Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: pz1JzJKEN7GxDbKipyw8n7mfQbIYms4sYBuL5KdeGTk=
Subject key identifier: 88:CF:F1:C9:AD:1D:81:EC:13:A5:51:A5:5B:4E:41:D0:34:59:DB:3B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7C5F9D95571351CBE4476980B720651B14F25E1B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:17:18 +0000
ROA not before: Thu 12 Oct 2023 21:12:18 +0000
ROA not after: Thu 10 Oct 2024 21:17:18 +0000
asID: 136787
IP address blocks: 185.226.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5f:9d:95:57:13:51:cb:e4:47:69:80:b7:20:65:1b:14:f2:5e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 12 21:12:18 2023 GMT
Not After : Oct 10 21:17:18 2024 GMT
Subject: CN=88CFF1C9AD1D81EC13A551A55B4E41D03459DB3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2c:a6:9f:9d:11:29:48:ca:9f:ca:e3:9f:81:
89:a1:81:45:b0:83:79:ff:c8:a1:04:ae:e9:a6:f3:
99:f1:19:39:28:91:cb:c1:98:1c:c3:4e:69:7a:af:
ce:b1:2c:2f:bb:0a:c0:ba:b3:43:06:e5:b4:2c:ce:
3c:4d:7f:f7:b7:e1:3b:21:48:8a:c9:af:bd:5c:5a:
3d:e8:dc:17:90:12:fd:db:df:8f:7d:79:18:05:c0:
1f:1b:46:3b:c6:2f:c0:6f:10:1a:4e:58:c5:1c:4a:
85:dc:f3:1c:49:72:b3:00:3e:f7:e0:5a:d4:fa:61:
84:1c:0f:e4:0a:35:b3:18:77:cc:08:33:e1:e1:df:
35:44:dc:0a:d7:ce:67:0b:8c:09:d1:e8:e6:68:23:
5b:02:95:d3:73:c5:8f:61:98:09:fd:50:07:56:54:
a4:fd:fc:c9:d5:7a:1d:22:b9:21:7a:6a:33:cd:54:
07:c4:68:6a:0d:cc:19:35:cd:4f:63:63:47:1a:fa:
be:3c:ca:4c:7d:68:7c:15:42:07:6a:a3:62:c0:ab:
5e:6a:16:8e:96:07:84:6a:0e:c4:48:fc:8b:35:71:
f6:7c:0d:2b:f8:d5:8a:b2:ee:92:3c:82:92:50:f3:
c3:91:dc:6e:26:e6:d1:7c:c8:a5:4f:40:ba:86:2a:
46:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CF:F1:C9:AD:1D:81:EC:13:A5:51:A5:5B:4E:41:D0:34:59:DB:3B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.144.0/24
Signature Algorithm: sha256WithRSAEncryption
80:43:37:b5:a3:b3:31:6d:70:8f:2f:f7:da:e5:45:b8:51:79:
ee:71:d8:ef:eb:c3:78:9c:72:0f:64:92:cc:e0:3a:b3:74:55:
e8:0a:99:2b:54:1f:ea:05:5b:0d:2a:cd:47:47:3b:c2:b4:10:
22:d8:24:87:db:0b:a4:5b:1e:b8:40:c6:2a:b5:34:29:db:25:
ba:a7:13:15:dc:0b:00:c2:f8:51:f7:2a:3f:31:cd:7c:1b:30:
b6:84:a1:a5:6f:ef:57:36:d4:c3:a3:11:fe:b9:4a:bd:6f:be:
b9:b0:3f:87:26:34:de:4a:e6:05:8c:b6:88:fb:b6:b4:10:23:
d4:cb:2e:22:42:21:c7:5f:6b:eb:32:ea:6e:21:3e:b9:ea:bc:
76:74:cd:8a:fc:cf:33:9e:ab:38:96:34:57:18:b8:20:45:79:
7b:13:d7:83:ba:6d:b7:02:f4:d4:88:db:13:20:25:c5:38:d0:
19:cb:24:b6:3e:e7:3b:bd:46:47:f3:b0:5f:b2:fa:c1:da:db:
74:d0:64:81:79:75:a1:03:2a:d8:48:d6:27:d9:e6:5e:58:ff:
fd:83:23:7e:20:2d:48:e4:d7:05:4e:0d:5b:96:58:c6:4a:94:
21:06:02:d7:e9:f0:50:04:a2:a0:4a:17:66:bc:17:7a:fc:22:
e9:3c:61:91
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfF+dlVcTUcvkR2mAtyBlGxTyXhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMTIyMTEyMThaFw0yNDEwMTAyMTE3MThaMDMxMTAvBgNV
BAMTKDg4Q0ZGMUM5QUQxRDgxRUMxM0E1NTFBNTVCNEU0MUQwMzQ1OURCM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0LKafnREpSMqfyuOfgYmhgUWw
g3n/yKEErumm85nxGTkokcvBmBzDTml6r86xLC+7CsC6s0MG5bQszjxNf/e34Tsh
SIrJr71cWj3o3BeQEv3b3499eRgFwB8bRjvGL8BvEBpOWMUcSoXc8xxJcrMAPvfg
WtT6YYQcD+QKNbMYd8wIM+Hh3zVE3ArXzmcLjAnR6OZoI1sCldNzxY9hmAn9UAdW
VKT9/MnVeh0iuSF6ajPNVAfEaGoNzBk1zU9jY0ca+r48ykx9aHwVQgdqo2LAq15q
Fo6WB4RqDsRI/Is1cfZ8DSv41Yqy7pI8gpJQ88OR3G4m5tF8yKVPQLqGKkapAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUiM/xya0dgewTpVGlW05B0DRZ2zswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikDANBgkqhkiG9w0BAQsFAAOCAQEAgEM3taOzMW1wjy/32uVFuFF57nHY
7+vDeJxyD2SSzOA6s3RV6AqZK1Qf6gVbDSrNR0c7wrQQItgkh9sLpFseuEDGKrU0
KdsluqcTFdwLAML4UfcqPzHNfBswtoShpW/vVzbUw6MR/rlKvW++ubA/hyY03krm
BYy2iPu2tBAj1MsuIkIhx19r6zLqbiE+ueq8dnTNivzPM56rOJY0Vxi4IEV5exPX
g7pttwL01IjbEyAlxTjQGcsktj7nO71GR/OwX7L6wdrbdNBkgXl1oQMq2EjWJ9nm
Xlj//YMjfiAtSOTXBU4NW5ZYxkqUIQYC1+nwUASioEoXZrwXevwi6TxhkQ==
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org