Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 3LAERQWNy0PVaAdD3xauSzKns2ShuylsSaWPY7dBhto=
Subject key identifier: F8:A2:87:56:30:01:EB:44:EA:88:34:B0:37:04:D6:61:E8:3C:42:9A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2AE93EAF0A32074584C0ACA352E7CB35AC2F01FA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 22 Aug 2023 20:59:39 +0000
ROA not before: Tue 22 Aug 2023 20:54:39 +0000
ROA not after: Tue 20 Aug 2024 20:59:39 +0000
asID: 136787
IP address blocks: 185.228.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e9:3e:af:0a:32:07:45:84:c0:ac:a3:52:e7:cb:35:ac:2f:01:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 20:54:39 2023 GMT
Not After : Aug 20 20:59:39 2024 GMT
Subject: CN=F8A287563001EB44EA8834B03704D661E83C429A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:96:c1:7d:a5:30:f2:9d:2a:35:56:ef:c6:42:
ec:a8:6c:72:bb:f5:80:cb:f4:77:29:43:c9:1a:8f:
5c:90:e0:7b:9d:4f:6b:14:ff:b4:07:39:f0:7d:d0:
4b:44:40:b0:65:dc:8b:dc:0c:24:9b:56:64:b3:04:
10:81:7c:3c:0b:d4:79:8c:fd:42:09:cd:62:5e:d8:
0d:c8:c6:b3:5d:ad:28:d6:28:6f:d0:b0:9f:34:ad:
20:1b:08:1a:b8:cd:93:16:05:c6:0b:d9:62:0b:7c:
fa:f6:10:77:4f:c7:95:8c:a1:9c:bd:dc:9d:a3:b7:
80:47:f0:64:2a:6d:0c:fe:41:f8:0f:aa:36:0b:b9:
f3:1c:02:5d:68:1e:42:55:ea:90:e9:4a:45:4e:22:
40:11:16:12:59:f8:f3:a0:7c:cc:59:eb:f6:5f:d6:
88:90:93:22:c5:3f:bc:d2:b1:48:7c:6b:54:1e:70:
fc:1c:c3:a6:5c:d8:be:7b:af:0a:48:b1:3b:c8:42:
a4:b8:77:19:ea:e2:f0:3f:39:5e:bf:fd:f1:18:55:
46:43:73:37:a1:1b:9b:28:06:7a:94:e6:ac:b8:e5:
8e:d6:b5:ac:ae:a9:0e:dd:2c:3e:b8:19:ab:b9:c4:
00:38:12:63:98:89:27:2d:7e:5e:6e:a7:9a:59:0e:
83:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A2:87:56:30:01:EB:44:EA:88:34:B0:37:04:D6:61:E8:3C:42:9A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.19.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5b:f3:9d:d3:2f:60:23:93:ed:82:c4:61:75:c1:28:ab:a1:
d5:83:f0:2b:37:0d:50:b4:30:0d:86:5d:2b:54:b4:70:dd:4d:
eb:09:3f:99:e7:49:22:27:37:68:76:54:b5:c6:b2:96:c1:68:
d5:aa:9b:0a:d8:53:68:03:c1:f1:81:ef:a9:f5:50:fe:98:41:
e0:d0:ea:dd:e0:6c:92:17:b9:b4:2b:2b:51:a6:e5:d6:f9:87:
05:2d:a4:11:10:54:a3:29:37:41:33:c4:7e:bb:f4:1e:cf:49:
53:20:6d:77:81:01:8d:51:fe:9f:86:e3:a8:23:33:89:28:c2:
eb:d5:7d:0d:c6:08:51:a5:ff:b9:d2:31:3f:5a:ef:5b:1d:0c:
7f:56:d4:07:8f:3e:e1:22:34:22:8a:43:e2:70:ba:98:18:b3:
4b:4e:41:46:36:6c:20:8c:f8:46:ce:d8:9b:ef:bd:bf:77:eb:
73:41:18:e4:df:7d:d5:53:f0:f1:88:11:ff:c8:5b:e6:32:db:
3f:e2:a3:7d:4a:d1:18:6d:8e:d0:0f:a4:7c:59:75:92:d4:af:
d0:1d:cc:41:ce:6f:f1:56:c3:10:5d:d6:d0:96:75:f1:98:f9:
e3:a4:14:4d:0f:91:3a:11:bf:dd:3b:2e:0a:2b:6e:c4:22:20:
96:cd:0b:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKuk+rwoyB0WEwKyjUufLNawvAfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MjIyMDU0MzlaFw0yNDA4MjAyMDU5MzlaMDMxMTAvBgNV
BAMTKEY4QTI4NzU2MzAwMUVCNDRFQTg4MzRCMDM3MDRENjYxRTgzQzQyOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/lsF9pTDynSo1Vu/GQuyobHK7
9YDL9HcpQ8kaj1yQ4HudT2sU/7QHOfB90EtEQLBl3IvcDCSbVmSzBBCBfDwL1HmM
/UIJzWJe2A3IxrNdrSjWKG/QsJ80rSAbCBq4zZMWBcYL2WILfPr2EHdPx5WMoZy9
3J2jt4BH8GQqbQz+QfgPqjYLufMcAl1oHkJV6pDpSkVOIkARFhJZ+POgfMxZ6/Zf
1oiQkyLFP7zSsUh8a1QecPwcw6Zc2L57rwpIsTvIQqS4dxnq4vA/OV6//fEYVUZD
czehG5soBnqU5qy45Y7WtayuqQ7dLD64Gau5xAA4EmOYiSctfl5up5pZDoMTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+KKHVjAB60TqiDSwNwTWYeg8QpowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzgyZTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55BMwDQYJKoZIhvcNAQELBQADggEBAEpb853TL2Ajk+2CxGF1wSirodWD8Cs3
DVC0MA2GXStUtHDdTesJP5nnSSInN2h2VLXGspbBaNWqmwrYU2gDwfGB76n1UP6Y
QeDQ6t3gbJIXubQrK1Gm5db5hwUtpBEQVKMpN0EzxH679B7PSVMgbXeBAY1R/p+G
46gjM4kowuvVfQ3GCFGl/7nSMT9a71sdDH9W1AePPuEiNCKKQ+JwupgYs0tOQUY2
bCCM+EbO2Jvvvb9363NBGOTffdVT8PGIEf/IW+Yy2z/io31K0RhtjtAPpHxZdZLU
r9AdzEHOb/FWwxBd1tCWdfGY+eOkFE0PkToRv907LgorbsQiIJbNC+k=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org