Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QmGe6VpcwW3oFiCTa+A3jchads+ISEcfRSzHNLk1db0=
Subject key identifier: F5:79:FA:D5:2D:A5:D0:74:2D:3D:D0:FF:1A:74:D9:9A:54:2F:4E:F9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7FBAB94C6F7E09F8DFE71865B9A9C2E696C9D699
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:50:15 +0000
ROA not before: Sun 26 Nov 2023 19:45:15 +0000
ROA not after: Sun 24 Nov 2024 19:50:15 +0000
asID: 136787
IP address blocks: 185.222.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:ba:b9:4c:6f:7e:09:f8:df:e7:18:65:b9:a9:c2:e6:96:c9:d6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:45:15 2023 GMT
Not After : Nov 24 19:50:15 2024 GMT
Subject: CN=F579FAD52DA5D0742D3DD0FF1A74D99A542F4EF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:21:8a:1d:d0:75:4f:33:6e:61:c9:7a:a5:
53:97:d4:11:5f:7f:a7:3c:ec:2c:73:bd:f1:45:38:
69:76:86:6f:cf:ec:6e:92:bc:d6:b7:28:91:3f:7c:
28:74:45:df:65:a3:f0:4d:b6:47:bd:a6:46:a9:28:
37:bd:81:07:d7:8f:dd:52:57:61:21:9d:33:69:e0:
d0:fa:e1:e9:f9:5b:41:4b:a5:82:fa:f4:e0:01:3b:
3c:33:c6:67:8a:2f:e5:c6:c5:19:c0:b6:b8:85:00:
8e:eb:94:15:ea:d2:1f:83:d7:ec:dd:a7:ea:e6:9a:
df:11:46:37:24:14:99:2a:00:e2:44:c9:2f:c3:05:
18:a0:93:ed:73:53:31:f6:f2:df:ba:1a:14:10:fd:
04:86:14:fe:8f:03:a4:f9:46:1b:49:ef:18:f7:30:
b5:e3:6a:9f:f0:49:4b:75:b5:82:c3:2b:4c:55:f3:
a4:a8:87:8e:fb:20:50:d9:1d:50:2b:63:6e:01:35:
ae:ee:ae:2e:c9:9c:ad:93:c5:42:ab:8b:5e:2e:4e:
68:c8:0d:77:e9:bd:ae:5e:73:74:01:61:46:d2:74:
c7:6e:6a:80:bc:38:8a:5a:78:6d:14:2a:63:a7:27:
86:34:3c:8c:81:84:a6:e5:de:4e:6f:18:2f:e7:5c:
84:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:79:FA:D5:2D:A5:D0:74:2D:3D:D0:FF:1A:74:D9:9A:54:2F:4E:F9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.137.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:47:aa:f4:a3:a9:fa:0a:73:a8:c5:4d:e0:2b:23:4f:04:1a:
54:02:05:44:5f:89:e7:22:ec:4c:55:0f:92:d8:cc:9e:90:10:
69:9d:e4:36:84:12:4e:eb:fd:17:d7:15:c9:f8:84:85:cc:39:
8f:bd:73:ce:56:8f:6e:3a:a4:40:43:5c:28:c9:9c:97:3a:7e:
37:18:5f:e8:18:4e:ca:e9:ec:0a:64:c7:1f:6d:53:09:ab:fc:
e4:50:b8:f5:10:cc:fc:38:46:0f:f9:4f:d4:ca:7f:03:c8:d8:
9a:e0:03:4d:ce:82:35:8e:3e:0f:57:65:bd:08:d0:fe:81:c0:
b1:29:17:7b:d5:ac:a7:87:2a:21:73:25:d2:ed:de:52:d0:c0:
28:cc:91:7b:cf:b2:43:93:2b:b0:7f:1e:6b:b8:8e:4b:79:f7:
f1:62:97:c3:15:6e:6f:17:2a:70:10:ed:d6:97:a0:6f:65:53:
36:87:32:3a:3a:45:77:be:95:94:1c:6f:b7:51:67:59:ad:84:
f4:1a:e5:b9:27:3c:46:5b:6b:f1:5c:ec:f1:6d:60:d3:41:ca:
7c:ee:55:d0:7e:60:e5:64:f6:df:f4:52:6d:d4:3c:47:1f:69:
98:7f:59:95:30:29:dc:48:fd:4e:63:48:67:5e:c3:68:6c:23:
01:c4:90:5f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUf7q5TG9+Cfjf5xhluanC5pbJ1pkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ1MTVaFw0yNDExMjQxOTUwMTVaMDMxMTAvBgNV
BAMTKEY1NzlGQUQ1MkRBNUQwNzQyRDNERDBGRjFBNzREOTlBNTQyRjRFRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDADiGKHdB1TzNuYcl6pVOX1BFf
f6c87CxzvfFFOGl2hm/P7G6SvNa3KJE/fCh0Rd9lo/BNtke9pkapKDe9gQfXj91S
V2EhnTNp4ND64en5W0FLpYL69OABOzwzxmeKL+XGxRnAtriFAI7rlBXq0h+D1+zd
p+rmmt8RRjckFJkqAOJEyS/DBRigk+1zUzH28t+6GhQQ/QSGFP6PA6T5RhtJ7xj3
MLXjap/wSUt1tYLDK0xV86Soh477IFDZHVArY24BNa7uri7JnK2TxUKri14uTmjI
DXfpva5ec3QBYUbSdMduaoC8OIpaeG0UKmOnJ4Y0PIyBhKbl3k5vGC/nXIRnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU9Xn61S2l0HQtPdD/GnTZmlQvTvkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALneiTANBgkqhkiG9w0BAQsFAAOCAQEAP0eq9KOp+gpzqMVN4CsjTwQaVAIF
RF+J5yLsTFUPktjMnpAQaZ3kNoQSTuv9F9cVyfiEhcw5j71zzlaPbjqkQENcKMmc
lzp+Nxhf6BhOyunsCmTHH21TCav85FC49RDM/DhGD/lP1Mp/A8jYmuADTc6CNY4+
D1dlvQjQ/oHAsSkXe9Wsp4cqIXMl0u3eUtDAKMyRe8+yQ5MrsH8ea7iOS3n38WKX
wxVubxcqcBDt1pegb2VTNocyOjpFd76VlBxvt1FnWa2E9BrluSc8Rltr8Vzs8W1g
00HKfO5V0H5g5WT23/RSbdQ8Rx9pmH9ZlTAp3Ej9TmNIZ17DaGwjAcSQXw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org