8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:48 2023 GMT
Not After : Oct 18 13:41:48 2024 GMT
Subject: CN=6882A6C977466D635A51EB35A65D1C35B13FDDA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:11:f9:b8:3f:b2:7c:60:4d:fc:61:a9:06:
e1:76:b9:6e:32:65:87:9c:4b:46:44:1e:57:d6:94:
21:c0:b8:4a:cb:62:10:22:d1:cc:bb:a7:2b:98:fe:
8a:7d:ac:cd:ee:8a:11:2a:35:9f:34:da:3a:d9:6e:
9b:3a:0a:2e:d1:48:c4:f1:fe:88:12:29:da:e6:77:
6c:5a:4c:50:c7:73:7c:04:29:0a:c0:2c:25:c1:2c:
7f:10:50:7d:ce:0c:b5:44:c7:9c:9b:87:a9:eb:a0:
4c:bb:15:5c:ae:10:ee:02:78:c1:cb:a6:b1:7c:16:
f3:db:18:86:04:d7:66:ec:bc:f1:37:79:6b:fe:86:
52:20:21:4b:5b:d3:d4:2f:cf:7d:28:bd:a6:b8:dd:
f3:9f:9d:ae:3a:a3:75:87:ea:5d:76:99:0d:0f:5a:
fc:33:ad:a5:00:30:85:f9:69:13:2b:b7:f7:0a:e8:
69:52:7b:4d:11:b0:bd:ce:ac:ec:dc:5a:2d:53:00:
00:5d:14:e7:7f:93:03:a4:a5:65:d9:df:88:a9:e8:
6a:20:ef:c9:0c:57:88:54:18:f8:c9:95:eb:82:10:
10:71:32:1d:e1:21:d2:fa:75:cd:1b:3a:e6:bb:9e:
d1:2b:25:4d:01:bf:d9:bd:58:2e:08:46:65:aa:e5:
21:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:82:A6:C9:77:46:6D:63:5A:51:EB:35:A6:5D:1C:35:B1:3F:DD:A5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.125.0/24
Signature Algorithm: sha256WithRSAEncryption
74:bb:57:24:6d:e4:b5:e5:4b:c7:1d:3e:aa:d0:15:af:e4:d5:
b9:ae:54:50:61:f8:15:a3:93:06:da:13:ed:9d:d4:fd:10:2d:
4d:7c:6b:e7:b4:28:c4:b2:55:aa:64:a6:67:d1:f8:40:9e:43:
8d:5c:80:4f:50:75:6f:d2:05:49:3b:04:ec:86:e4:7e:4c:4f:
bf:dc:00:5f:f6:c8:e2:f8:62:9e:a1:2f:0c:bc:bd:29:d6:76:
31:12:18:d2:21:36:08:35:4f:74:41:1f:47:37:b3:e3:fa:2f:
61:86:02:91:ba:38:95:e7:76:f1:09:e9:1f:e7:a2:e4:96:63:
9d:15:da:1b:e8:39:08:a4:41:ff:22:13:b9:df:63:58:d5:ec:
59:bf:d0:7a:1e:5f:8a:e5:85:09:75:22:30:cf:cd:36:cf:23:
c5:80:8c:0e:ff:a5:c0:ae:9f:c6:c4:84:45:e7:fe:9f:44:80:
c7:5e:e0:b6:c2:5f:71:50:96:3d:cb:95:69:6e:2a:27:a3:0e:
2d:22:b1:54:1b:3a:6b:69:fb:70:16:82:8d:9a:17:65:d9:d2:
13:de:77:b8:7b:70:06:41:79:fd:bd:59:2c:60:af:b8:1c:a3:
88:d4:53:02:9d:e1:6f:37:2f:64:f0:a7:2d:c2:dc:87:a5:ab:
a5:44:c9:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS2DujRarulGm5oBdpFAEMoUqyDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDhaFw0yNDEwMTgxMzQxNDhaMDMxMTAvBgNV
BAMTKDY4ODJBNkM5Nzc0NjZENjM1QTUxRUIzNUE2NUQxQzM1QjEzRkREQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxoBH5uD+yfGBN/GGpBuF2uW4y
ZYecS0ZEHlfWlCHAuErLYhAi0cy7pyuY/op9rM3uihEqNZ802jrZbps6Ci7RSMTx
/ogSKdrmd2xaTFDHc3wEKQrALCXBLH8QUH3ODLVEx5ybh6nroEy7FVyuEO4CeMHL
prF8FvPbGIYE12bsvPE3eWv+hlIgIUtb09Qvz30ovaa43fOfna46o3WH6l12mQ0P
WvwzraUAMIX5aRMrt/cK6GlSe00RsL3OrOzcWi1TAABdFOd/kwOkpWXZ34ip6Gog
78kMV4hUGPjJleuCEBBxMh3hIdL6dc0bOua7ntErJU0Bv9m9WC4IRmWq5SFfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaIKmyXdGbWNaUes1pl0cNbE/3aUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzIzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52X0wDQYJKoZIhvcNAQELBQADggEBAHS7VyRt5LXlS8cdPqrQFa/k1bmuVFBh
+BWjkwbaE+2d1P0QLU18a+e0KMSyVapkpmfR+ECeQ41cgE9QdW/SBUk7BOyG5H5M
T7/cAF/2yOL4Yp6hLwy8vSnWdjESGNIhNgg1T3RBH0c3s+P6L2GGApG6OJXndvEJ
6R/nouSWY50V2hvoOQikQf8iE7nfY1jV7Fm/0HoeX4rlhQl1IjDPzTbPI8WAjA7/
pcCun8bEhEXn/p9EgMde4LbCX3FQlj3LlWluKiejDi0isVQbOmtp+3AWgo2aF2XZ
0hPed7h7cAZBef29WSxgr7gco4jUUwKd4W83L2Twpy3C3Ielq6VEyfE=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org