Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QweeJPcyogVtpojRQzfl9Sqv0Iq6GV4kgL5hMn/wXO8=
Subject key identifier: 50:CE:31:C0:39:D1:04:5E:BE:43:EE:83:33:EB:98:F6:93:1A:AB:7B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 698E9EC52773B47EA51169CBAA66BF86C31E5074
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:15:05 +0000
ROA not before: Thu 12 Oct 2023 21:10:05 +0000
ROA not after: Thu 10 Oct 2024 21:15:05 +0000
asID: 136787
IP address blocks: 185.225.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:8e:9e:c5:27:73:b4:7e:a5:11:69:cb:aa:66:bf:86:c3:1e:50:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 12 21:10:05 2023 GMT
Not After : Oct 10 21:15:05 2024 GMT
Subject: CN=50CE31C039D1045EBE43EE8333EB98F6931AAB7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2d:33:de:e2:d0:cb:41:18:01:97:73:b0:9a:
bc:ea:28:28:27:de:e0:2f:86:cf:0a:5b:8d:18:55:
eb:29:83:23:e9:2d:77:b3:58:2e:87:de:07:5a:de:
4e:1f:24:7f:1a:4b:cb:70:20:1c:c0:fe:4f:6e:ad:
2e:b8:da:a9:df:8f:9d:21:fd:b3:b2:9c:74:f8:a1:
af:ba:59:e7:ff:85:8a:23:45:03:52:d8:df:1c:41:
1f:c6:0b:8f:55:cd:ee:01:9d:bd:92:57:7a:0d:97:
d5:b4:83:ac:45:26:22:b6:13:52:7a:60:54:32:5d:
a4:25:5b:23:16:55:0d:99:46:bc:59:69:a4:7b:b2:
c7:e7:6b:bf:c1:f9:33:60:d6:d3:8c:bc:f5:3c:6b:
93:21:e8:66:20:09:ac:1f:d6:26:02:55:6a:3f:7d:
a7:2f:d5:ec:c1:a0:f9:d4:4d:4d:b6:60:44:a2:ae:
ff:fc:f1:2b:19:e3:08:c6:92:9e:1f:d7:c7:36:dc:
8c:84:af:7e:2b:bb:ef:ad:d6:a6:c4:f2:4b:40:56:
0d:61:99:1e:eb:26:9e:5c:5f:de:5c:0b:56:6c:7d:
31:ca:ba:b6:31:e8:44:62:11:c2:19:25:01:50:63:
c3:73:16:15:c1:d4:00:ad:8b:62:38:16:f2:03:8f:
83:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CE:31:C0:39:D1:04:5E:BE:43:EE:83:33:EB:98:F6:93:1A:AB:7B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:34:96:09:c7:7b:86:6b:c5:39:a2:e7:00:23:5c:17:a5:68:
ba:09:fb:4a:29:a2:db:53:d0:e4:3c:56:74:fe:02:42:7b:35:
f4:9e:aa:39:64:62:4d:98:c9:06:5a:a4:77:25:f2:b9:d4:bd:
3c:dc:fc:c6:39:1a:34:45:02:d9:d8:bc:51:3f:f4:24:b3:a8:
28:fa:9e:e3:e7:c0:38:9c:43:84:33:60:ca:c5:9b:0c:1b:48:
d8:cb:8f:f7:f9:0b:55:72:bf:f8:ae:e9:5f:8e:dc:74:c9:e7:
da:26:25:18:eb:b4:d1:97:99:59:9a:9d:4c:e8:fe:e4:c4:fe:
58:78:45:38:53:7e:74:6e:a3:01:82:13:e4:46:d8:6d:73:ba:
48:16:bc:ca:7a:4f:17:c7:dd:c4:ba:f3:2f:eb:e1:af:90:5a:
0f:5c:d3:cf:72:72:8e:66:13:e0:15:00:9b:a3:29:ab:ed:c4:
88:67:ec:1b:99:75:6a:c2:ad:3b:df:42:c7:ea:ec:ef:ae:e6:
71:11:ad:44:2a:5c:56:14:a1:97:cc:a8:80:53:9b:2b:73:c6:
95:61:4c:52:25:e4:14:d0:0d:60:15:e6:d5:55:30:20:71:09:
d1:d9:c3:c2:7e:b2:82:40:a3:06:0b:aa:fb:68:c4:51:19:8e:
84:4c:d1:f7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaY6exSdztH6lEWnLqma/hsMeUHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMTIyMTEwMDVaFw0yNDEwMTAyMTE1MDVaMDMxMTAvBgNV
BAMTKDUwQ0UzMUMwMzlEMTA0NUVCRTQzRUU4MzMzRUI5OEY2OTMxQUFCN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpLTPe4tDLQRgBl3OwmrzqKCgn
3uAvhs8KW40YVespgyPpLXezWC6H3gda3k4fJH8aS8twIBzA/k9urS642qnfj50h
/bOynHT4oa+6Wef/hYojRQNS2N8cQR/GC49Vze4Bnb2SV3oNl9W0g6xFJiK2E1J6
YFQyXaQlWyMWVQ2ZRrxZaaR7ssfna7/B+TNg1tOMvPU8a5Mh6GYgCawf1iYCVWo/
facv1ezBoPnUTU22YESirv/88SsZ4wjGkp4f18c23IyEr34ru++t1qbE8ktAVg1h
mR7rJp5cX95cC1ZsfTHKurYx6ERiEcIZJQFQY8NzFhXB1ACti2I4FvIDj4OvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUUM4xwDnRBF6+Q+6DM+uY9pMaq3swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhiTANBgkqhkiG9w0BAQsFAAOCAQEASjSWCcd7hmvFOaLnACNcF6Vougn7
Simi21PQ5DxWdP4CQns19J6qOWRiTZjJBlqkdyXyudS9PNz8xjkaNEUC2di8UT/0
JLOoKPqe4+fAOJxDhDNgysWbDBtI2MuP9/kLVXK/+K7pX47cdMnn2iYlGOu00ZeZ
WZqdTOj+5MT+WHhFOFN+dG6jAYIT5EbYbXO6SBa8ynpPF8fdxLrzL+vhr5BaD1zT
z3JyjmYT4BUAm6Mpq+3EiGfsG5l1asKtO99Cx+rs767mcRGtRCpcVhShl8yogFOb
K3PGlWFMUiXkFNANYBXm1VUwIHEJ0dnDwn6ygkCjBguq+2jEURmOhEzR9w==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org