Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
File: 3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: WuApr4402jUPO9+gPX+mG5ZXHx1kYVd8fcVAENpS9K0=
Subject key identifier: AE:01:8C:AC:11:36:43:21:70:75:31:FC:C3:8B:8A:E4:B4:EF:7C:78
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 16BCBB83529A0056A77BF560DC11F90E4397B09A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:22 +0000
ROA not before: Mon 26 Feb 2024 08:48:22 +0000
ROA not after: Mon 24 Feb 2025 08:53:22 +0000
asID: 136787
IP address blocks: 185.217.170.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:bc:bb:83:52:9a:00:56:a7:7b:f5:60:dc:11:f9:0e:43:97:b0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:22 2024 GMT
Not After : Feb 24 08:53:22 2025 GMT
Subject: CN=AE018CAC11364321707531FCC38B8AE4B4EF7C78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c4:9a:ce:3f:6e:2b:e1:18:56:a0:03:50:ea:
c3:9e:bf:84:57:25:23:5e:38:63:50:d6:9d:3a:be:
f1:8f:00:f9:fb:50:d3:14:d5:f4:ed:0f:e2:69:de:
e1:49:67:90:98:66:57:ef:cf:34:5e:d9:8a:f6:2a:
b4:25:f3:6d:dc:cd:6d:75:98:e5:6c:67:69:a2:04:
f9:26:6d:79:bc:8b:96:ad:2c:a9:a1:64:60:4f:f3:
32:e5:4d:9e:1f:bf:7c:d8:6f:3b:46:03:65:cd:0b:
2f:56:49:07:25:5e:90:80:41:05:01:85:59:34:7f:
5d:dd:30:2a:56:a7:67:bd:db:af:ce:17:35:4c:b9:
22:96:48:e4:97:62:80:4d:11:99:4d:d6:a5:e1:ae:
47:f7:9a:fa:51:7a:e3:f9:04:39:32:56:09:fe:6f:
6e:d4:9d:dc:09:77:5e:f9:d0:36:40:2d:e2:dc:7e:
2b:b5:f1:f9:57:63:73:1a:08:bf:8a:bc:e7:08:58:
54:e1:a5:9b:87:54:ae:aa:bd:0a:2c:e0:8f:a5:3f:
4c:26:a3:2b:7a:ce:b8:a7:9f:c6:35:6a:84:6d:b2:
c9:38:62:0e:68:33:d7:fc:94:4b:5e:b1:62:62:5b:
a0:40:d6:86:23:e7:3f:7c:3c:f7:4b:47:f1:40:91:
d3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:01:8C:AC:11:36:43:21:70:75:31:FC:C3:8B:8A:E4:B4:EF:7C:78
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:28:69:2f:cc:70:f4:d1:5a:ff:f4:08:af:1e:5b:4c:49:24:
cd:4e:0e:96:22:72:ff:1f:cc:89:be:80:2a:f0:37:5d:6b:23:
74:4e:f3:b6:9b:0a:c5:8e:4f:2f:0d:ac:c9:f0:4f:41:6f:7e:
cf:dc:15:0b:14:3a:65:f1:83:db:5f:3a:c8:42:da:4c:1a:0f:
8d:6d:44:66:3b:b4:d8:0d:e8:c4:ff:13:2b:df:d1:a9:91:a9:
15:c9:1b:3e:27:5d:2a:98:63:d8:da:19:13:92:08:fb:97:d0:
01:7c:56:9e:cf:22:bb:8b:03:5e:6b:d3:51:8c:8a:2b:c5:5d:
24:2d:95:30:28:d5:e4:7e:ee:ba:05:c6:40:4d:7c:41:8c:9d:
df:89:f6:d5:77:45:c1:94:34:2d:f7:80:68:87:02:85:ca:96:
46:1c:36:88:91:f2:02:fd:fa:4c:d3:40:dc:77:19:9c:d6:5f:
e0:f1:8f:fc:5e:59:7a:ab:ab:70:db:0c:35:64:7f:4b:43:63:
32:61:46:c5:6c:38:8e:30:30:c2:5b:23:22:0b:76:48:32:25:
81:09:8c:9d:1e:4f:14:72:31:51:3f:52:b8:db:42:4e:59:ce:
58:3b:60:01:d6:f2:19:0f:9a:8c:73:7c:b0:17:0c:1a:c6:1c:
d9:f1:fd:93
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFry7g1KaAFane/Vg3BH5DkOXsJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjJaFw0yNTAyMjQwODUzMjJaMDMxMTAvBgNV
BAMTKEFFMDE4Q0FDMTEzNjQzMjE3MDc1MzFGQ0MzOEI4QUU0QjRFRjdDNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnxJrOP24r4RhWoANQ6sOev4RX
JSNeOGNQ1p06vvGPAPn7UNMU1fTtD+Jp3uFJZ5CYZlfvzzRe2Yr2KrQl823czW11
mOVsZ2miBPkmbXm8i5atLKmhZGBP8zLlTZ4fv3zYbztGA2XNCy9WSQclXpCAQQUB
hVk0f13dMCpWp2e926/OFzVMuSKWSOSXYoBNEZlN1qXhrkf3mvpReuP5BDkyVgn+
b27UndwJd1750DZALeLcfiu18flXY3MaCL+KvOcIWFThpZuHVK6qvQos4I+lP0wm
oyt6zrinn8Y1aoRtssk4Yg5oM9f8lEtesWJiW6BA1oYj5z98PPdLR/FAkdMxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrgGMrBE2QyFwdTH8w4uK5LTvfHgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzczMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqjANBgkqhkiG9w0BAQsFAAOCAQEAmihpL8xw9NFa//QIrx5bTEkkzU4O
liJy/x/Mib6AKvA3XWsjdE7ztpsKxY5PLw2syfBPQW9+z9wVCxQ6ZfGD2186yELa
TBoPjW1EZju02A3oxP8TK9/RqZGpFckbPiddKphj2NoZE5II+5fQAXxWns8iu4sD
XmvTUYyKK8VdJC2VMCjV5H7uugXGQE18QYyd34n21XdFwZQ0LfeAaIcChcqWRhw2
iJHyAv36TNNA3HcZnNZf4PGP/F5ZequrcNsMNWR/S0NjMmFGxWw4jjAwwlsjIgt2
SDIlgQmMnR5PFHIxUT9SuNtCTlnOWDtgAdbyGQ+ajHN8sBcMGsYc2fH9kw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org