Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3234312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: yv5CJKpFl6CQR1bQMoYTOeWhNAIrqKzK2rdpKitR6bo=
Subject key identifier: 6A:EA:13:FC:89:12:B6:62:A7:F1:93:15:1E:E1:A4:C9:DF:35:2F:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6C79CA84E3FE40B9AF2ECF435FD4B3E0644698B9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:57 +0000
ROA not before: Fri 26 Jan 2024 18:57:57 +0000
ROA not after: Fri 24 Jan 2025 19:02:57 +0000
asID: 136787
IP address blocks: 185.222.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:79:ca:84:e3:fe:40:b9:af:2e:cf:43:5f:d4:b3:e0:64:46:98:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:57 2024 GMT
Not After : Jan 24 19:02:57 2025 GMT
Subject: CN=6AEA13FC8912B662A7F193151EE1A4C9DF352F7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:ab:c6:3a:3c:ea:95:7e:8d:43:f7:ab:53:
28:20:25:bd:28:c8:24:30:15:46:d9:7c:38:08:80:
ee:37:89:fd:a9:2a:6a:d3:64:c9:99:74:59:04:c3:
9f:ca:54:dd:36:e9:b1:ed:7f:ff:2b:ec:07:ea:5d:
95:d4:2b:22:e8:d5:60:bd:fc:30:2b:0c:e6:fa:53:
2c:e7:3d:97:1e:c9:9b:3f:66:0a:70:c4:12:2b:86:
52:e7:a6:e9:8a:f9:c1:37:10:21:0d:e0:16:04:c0:
9f:af:42:77:d3:09:6e:c5:ac:51:7f:04:ed:26:cc:
88:26:bf:b1:bb:06:3d:cc:e1:de:d2:cd:35:73:e1:
89:8a:39:7f:9c:e7:29:11:bd:ab:5f:0a:db:33:2c:
3d:b5:38:eb:d5:07:6b:44:f9:77:f6:bd:64:7a:09:
9d:63:be:48:b2:73:59:6f:b9:be:9c:56:7f:da:a1:
d6:3f:1f:1e:37:14:29:58:67:7c:d1:d0:e9:9d:d7:
e0:44:1d:9a:3f:f4:ec:7c:7a:fc:aa:24:f4:c6:ac:
43:a8:3e:74:fc:18:71:ef:dc:31:25:f3:f8:f4:10:
4e:41:01:59:0c:50:ea:6e:74:b2:43:01:73:b0:54:
4b:7b:22:7b:85:59:5c:02:87:64:de:37:54:78:3b:
1a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EA:13:FC:89:12:B6:62:A7:F1:93:15:1E:E1:A4:C9:DF:35:2F:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.241.0/24
Signature Algorithm: sha256WithRSAEncryption
18:43:d1:cd:43:34:c2:48:91:b0:40:ba:7c:2e:a4:7f:9e:39:
4e:cd:97:ac:2d:6a:e8:0a:f3:19:ba:ca:9e:10:3d:c1:f9:61:
b1:9f:d5:24:14:00:2c:28:58:57:3c:4b:75:68:6b:25:4f:7f:
0a:c8:4d:f4:93:07:64:bb:a1:78:2b:27:3c:c7:7b:71:03:10:
81:c7:6c:a4:df:63:29:b8:13:86:7e:b8:8d:a3:21:42:bf:56:
36:ac:25:93:a8:9e:2a:0f:4f:c7:e1:e1:d4:53:ee:16:8f:13:
74:6f:99:a5:4c:78:d7:94:51:a3:af:a3:a6:01:b3:3f:41:1a:
12:cb:c2:20:47:bc:3b:7d:35:b1:d9:90:9c:50:91:43:e9:ea:
71:17:80:72:09:f7:4f:1d:f8:b8:d7:0b:62:c5:72:8f:0b:a9:
6a:4e:2c:ac:2f:f7:2d:10:7a:7e:91:e7:ea:64:27:c0:1e:68:
e6:f6:e7:3d:01:17:7c:1e:e6:34:70:8d:9a:f8:8c:69:aa:42:
7d:dd:d0:6b:c7:f9:89:b5:a4:f4:07:a3:35:3e:b9:45:77:12:
35:9e:3d:30:31:08:a2:aa:26:89:47:7a:fa:38:35:c8:df:98:
61:cc:a2:65:ff:06:d2:24:87:72:d2:9a:d1:c4:6a:e2:db:95:
e0:c8:61:b1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbHnKhOP+QLmvLs9DX9Sz4GRGmLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3NTdaFw0yNTAxMjQxOTAyNTdaMDMxMTAvBgNV
BAMTKDZBRUExM0ZDODkxMkI2NjJBN0YxOTMxNTFFRTFBNEM5REYzNTJGN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfbqvGOjzqlX6NQ/erUyggJb0o
yCQwFUbZfDgIgO43if2pKmrTZMmZdFkEw5/KVN026bHtf/8r7AfqXZXUKyLo1WC9
/DArDOb6UyznPZceyZs/ZgpwxBIrhlLnpumK+cE3ECEN4BYEwJ+vQnfTCW7FrFF/
BO0mzIgmv7G7Bj3M4d7SzTVz4YmKOX+c5ykRvatfCtszLD21OOvVB2tE+Xf2vWR6
CZ1jvkiyc1lvub6cVn/aodY/Hx43FClYZ3zR0Omd1+BEHZo/9Ox8evyqJPTGrEOo
PnT8GHHv3DEl8/j0EE5BAVkMUOpudLJDAXOwVEt7InuFWVwCh2TeN1R4OxqfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUauoT/IkStmKn8ZMVHuGkyd81L3owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALne8TANBgkqhkiG9w0BAQsFAAOCAQEAGEPRzUM0wkiRsEC6fC6kf545Ts2X
rC1q6ArzGbrKnhA9wflhsZ/VJBQALChYVzxLdWhrJU9/CshN9JMHZLuheCsnPMd7
cQMQgcdspN9jKbgThn64jaMhQr9WNqwlk6ieKg9Px+Hh1FPuFo8TdG+ZpUx415RR
o6+jpgGzP0EaEsvCIEe8O301sdmQnFCRQ+nqcReAcgn3Tx34uNcLYsVyjwupak4s
rC/3LRB6fpHn6mQnwB5o5vbnPQEXfB7mNHCNmviMaapCfd3Qa8f5ibWk9AejNT65
RXcSNZ49MDEIoqomiUd6+jg1yN+YYcyiZf8G0iSHctKa0cRq4tuV4MhhsQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org