Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: e3oH6ekTQAL9Q6zyM+/UNkt4CzerJCRjvtBGw8p2jik=
Subject key identifier: EC:D2:F7:32:EA:03:4A:7D:F7:EA:74:75:26:46:7F:42:29:A7:2D:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 132DC6B63D2A7F49EBA6F08159878FE462D5C106
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:17:31 +0000
ROA not before: Thu 12 Oct 2023 21:12:31 +0000
ROA not after: Thu 10 Oct 2024 21:17:31 +0000
asID: 136787
IP address blocks: 185.226.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:2d:c6:b6:3d:2a:7f:49:eb:a6:f0:81:59:87:8f:e4:62:d5:c1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 12 21:12:31 2023 GMT
Not After : Oct 10 21:17:31 2024 GMT
Subject: CN=ECD2F732EA034A7DF7EA747526467F4229A72DF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d3:de:3d:e0:0f:5e:70:d4:1b:9e:58:49:c5:
77:cf:95:4d:e4:d6:4e:9c:57:9d:76:79:db:27:16:
bf:e5:3d:0b:c4:12:b3:24:b9:1d:4b:8c:7b:2c:e5:
a3:c5:4f:15:cf:d8:57:19:5c:74:2b:77:de:51:f7:
7d:37:f4:a6:58:c4:d1:e7:c7:34:05:6a:e7:9d:d0:
89:f5:37:4d:df:bc:51:cb:d2:6e:e4:d8:14:bb:8e:
1d:50:e9:0e:3b:9c:a6:96:6c:1e:5f:35:22:a6:52:
b0:00:c7:3f:56:23:aa:1c:2c:3c:d9:fa:c9:be:f4:
62:92:b9:d0:9e:d9:a4:cd:4f:81:5d:de:70:5e:64:
53:8e:76:44:8c:a4:7c:7c:6c:48:46:18:9f:a2:f7:
58:6c:ae:40:98:0c:b9:8e:57:84:0b:47:9b:ad:c5:
90:03:b6:11:ff:89:b3:af:b2:7d:4e:93:cc:9b:cc:
7a:b8:df:bf:15:0c:fe:a7:d9:0e:db:f4:77:00:01:
4e:b7:9b:82:cc:54:46:b6:43:1d:ee:71:e5:5f:7b:
0c:37:64:69:21:39:77:24:2a:c5:1a:5c:d8:a4:11:
cc:2b:48:07:d8:5d:a8:40:78:50:60:9c:d9:44:ec:
5d:2f:90:52:67:cc:bd:98:d4:b4:3f:15:53:c0:48:
33:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D2:F7:32:EA:03:4A:7D:F7:EA:74:75:26:46:7F:42:29:A7:2D:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.147.0/24
Signature Algorithm: sha256WithRSAEncryption
13:3e:39:09:c3:b6:12:e4:44:7d:e4:b5:ca:f9:4b:43:ca:f5:
56:e4:24:e0:8b:48:e8:36:92:6a:45:24:e1:0d:b2:76:5e:2d:
1b:91:8c:30:a1:a0:db:00:b3:47:f0:1b:29:30:92:0f:0c:74:
2c:11:b9:10:81:e6:28:f0:46:c5:a9:53:88:b0:5b:74:2e:a0:
2d:b5:0a:d3:cf:61:63:95:70:5d:00:65:24:a7:99:45:1f:53:
a0:d1:08:60:1f:79:41:40:f2:fe:cf:02:7b:f0:65:b9:6a:e7:
f8:5c:ab:39:c7:39:c7:97:7a:e7:46:c3:73:96:3d:8c:02:d6:
8f:8b:81:7b:ce:50:83:2a:2e:2c:c1:03:89:6f:f9:45:3d:30:
25:2e:5a:64:66:4c:e6:0a:fd:1d:a0:3f:b8:e0:05:a9:69:42:
ac:64:5e:d3:90:a9:7f:0a:ab:ed:30:16:64:46:09:97:34:3c:
22:73:4b:fd:38:09:af:9c:39:f5:59:4c:b4:ec:e4:1e:8f:25:
08:7a:18:d9:7a:d5:2f:0e:15:e4:82:6d:6e:9b:62:84:6f:27:
b5:6c:ea:96:4b:17:1c:8c:15:41:a3:9a:42:e0:22:97:54:90:
c0:c7:e4:91:eb:f0:fa:d0:14:5b:fd:50:a7:1a:9b:3a:94:a3:
72:a7:b1:c2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEy3Gtj0qf0nrpvCBWYeP5GLVwQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMTIyMTEyMzFaFw0yNDEwMTAyMTE3MzFaMDMxMTAvBgNV
BAMTKEVDRDJGNzMyRUEwMzRBN0RGN0VBNzQ3NTI2NDY3RjQyMjlBNzJERjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD509494A9ecNQbnlhJxXfPlU3k
1k6cV512edsnFr/lPQvEErMkuR1LjHss5aPFTxXP2FcZXHQrd95R93039KZYxNHn
xzQFaued0In1N03fvFHL0m7k2BS7jh1Q6Q47nKaWbB5fNSKmUrAAxz9WI6ocLDzZ
+sm+9GKSudCe2aTNT4Fd3nBeZFOOdkSMpHx8bEhGGJ+i91hsrkCYDLmOV4QLR5ut
xZADthH/ibOvsn1Ok8ybzHq4378VDP6n2Q7b9HcAAU63m4LMVEa2Qx3uceVfeww3
ZGkhOXckKsUaXNikEcwrSAfYXahAeFBgnNlE7F0vkFJnzL2Y1LQ/FVPASDODAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7NL3MuoDSn336nR1JkZ/QimnLfYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikzANBgkqhkiG9w0BAQsFAAOCAQEAEz45CcO2EuREfeS1yvlLQ8r1VuQk
4ItI6DaSakUk4Q2ydl4tG5GMMKGg2wCzR/AbKTCSDwx0LBG5EIHmKPBGxalTiLBb
dC6gLbUK089hY5VwXQBlJKeZRR9ToNEIYB95QUDy/s8Ce/BluWrn+FyrOcc5x5d6
50bDc5Y9jALWj4uBe85QgyouLMEDiW/5RT0wJS5aZGZM5gr9HaA/uOAFqWlCrGRe
05Cpfwqr7TAWZEYJlzQ8InNL/TgJr5w59VlMtOzkHo8lCHoY2XrVLw4V5IJtbpti
hG8ntWzqlksXHIwVQaOaQuAil1SQwMfkkevw+tAUW/1QpxqbOpSjcqexwg==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org