Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
File: 3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Swbv81BcOaPGsKO0gERARRMfctsdcXfW+I7FAilZ2d0=
Subject key identifier: 52:A1:8A:FE:BD:BE:B3:A3:29:44:7F:CE:36:90:80:C0:D7:6A:1F:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0F85E50DD08F73982415D4FFC49FF906D767EFC3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:58 +0000
ROA not before: Fri 20 Oct 2023 13:36:58 +0000
ROA not after: Fri 18 Oct 2024 13:41:58 +0000
asID: 136787
IP address blocks: 185.221.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:85:e5:0d:d0:8f:73:98:24:15:d4:ff:c4:9f:f9:06:d7:67:ef:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:58 2023 GMT
Not After : Oct 18 13:41:58 2024 GMT
Subject: CN=52A18AFEBDBEB3A329447FCE369080C0D76A1FF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e4:1f:d6:e4:77:a7:7a:18:63:e2:49:70:a7:
92:e3:d3:f1:82:f3:8a:ea:67:3a:92:03:41:ad:61:
7f:b1:eb:c9:a3:3f:09:db:14:c2:54:cf:f8:eb:f4:
20:55:48:b2:42:37:3a:07:dd:10:86:5a:f8:e0:f4:
e5:21:45:43:9f:84:ef:7e:aa:9f:1b:82:e3:e5:77:
05:d2:1d:c2:fd:bb:4d:f5:34:08:0f:83:61:78:2c:
91:6c:a4:88:03:9d:60:3d:31:e2:72:56:13:80:b9:
4f:e6:5c:a2:37:c2:7e:80:14:c4:e3:b7:d0:c6:55:
bf:e7:1d:7e:e6:b6:96:3d:95:fd:df:bf:0c:9c:96:
d7:ec:15:ab:9f:65:4a:10:85:f8:3b:da:95:dd:8b:
b8:1e:1d:e4:17:c1:5a:5d:01:08:88:29:30:da:ca:
f4:9c:8a:79:9b:03:03:7c:30:e1:0c:2d:1f:eb:2d:
1b:cd:43:86:f7:0c:9e:92:f6:f5:c2:47:41:e2:bd:
93:72:e6:3b:9d:f1:c1:1a:6d:a3:6f:a5:fa:d2:54:
78:48:df:47:d8:de:64:a3:85:fc:e2:bb:6f:79:d0:
79:f0:d3:18:ae:ef:ca:bb:c3:64:23:80:cc:21:d6:
cb:d3:ef:cb:65:48:c0:fe:92:b1:2d:46:51:21:06:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A1:8A:FE:BD:BE:B3:A3:29:44:7F:CE:36:90:80:C0:D7:6A:1F:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.134.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:c7:b7:22:d6:d0:35:09:0f:a0:ff:1b:8e:14:be:08:7f:1f:
bd:5e:17:9e:f8:b0:1c:48:b9:f8:f8:cd:08:43:5d:db:61:11:
e2:b2:2f:50:94:10:ca:26:a6:b4:7e:72:49:73:36:29:38:d4:
15:27:b6:fb:52:cf:b9:18:e6:93:93:20:5a:71:ec:a8:dd:40:
2d:3e:a1:5b:b0:fb:e2:3a:e1:3a:d1:fc:c7:03:2e:0e:39:b9:
6a:37:96:b9:98:31:fd:30:bd:8c:36:38:6b:ee:32:51:2f:2f:
cc:e1:41:ab:98:0d:f1:0f:5b:f2:d7:20:9e:aa:c2:bb:52:17:
84:1a:3e:2e:19:6b:2d:35:22:e5:a6:22:8c:cc:a9:24:ac:d8:
5d:72:b5:76:fa:a0:93:ec:99:1b:b8:e4:d4:0e:c2:60:f3:18:
ae:12:47:13:b3:d2:40:fc:95:1c:75:81:bb:47:ff:70:2a:ca:
a3:f7:73:a1:da:3c:6e:f2:06:67:4f:32:f5:57:15:8a:85:2b:
43:24:7b:02:ab:fe:9e:02:39:d7:5c:c8:ee:24:a3:89:50:10:
82:8c:b9:44:e7:98:fb:1d:a3:9c:eb:59:69:34:3e:d0:b2:5f:
81:1a:05:f5:6a:22:fe:07:0f:2d:8d:fe:a8:d9:91:be:b0:63:
d4:46:ee:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUD4XlDdCPc5gkFdT/xJ/5Btdn78MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NThaFw0yNDEwMTgxMzQxNThaMDMxMTAvBgNV
BAMTKDUyQTE4QUZFQkRCRUIzQTMyOTQ0N0ZDRTM2OTA4MEMwRDc2QTFGRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC85B/W5Henehhj4klwp5Lj0/GC
84rqZzqSA0GtYX+x68mjPwnbFMJUz/jr9CBVSLJCNzoH3RCGWvjg9OUhRUOfhO9+
qp8bguPldwXSHcL9u031NAgPg2F4LJFspIgDnWA9MeJyVhOAuU/mXKI3wn6AFMTj
t9DGVb/nHX7mtpY9lf3fvwycltfsFaufZUoQhfg72pXdi7geHeQXwVpdAQiIKTDa
yvScinmbAwN8MOEMLR/rLRvNQ4b3DJ6S9vXCR0HivZNy5jud8cEabaNvpfrSVHhI
30fY3mSjhfziu2950Hnw0xiu78q7w2QjgMwh1svT78tlSMD+krEtRlEhBiEzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUUqGK/r2+s6MpRH/ONpCAwNdqH/YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzEyZTMx
MzMzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbndhjANBgkqhkiG9w0BAQsFAAOCAQEAC8e3ItbQNQkPoP8bjhS+CH8fvV4X
nviwHEi5+PjNCENd22ER4rIvUJQQyiamtH5ySXM2KTjUFSe2+1LPuRjmk5MgWnHs
qN1ALT6hW7D74jrhOtH8xwMuDjm5ajeWuZgx/TC9jDY4a+4yUS8vzOFBq5gN8Q9b
8tcgnqrCu1IXhBo+LhlrLTUi5aYijMypJKzYXXK1dvqgk+yZG7jk1A7CYPMYrhJH
E7PSQPyVHHWBu0f/cCrKo/dzodo8bvIGZ08y9VcVioUrQyR7Aqv+ngI511zI7iSj
iVAQgoy5ROeY+x2jnOtZaTQ+0LJfgRoF9Woi/gcPLY3+qNmRvrBj1Ebufw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org