Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32332d3233203d3e203239303636.roa
File: 3138352e3233302e3133362e302f32332d3233203d3e203239303636.roa (raw, json)
Hash identifier: sRn6Mpfgzj15YcVad7flsFThN0HYGhTKqZ+2x9ELW60=
Subject key identifier: F8:95:CE:3B:D0:E3:59:1B:72:D7:D1:6D:68:BB:7E:E1:F1:F0:B1:62
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2DF4C8CB4CB5B8FA6DFA4D79BDE66EC837F72BC6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32332d3233203d3e203239303636.roa
Signing time: Fri 01 Mar 2024 16:36:27 +0000
ROA not before: Fri 01 Mar 2024 16:31:27 +0000
ROA not after: Fri 28 Feb 2025 16:36:27 +0000
asID: 29066
IP address blocks: 185.230.136.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f4:c8:cb:4c:b5:b8:fa:6d:fa:4d:79:bd:e6:6e:c8:37:f7:2b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 1 16:31:27 2024 GMT
Not After : Feb 28 16:36:27 2025 GMT
Subject: CN=F895CE3BD0E3591B72D7D16D68BB7EE1F1F0B162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:8b:c6:ad:01:40:a4:25:de:68:71:3a:9e:87:
21:a3:00:fd:bb:6a:18:91:93:4a:48:b4:f5:e1:df:
c7:ab:99:34:9c:33:da:0b:d7:1d:94:8e:23:63:cf:
d8:ce:bc:ab:30:36:69:06:4b:86:f8:e6:a0:ca:f9:
5a:48:92:47:4f:08:9a:d4:5a:4a:1a:d9:e7:6e:87:
d0:09:cb:59:74:a5:3b:66:90:e3:44:7c:4b:c8:f2:
d6:9f:af:e2:c7:0e:b2:03:35:f4:41:f6:50:42:af:
a0:17:c5:6e:c4:ef:2c:6c:64:4b:9f:f6:70:b4:30:
c8:df:81:a2:30:5d:2e:37:08:74:ee:bd:3e:ac:5d:
ea:de:e9:2a:18:85:e9:34:b9:75:ee:c8:78:57:d7:
14:3a:8e:70:59:ba:1d:98:26:5a:26:32:5e:1e:a2:
db:82:5c:8e:3d:7d:f4:aa:df:52:cd:04:ec:be:72:
7f:d6:fa:3a:3d:72:c2:0b:42:12:de:03:ea:95:78:
74:38:97:58:94:57:82:c7:be:17:d4:3e:32:d8:f5:
1a:ab:f1:c3:10:16:ae:f0:89:43:27:2d:70:80:42:
40:92:4c:35:4e:c9:f2:5c:21:ba:d4:3e:22:1e:e6:
64:59:cb:e9:79:d6:80:c3:be:03:cb:07:0d:25:65:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:95:CE:3B:D0:E3:59:1B:72:D7:D1:6D:68:BB:7E:E1:F1:F0:B1:62
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32332d3233203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.136.0/23
Signature Algorithm: sha256WithRSAEncryption
05:37:9c:88:d8:a7:d5:f3:8e:8b:85:3c:ef:de:67:56:b7:1d:
3c:00:aa:ab:3b:11:5c:91:76:e9:a8:65:14:29:d0:36:79:ed:
f4:6b:c2:72:7c:5e:a0:3e:ea:67:76:aa:11:e3:77:71:21:6a:
7d:06:20:0a:83:10:b7:37:83:6e:17:cd:3d:98:1e:3f:1d:f3:
74:35:0e:bf:ea:0e:c1:da:f1:a9:40:3c:b9:ec:a6:bc:e1:59:
ce:e4:29:da:99:0f:98:9a:cf:fb:c1:94:1d:b2:ac:13:ae:0b:
e5:81:12:e5:89:96:6f:53:c3:14:82:45:57:df:09:c6:6e:5e:
eb:1c:85:86:70:c9:77:3e:fa:ba:ee:03:53:a7:3a:73:18:95:
92:35:48:16:b1:f5:34:70:70:f3:6f:0d:49:b8:15:af:68:81:
6e:78:97:ff:5c:4e:75:af:c0:3b:b6:a3:41:97:03:88:ef:bc:
8e:23:76:52:44:13:62:54:f1:1d:c5:f4:bf:37:41:5c:5c:c6:
a3:71:27:81:70:db:5c:b1:99:1c:3f:9e:05:c9:84:3b:cc:19:
38:09:db:34:ea:e5:01:10:8a:48:79:9c:d2:89:33:a8:69:d9:
6f:85:3b:85:32:33:1f:da:7a:13:4c:d6:49:95:cb:fb:4c:36:
a5:da:f9:62
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULfTIy0y1uPpt+k15veZuyDf3K8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDExNjMxMjdaFw0yNTAyMjgxNjM2MjdaMDMxMTAvBgNV
BAMTKEY4OTVDRTNCRDBFMzU5MUI3MkQ3RDE2RDY4QkI3RUUxRjFGMEIxNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6i8atAUCkJd5ocTqehyGjAP27
ahiRk0pItPXh38ermTScM9oL1x2UjiNjz9jOvKswNmkGS4b45qDK+VpIkkdPCJrU
Wkoa2eduh9AJy1l0pTtmkONEfEvI8tafr+LHDrIDNfRB9lBCr6AXxW7E7yxsZEuf
9nC0MMjfgaIwXS43CHTuvT6sXere6SoYhek0uXXuyHhX1xQ6jnBZuh2YJlomMl4e
otuCXI49ffSq31LNBOy+cn/W+jo9csILQhLeA+qVeHQ4l1iUV4LHvhfUPjLY9Rqr
8cMQFq7wiUMnLXCAQkCSTDVOyfJcIbrUPiIe5mRZy+l51oDDvgPLBw0lZehbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+JXOO9DjWRty19FtaLt+4fHwsWIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzNjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzkzMDM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG55ogwDQYJKoZIhvcNAQELBQADggEBAAU3nIjYp9XzjouFPO/eZ1a3HTwAqqs7
EVyRdumoZRQp0DZ57fRrwnJ8XqA+6md2qhHjd3Ehan0GIAqDELc3g24XzT2YHj8d
83Q1Dr/qDsHa8alAPLnsprzhWc7kKdqZD5iaz/vBlB2yrBOuC+WBEuWJlm9TwxSC
RVffCcZuXuschYZwyXc++rruA1OnOnMYlZI1SBax9TRwcPNvDUm4Fa9ogW54l/9c
TnWvwDu2o0GXA4jvvI4jdlJEE2JU8R3F9L83QVxcxqNxJ4Fw21yxmRw/ngXJhDvM
GTgJ2zTq5QEQikh5nNKJM6hp2W+FO4UyMx/aehNM1kmVy/tMNqXa+WI=
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:15 2024 by rpki-client on console-ams.rpki-client.org