Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
File: 3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: gM+7WHD8zYyP870Thnw55aFqcMX1x6g99Y1sRizlCYE=
Subject key identifier: 71:8F:2A:7C:EA:A3:6A:F2:E1:94:CE:74:91:13:0A:3C:A6:4E:CE:B5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3B917B4B4A087BEFFC4D6B5F019E46AFCD06E91F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 51167
IP address blocks: 185.217.126.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:91:7b:4b:4a:08:7b:ef:fc:4d:6b:5f:01:9e:46:af:cd:06:e9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=718F2A7CEAA36AF2E194CE7491130A3CA64ECEB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:45:36:59:3d:c3:d5:49:38:2f:cd:40:35:0e:
5b:c6:b1:f4:39:ec:a0:18:1b:0d:fe:46:30:d2:b9:
b6:9e:03:87:98:25:4e:74:64:3a:03:32:64:55:10:
cd:b7:6b:c0:25:28:68:83:c9:bf:aa:b9:cb:2f:1d:
d1:fc:7d:4f:e4:5c:f6:9a:e8:6e:99:12:3b:0f:e9:
04:9f:6e:82:30:78:96:ee:8d:5a:20:9e:28:48:ca:
6a:f6:8b:5a:54:23:e7:6e:f6:64:6f:43:90:f8:7e:
a9:75:d2:4d:56:8b:44:78:f3:64:ca:ac:21:ce:cd:
ce:2c:c6:51:fb:59:e0:21:51:00:e6:d5:5f:94:a2:
10:6c:16:1e:c4:b2:f4:dc:95:d4:8d:15:3e:dc:13:
df:3f:8b:80:1e:57:16:cd:e8:1b:cd:8a:3f:ed:29:
18:16:bb:8b:09:77:b6:9b:33:5c:1e:cb:c2:7b:44:
b0:9c:9c:98:17:dc:11:85:ae:b9:4f:eb:70:92:f1:
f5:48:3b:90:b8:07:08:f8:49:42:4b:35:07:d4:dd:
3e:16:9f:c1:48:38:88:66:36:2d:5e:af:5d:60:46:
c5:2f:87:96:da:f6:a3:a6:5d:47:0e:e0:ef:26:d5:
c0:26:42:ef:c4:62:26:04:1f:cc:a0:f7:c7:12:95:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8F:2A:7C:EA:A3:6A:F2:E1:94:CE:74:91:13:0A:3C:A6:4E:CE:B5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.126.0/23
Signature Algorithm: sha256WithRSAEncryption
31:0f:29:84:a9:53:27:34:1f:82:75:2a:22:ac:da:89:8f:9c:
19:91:4b:7e:b1:59:ab:53:86:3f:67:2a:ae:68:63:24:d5:14:
ba:1c:6e:2b:50:11:1d:c4:06:63:29:6c:c4:11:7b:0f:a4:5d:
ee:99:6f:aa:e8:32:f6:0f:ab:48:a7:91:a3:0a:b8:de:a4:8f:
0a:73:d8:39:20:b5:d9:7b:ec:3f:83:e9:d1:64:be:46:82:7e:
6e:43:17:b4:10:69:83:e3:03:92:d3:a1:35:d7:8a:90:5f:07:
9f:f0:c2:b2:68:b9:6e:f7:a7:52:ba:3a:cf:b0:e7:ef:9e:10:
96:59:b8:ca:4c:7c:97:a4:06:27:e2:5b:b0:19:82:46:45:66:
a3:e9:ab:4c:50:46:24:56:62:34:1c:36:78:c5:c8:a7:b4:f5:
3a:51:95:5a:5e:34:7e:95:85:83:fe:9d:cd:86:20:a0:27:88:
f5:03:25:08:18:6c:f8:b8:ab:ab:f3:2b:5a:8d:b5:83:f8:cb:
ec:e7:70:91:40:80:34:95:72:dc:c3:ac:62:5e:3b:60:19:0d:
0e:93:d3:71:44:2b:02:ab:12:05:2e:8b:ce:4e:fa:3a:e7:f5:
d2:b9:cd:3d:b4:cf:e9:52:b3:43:8b:b3:d1:d5:ec:34:8a:45:
db:0f:93:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUO5F7S0oIe+/8TWtfAZ5Gr80G6R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKDcxOEYyQTdDRUFBMzZBRjJFMTk0Q0U3NDkxMTMwQTNDQTY0RUNFQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrRTZZPcPVSTgvzUA1DlvGsfQ5
7KAYGw3+RjDSubaeA4eYJU50ZDoDMmRVEM23a8AlKGiDyb+qucsvHdH8fU/kXPaa
6G6ZEjsP6QSfboIweJbujVognihIymr2i1pUI+du9mRvQ5D4fql10k1Wi0R482TK
rCHOzc4sxlH7WeAhUQDm1V+UohBsFh7EsvTcldSNFT7cE98/i4AeVxbN6BvNij/t
KRgWu4sJd7abM1wey8J7RLCcnJgX3BGFrrlP63CS8fVIO5C4Bwj4SUJLNQfU3T4W
n8FIOIhmNi1er11gRsUvh5ba9qOmXUcO4O8m1cAmQu/EYiYEH8yg98cSldUlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcY8qfOqjavLhlM50kRMKPKZOzrUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzIzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG52X4wDQYJKoZIhvcNAQELBQADggEBADEPKYSpUyc0H4J1KiKs2omPnBmRS36x
WatThj9nKq5oYyTVFLocbitQER3EBmMpbMQRew+kXe6Zb6roMvYPq0inkaMKuN6k
jwpz2Dkgtdl77D+D6dFkvkaCfm5DF7QQaYPjA5LToTXXipBfB5/wwrJouW73p1K6
Os+w5++eEJZZuMpMfJekBifiW7AZgkZFZqPpq0xQRiRWYjQcNnjFyKe09TpRlVpe
NH6VhYP+nc2GIKAniPUDJQgYbPi4q6vzK1qNtYP4y+zncJFAgDSVctzDrGJeO2AZ
DQ6T03FEKwKrEgUui85O+jrn9dK5zT20z+lSs0OLs9HV7DSKRdsPk4g=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org