Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
File: 3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: hDauWjpuFtIDUgLYOZUpJPNjg2GPA0ii8ogv24Z75TI=
Subject key identifier: 3D:EA:5F:7D:7F:61:0A:1B:EC:13:4B:CD:44:32:D7:40:F0:15:79:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 336070341B2585ADEACB5340FFA1CBD000C25002
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:42 +0000
ROA not before: Fri 20 Oct 2023 13:36:42 +0000
ROA not after: Fri 18 Oct 2024 13:41:42 +0000
asID: 51167
IP address blocks: 185.222.242.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:60:70:34:1b:25:85:ad:ea:cb:53:40:ff:a1:cb:d0:00:c2:50:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:42 2023 GMT
Not After : Oct 18 13:41:42 2024 GMT
Subject: CN=3DEA5F7D7F610A1BEC134BCD4432D740F01579B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:44:a4:93:a4:38:40:a4:a5:4a:c5:23:d3:a4:
82:48:47:73:74:ce:cc:4a:b9:21:5b:67:33:d9:5d:
e3:dc:f5:cc:ec:b0:1d:dd:0c:d4:da:38:23:9b:ee:
cc:06:dd:0d:ce:2c:02:21:97:ba:33:67:5c:8c:de:
85:9a:fc:24:c9:0a:d2:99:b1:b0:99:71:ac:1b:81:
a4:cf:2d:36:80:45:db:c1:38:99:90:d1:40:f7:a0:
37:6f:93:41:53:f7:52:cb:1d:d7:16:7f:37:24:3d:
4d:70:4a:2e:fe:85:4f:8a:fb:5c:06:c9:9e:38:e5:
6b:08:1a:39:f1:16:fc:46:7a:74:95:51:58:dd:9e:
84:47:e9:ce:b6:37:de:a4:e4:cb:e0:56:38:13:d1:
bb:d6:25:fb:97:b7:60:43:9f:c0:69:3c:73:f5:30:
cf:c7:47:e3:ce:6b:a9:40:7b:a1:1b:94:0a:62:c4:
48:43:61:27:3a:0b:95:26:7b:b3:1b:09:11:1b:d0:
6d:4c:25:4f:78:48:a1:f6:05:72:12:7d:8a:98:ce:
e4:bf:a7:00:dd:e2:05:32:27:a6:a4:f2:6c:20:8e:
5a:22:29:88:da:2c:2b:39:b5:64:ea:d8:9d:83:83:
d5:43:64:56:7e:d2:70:3b:30:39:24:e5:06:f0:68:
7a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EA:5F:7D:7F:61:0A:1B:EC:13:4B:CD:44:32:D7:40:F0:15:79:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:e5:8a:bb:27:38:7a:89:77:50:1b:10:80:da:16:22:22:72:
6c:b2:78:e9:81:7b:90:51:92:70:b8:e9:ac:9c:fe:78:fb:65:
dd:f8:6c:8a:19:4a:03:b2:cd:03:ce:96:a2:de:cb:6e:3f:91:
8a:b8:d8:a1:e7:6f:a3:13:97:5b:b9:55:fe:f5:65:4e:1c:b5:
03:2e:0f:5b:d5:f5:24:7b:e4:3b:3f:20:13:be:03:38:55:d6:
03:75:2e:80:cf:f2:5c:01:3c:60:d2:f0:2c:81:5f:e2:59:8d:
45:9a:58:fd:ae:f8:b0:6a:f3:49:64:3b:cf:7e:36:c7:51:93:
43:ac:e0:3e:75:07:45:b9:0a:42:5c:11:2b:6f:07:f2:05:06:
fd:97:f4:e9:3e:92:34:2b:25:5a:17:39:7e:60:29:ad:07:22:
ad:19:71:13:b4:46:6c:34:5b:ac:fe:d6:5e:8c:f5:e3:e2:9e:
ac:f7:59:d9:bd:de:ec:9a:24:a8:5c:cf:a0:0e:be:ee:b1:3f:
9e:8d:21:c1:05:95:c4:ed:1e:a9:98:59:24:7a:db:af:2c:81:
d2:5b:74:8b:00:7f:47:da:a1:18:8b:8e:99:46:79:bb:66:c4:
2c:ea:1b:6f:39:76:24:cf:b6:81:51:a2:9f:a7:b8:7a:41:e5:
7d:82:e6:cc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM2BwNBslha3qy1NA/6HL0ADCUAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDJaFw0yNDEwMTgxMzQxNDJaMDMxMTAvBgNV
BAMTKDNERUE1RjdEN0Y2MTBBMUJFQzEzNEJDRDQ0MzJENzQwRjAxNTc5QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoRKSTpDhApKVKxSPTpIJIR3N0
zsxKuSFbZzPZXePc9czssB3dDNTaOCOb7swG3Q3OLAIhl7ozZ1yM3oWa/CTJCtKZ
sbCZcawbgaTPLTaARdvBOJmQ0UD3oDdvk0FT91LLHdcWfzckPU1wSi7+hU+K+1wG
yZ445WsIGjnxFvxGenSVUVjdnoRH6c62N96k5MvgVjgT0bvWJfuXt2BDn8BpPHP1
MM/HR+POa6lAe6EblApixEhDYSc6C5Ume7MbCREb0G1MJU94SKH2BXISfYqYzuS/
pwDd4gUyJ6ak8mwgjloiKYjaLCs5tWTq2J2Dg9VDZFZ+0nA7MDkk5QbwaHoNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPepffX9hChvsE0vNRDLXQPAVebYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53vIwDQYJKoZIhvcNAQELBQADggEBAFvlirsnOHqJd1AbEIDaFiIicmyyeOmB
e5BRknC46ayc/nj7Zd34bIoZSgOyzQPOlqLey24/kYq42KHnb6MTl1u5Vf71ZU4c
tQMuD1vV9SR75Ds/IBO+AzhV1gN1LoDP8lwBPGDS8CyBX+JZjUWaWP2u+LBq80lk
O89+NsdRk0Os4D51B0W5CkJcEStvB/IFBv2X9Ok+kjQrJVoXOX5gKa0HIq0ZcRO0
Rmw0W6z+1l6M9ePinqz3Wdm93uyaJKhcz6AOvu6xP56NIcEFlcTtHqmYWSR6268s
gdJbdIsAf0faoRiLjplGebtmxCzqG285diTPtoFRop+nuHpB5X2C5sw=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org