Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
File: 3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: QbiHtbOO6zYnjiD1ajNQh5kyEDvxklHxvN+9oSOO9rI=
Subject key identifier: ED:5C:10:8F:EF:E6:D0:4E:18:3D:6C:C3:90:FA:48:A1:39:94:60:CE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 324690FC01683E41F58BC515D264FF54A44CA0BE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:50 +0000
ROA not before: Fri 20 Oct 2023 13:36:50 +0000
ROA not after: Fri 18 Oct 2024 13:41:50 +0000
asID: 136787
IP address blocks: 185.225.234.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:46:90:fc:01:68:3e:41:f5:8b:c5:15:d2:64:ff:54:a4:4c:a0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:50 2023 GMT
Not After : Oct 18 13:41:50 2024 GMT
Subject: CN=ED5C108FEFE6D04E183D6CC390FA48A1399460CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:21:7d:45:44:5f:94:95:36:5b:a5:11:85:77:
26:46:04:0e:09:51:81:47:6f:06:aa:ec:ef:a8:be:
f6:67:ad:88:61:03:b6:41:70:75:ab:b3:5a:c6:17:
97:0a:2d:70:2e:30:e9:bb:25:ef:4e:53:be:e0:0b:
e6:6e:38:5e:90:a1:5c:c4:9c:49:fc:3e:71:c8:e0:
65:9c:64:97:bd:2c:79:d2:6b:c8:1c:34:2c:a3:37:
f1:dd:b6:c6:dc:e9:1b:38:69:b7:cd:3e:d6:93:ba:
00:73:d3:01:d8:f6:a9:60:7f:f7:0b:99:82:58:7d:
01:e6:aa:e7:7c:12:1a:8a:40:99:d8:9d:cc:f8:14:
ea:1f:97:94:dc:a9:ba:b1:3d:e4:07:c5:4c:80:a0:
34:ff:bb:8b:40:6e:4d:57:06:15:09:52:2b:0d:4e:
cd:fd:44:8b:02:72:92:a3:9d:29:e8:8f:64:6f:9d:
30:d1:13:f4:e7:de:ad:f2:37:6f:71:82:cb:8c:e8:
e1:de:9c:f2:63:f8:4c:e4:b5:c5:f9:b0:3b:dc:13:
93:88:d4:5d:c4:f7:1c:b4:e1:b0:02:bf:0a:84:df:
88:d9:a9:a9:eb:33:0d:a0:e9:f7:d4:d9:29:c3:63:
8d:50:67:71:11:e5:25:31:fc:83:c5:f0:de:dc:00:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5C:10:8F:EF:E6:D0:4E:18:3D:6C:C3:90:FA:48:A1:39:94:60:CE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:2f:68:aa:78:1e:8b:fa:54:8d:ef:21:4b:b9:e8:a0:13:4e:
0c:9a:cc:63:d8:44:b7:b6:d2:f5:f1:52:fc:6c:6c:de:fe:db:
b8:e6:d7:76:3a:a4:cd:4a:91:b4:e1:aa:84:05:3c:44:f6:73:
91:73:e5:fa:9b:01:87:db:d4:7f:bb:6a:ee:9e:bc:fa:98:de:
d9:01:80:a2:ed:f4:40:72:54:b1:0a:51:42:90:b0:ef:ea:93:
95:0c:4d:46:a8:2e:63:f0:d9:27:c2:bc:ce:04:72:c2:76:68:
2b:c7:3d:f0:a0:e7:2e:b5:c7:20:af:ad:f4:d4:08:b1:00:56:
68:33:55:61:9b:c4:af:0c:3c:c0:e2:b5:38:86:7f:21:fd:56:
52:b8:ff:b2:7f:0a:e0:93:41:5c:68:63:19:2b:7f:68:24:ec:
85:1a:78:c0:b1:7d:00:e0:f4:6e:91:2f:15:3b:53:f8:51:dd:
cf:fe:30:a9:b9:cf:b9:93:8d:5f:8a:81:45:98:2a:16:cc:83:
29:87:1c:88:0b:7e:1d:34:17:60:d6:77:eb:d8:9d:6f:0a:c7:
92:dd:4d:e2:81:91:5f:95:d7:06:fe:e6:45:92:d4:38:3e:d9:
77:a6:7b:fa:2e:f6:9e:f5:ed:cb:de:fd:c9:93:d5:a3:f4:05:
d3:10:68:98
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMkaQ/AFoPkH1i8UV0mT/VKRMoL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTBaFw0yNDEwMTgxMzQxNTBaMDMxMTAvBgNV
BAMTKEVENUMxMDhGRUZFNkQwNEUxODNENkNDMzkwRkE0OEExMzk5NDYwQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgIX1FRF+UlTZbpRGFdyZGBA4J
UYFHbwaq7O+ovvZnrYhhA7ZBcHWrs1rGF5cKLXAuMOm7Je9OU77gC+ZuOF6QoVzE
nEn8PnHI4GWcZJe9LHnSa8gcNCyjN/Hdtsbc6Rs4abfNPtaTugBz0wHY9qlgf/cL
mYJYfQHmqud8EhqKQJnYncz4FOofl5TcqbqxPeQHxUyAoDT/u4tAbk1XBhUJUisN
Ts39RIsCcpKjnSnoj2RvnTDRE/Tn3q3yN29xgsuM6OHenPJj+EzktcX5sDvcE5OI
1F3E9xy04bACvwqE34jZqanrMw2g6ffU2SnDY41QZ3ER5SUx/IPF8N7cADQTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7VwQj+/m0E4YPWzDkPpIoTmUYM4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMy
MzMzNDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnh6jANBgkqhkiG9w0BAQsFAAOCAQEACy9oqngei/pUje8hS7nooBNODJrM
Y9hEt7bS9fFS/Gxs3v7buObXdjqkzUqRtOGqhAU8RPZzkXPl+psBh9vUf7tq7p68
+pje2QGAou30QHJUsQpRQpCw7+qTlQxNRqguY/DZJ8K8zgRywnZoK8c98KDnLrXH
IK+t9NQIsQBWaDNVYZvErww8wOK1OIZ/If1WUrj/sn8K4JNBXGhjGSt/aCTshRp4
wLF9AOD0bpEvFTtT+FHdz/4wqbnPuZONX4qBRZgqFsyDKYcciAt+HTQXYNZ369id
bwrHkt1N4oGRX5XXBv7mRZLUOD7Zd6Z7+i72nvXty979yZPVo/QF0xBomA==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org