Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cmrITfvf34l9E44Ea5H9ZHmRlEsIUVCG67OB5V+DO7o=
Subject key identifier: A1:0B:23:B7:70:AE:58:0B:7C:E2:5B:3E:93:49:69:42:FE:37:B0:80
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D10AF46D4580FA962FB38C380B01001E000F66B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:16:00 +0000
ROA not before: Thu 12 Oct 2023 21:11:00 +0000
ROA not after: Thu 10 Oct 2024 21:16:00 +0000
asID: 136787
IP address blocks: 185.225.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:10:af:46:d4:58:0f:a9:62:fb:38:c3:80:b0:10:01:e0:00:f6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 12 21:11:00 2023 GMT
Not After : Oct 10 21:16:00 2024 GMT
Subject: CN=A10B23B770AE580B7CE25B3E93496942FE37B080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:34:03:53:83:dc:25:b9:5c:b8:68:e6:77:d6:
35:a3:12:c4:aa:45:15:fe:13:9b:cd:89:a4:39:d8:
e5:bc:44:4a:aa:c4:be:5c:4b:d6:cd:13:49:bd:93:
c1:97:4c:5c:9c:8f:9b:46:35:bc:f3:1b:22:32:c8:
a4:ed:0c:38:6b:a5:93:79:26:14:d1:ce:c1:3d:71:
58:f1:dd:5d:6e:a9:e6:71:dc:04:cb:c5:14:e5:c7:
f6:07:2a:a6:83:42:23:f1:ab:ee:53:d4:9f:21:3a:
ad:c1:5f:12:2e:ab:3c:e1:f1:9f:6d:a4:01:e8:08:
b1:f0:e4:de:f9:af:ab:06:a0:b6:c2:9c:ef:bf:d1:
68:95:7e:f9:0e:e3:cd:fa:76:b6:d5:92:de:7a:33:
f9:79:5a:40:71:fe:6e:db:3a:7e:37:97:e6:eb:b6:
9c:99:56:68:6f:58:3d:b9:07:d0:1d:79:5f:bc:4f:
85:14:91:0b:eb:f8:f0:18:e3:14:d9:3c:a0:2e:74:
4f:ca:7a:74:35:a8:43:0e:fa:3c:99:15:1f:58:68:
f5:58:ca:3c:61:b1:4f:7e:7f:ff:a2:95:67:1d:86:
61:9d:64:23:f6:30:19:35:de:65:8d:a0:6f:a8:83:
e9:e0:fb:8d:7b:df:a1:b3:c0:39:43:95:3d:a9:f0:
9f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0B:23:B7:70:AE:58:0B:7C:E2:5B:3E:93:49:69:42:FE:37:B0:80
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.139.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:96:e9:54:5a:3f:72:a3:c6:64:9d:41:07:6a:9d:0a:78:ac:
76:2c:14:49:37:01:be:53:9e:a4:b1:ae:56:32:e3:95:56:7a:
90:5a:22:b5:1f:f5:2c:22:c3:ac:df:0c:5e:33:9e:3b:d6:93:
7b:ed:97:c9:8b:49:f8:c1:54:01:25:b5:a2:93:95:48:8d:4a:
aa:1b:4b:00:41:a2:3f:f4:e6:57:9e:ba:65:f1:22:85:a9:4c:
e8:bf:10:45:9f:90:7d:b1:48:45:b8:b1:a2:df:ac:73:d7:1e:
1c:dc:d2:fb:35:8e:13:27:99:70:52:eb:84:54:55:02:b6:30:
ea:c5:18:46:6b:ce:07:36:92:2b:4d:c4:6b:a0:81:a1:d3:65:
1f:33:5d:f8:14:c4:80:17:ce:df:ab:93:6f:05:89:2e:de:9c:
a1:43:12:0b:27:36:ff:df:4c:ad:a3:1c:e6:f3:30:10:46:4b:
94:29:66:5e:21:8e:33:11:ef:4b:5f:b0:26:16:a7:10:a2:c7:
ab:d8:71:2a:e8:4a:55:ec:d5:13:fa:33:cd:df:88:4d:0c:e2:
cf:f6:2e:72:2b:6c:32:fb:a0:65:fd:53:11:6a:94:63:28:5a:
b2:8b:14:c8:6f:6f:c6:4a:83:f5:9b:2b:18:90:ef:09:82:5b:
09:75:b9:84
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTRCvRtRYD6li+zjDgLAQAeAA9mswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMTIyMTExMDBaFw0yNDEwMTAyMTE2MDBaMDMxMTAvBgNV
BAMTKEExMEIyM0I3NzBBRTU4MEI3Q0UyNUIzRTkzNDk2OTQyRkUzN0IwODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDINANTg9wluVy4aOZ31jWjEsSq
RRX+E5vNiaQ52OW8REqqxL5cS9bNE0m9k8GXTFycj5tGNbzzGyIyyKTtDDhrpZN5
JhTRzsE9cVjx3V1uqeZx3ATLxRTlx/YHKqaDQiPxq+5T1J8hOq3BXxIuqzzh8Z9t
pAHoCLHw5N75r6sGoLbCnO+/0WiVfvkO4836drbVkt56M/l5WkBx/m7bOn43l+br
tpyZVmhvWD25B9AdeV+8T4UUkQvr+PAY4xTZPKAudE/KenQ1qEMO+jyZFR9YaPVY
yjxhsU9+f/+ilWcdhmGdZCP2MBk13mWNoG+og+ng+41736GzwDlDlT2p8J+TAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUoQsjt3CuWAt84ls+k0lpQv43sIAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhizANBgkqhkiG9w0BAQsFAAOCAQEALJbpVFo/cqPGZJ1BB2qdCnisdiwU
STcBvlOepLGuVjLjlVZ6kFoitR/1LCLDrN8MXjOeO9aTe+2XyYtJ+MFUASW1opOV
SI1KqhtLAEGiP/TmV566ZfEihalM6L8QRZ+QfbFIRbixot+sc9ceHNzS+zWOEyeZ
cFLrhFRVArYw6sUYRmvOBzaSK03Ea6CBodNlHzNd+BTEgBfO36uTbwWJLt6coUMS
Cyc2/99MraMc5vMwEEZLlClmXiGOMxHvS1+wJhanEKLHq9hxKuhKVezVE/ozzd+I
TQziz/YucitsMvugZf1TEWqUYyhasosUyG9vxkqD9ZsrGJDvCYJbCXW5hA==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org