Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3233352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cE7BfVHSHz5vEho7HQfHyfpkLIJX4Sdy0In1iusws68=
Subject key identifier: AE:7B:A9:BC:78:45:53:7B:BD:36:C0:A5:E3:2B:DE:81:50:92:9D:B7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B4CB1EA28A0D8A0FFB29950F506224CE5225FD9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:35 +0000
ROA not before: Fri 26 Jan 2024 18:57:35 +0000
ROA not after: Fri 24 Jan 2025 19:02:35 +0000
asID: 136787
IP address blocks: 185.225.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:4c:b1:ea:28:a0:d8:a0:ff:b2:99:50:f5:06:22:4c:e5:22:5f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:35 2024 GMT
Not After : Jan 24 19:02:35 2025 GMT
Subject: CN=AE7BA9BC7845537BBD36C0A5E32BDE8150929DB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:56:d9:2f:93:23:1e:49:d8:ed:e6:46:8e:
f4:41:a0:3e:89:71:1e:4d:2d:0f:de:ce:85:18:a6:
83:5f:2a:fa:4e:a9:cd:7c:36:0a:0b:6e:30:dd:cd:
53:c9:57:d8:4c:a7:4e:ae:ce:ce:6b:89:e2:3f:f8:
01:2b:b5:6a:8f:8d:a0:a7:e7:dd:8b:41:83:07:d6:
23:4e:10:f4:7d:af:83:b7:f2:76:3b:4d:59:f5:00:
59:ee:dd:6a:48:32:ac:a9:74:52:9c:74:c8:42:1f:
94:ea:97:68:9c:cf:74:51:f1:0c:46:b5:0a:4b:9d:
80:1a:15:71:a0:fe:e3:00:3d:3d:ec:1d:7f:0f:7e:
8f:c5:ef:1a:26:45:98:3a:ee:3e:8c:88:91:8d:2d:
1d:04:c4:5f:aa:2d:48:11:e5:f5:38:c5:20:0a:12:
48:d9:b3:b3:ca:c0:38:83:1c:cf:32:68:9d:53:f8:
55:9e:3e:e0:36:10:74:d1:26:8e:aa:85:2c:57:90:
26:a9:bd:01:60:75:69:1b:9b:14:f9:f5:68:38:32:
90:4c:e0:0d:6e:b4:c4:d3:39:86:e7:cc:cb:10:b7:
11:4a:d4:08:45:56:58:de:04:1f:2d:00:2d:0a:1e:
e2:09:29:84:ec:6f:cf:53:bf:4d:8c:6e:4f:7c:96:
80:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7B:A9:BC:78:45:53:7B:BD:36:C0:A5:E3:2B:DE:81:50:92:9D:B7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.235.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4b:b7:19:5a:9d:53:53:cb:48:33:ce:0b:c3:63:03:73:b1:
ac:6c:fe:d0:e9:b6:41:f8:ba:7e:ff:25:74:4a:45:0d:52:33:
03:c7:25:48:10:95:15:2e:69:7c:38:3c:33:5e:01:a8:ef:37:
12:aa:03:1d:2e:84:ea:59:0f:be:7a:55:8b:83:78:08:b4:e1:
4e:7f:4f:65:f0:8f:89:e6:54:55:cd:f8:ae:0e:23:6d:43:d1:
f0:c9:b6:3d:44:d0:59:46:69:e1:36:31:50:ff:41:09:9e:33:
80:e9:ce:90:ca:0b:85:f3:ec:5f:63:84:b0:21:53:a8:0a:7a:
9c:11:c6:46:c0:c9:a6:07:7a:25:7d:51:63:1f:c6:65:13:1e:
9d:8c:fb:58:72:d5:38:1e:96:58:9b:33:63:b6:99:cc:27:72:
37:58:61:c6:05:6d:1e:59:d1:7e:69:50:eb:2e:b8:47:30:03:
70:3e:21:6b:a2:ef:f7:61:e5:42:1c:42:d0:29:cb:e0:85:ed:
a8:f9:f8:61:f3:66:36:af:c5:64:8c:29:0e:37:a7:80:29:16:
3b:c3:cb:a8:c1:f4:66:cb:08:4e:79:7f:a6:b1:c6:af:c5:e4:
6a:c5:bf:bc:e9:e5:e8:5e:1a:76:f3:11:b8:93:51:0b:04:c8:
5e:52:38:5b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUW0yx6iig2KD/splQ9QYiTOUiX9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MzVaFw0yNTAxMjQxOTAyMzVaMDMxMTAvBgNV
BAMTKEFFN0JBOUJDNzg0NTUzN0JCRDM2QzBBNUUzMkJERTgxNTA5MjlEQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VFbZL5MjHknY7eZGjvRBoD6J
cR5NLQ/ezoUYpoNfKvpOqc18NgoLbjDdzVPJV9hMp06uzs5rieI/+AErtWqPjaCn
592LQYMH1iNOEPR9r4O38nY7TVn1AFnu3WpIMqypdFKcdMhCH5Tql2icz3RR8QxG
tQpLnYAaFXGg/uMAPT3sHX8Pfo/F7xomRZg67j6MiJGNLR0ExF+qLUgR5fU4xSAK
EkjZs7PKwDiDHM8yaJ1T+FWePuA2EHTRJo6qhSxXkCapvQFgdWkbmxT59Wg4MpBM
4A1utMTTOYbnzMsQtxFK1AhFVljeBB8tAC0KHuIJKYTsb89Tv02Mbk98loC3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrnupvHhFU3u9NsCl4yvegVCSnbcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMy
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnh6zANBgkqhkiG9w0BAQsFAAOCAQEAEUu3GVqdU1PLSDPOC8NjA3OxrGz+
0Om2Qfi6fv8ldEpFDVIzA8clSBCVFS5pfDg8M14BqO83EqoDHS6E6lkPvnpVi4N4
CLThTn9PZfCPieZUVc34rg4jbUPR8Mm2PUTQWUZp4TYxUP9BCZ4zgOnOkMoLhfPs
X2OEsCFTqAp6nBHGRsDJpgd6JX1RYx/GZRMenYz7WHLVOB6WWJszY7aZzCdyN1hh
xgVtHlnRfmlQ6y64RzADcD4ha6Lv92HlQhxC0CnL4IXtqPn4YfNmNq/FZIwpDjen
gCkWO8PLqMH0ZssITnl/prHGr8XkasW/vOnl6F4advMRuJNRCwTIXlI4Ww==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org