Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
File: 3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: kWJwspUYNLUZAfdgAn2KQq11DZK+z8eq36868OOSf70=
Subject key identifier: 98:CB:0F:84:CE:7B:C0:77:96:12:C9:63:3B:D5:D8:AA:99:54:BD:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 013E9F95F9711FA4DB9E3D8C9649A3CBDD5B5132
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:05 +0000
ROA not before: Mon 26 Feb 2024 08:48:05 +0000
ROA not after: Mon 24 Feb 2025 08:53:05 +0000
asID: 51167
IP address blocks: 185.230.138.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:3e:9f:95:f9:71:1f:a4:db:9e:3d:8c:96:49:a3:cb:dd:5b:51:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:05 2024 GMT
Not After : Feb 24 08:53:05 2025 GMT
Subject: CN=98CB0F84CE7BC0779612C9633BD5D8AA9954BD19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2a:bd:3b:c5:a3:59:06:e6:11:3a:98:35:1c:
79:bf:35:c2:8d:ac:b6:0c:83:2b:ed:8a:56:90:5d:
df:31:ee:ee:03:dd:63:c0:b1:2e:38:f8:43:9c:15:
0a:20:fc:6b:82:65:1e:c4:99:87:96:a0:3e:dc:62:
66:94:a4:99:6f:aa:c0:f7:d8:f8:a4:30:02:a9:59:
8a:1c:c8:c6:74:c4:72:6f:3b:c8:49:fc:af:27:06:
d5:ec:a2:e3:f5:da:3e:45:39:ab:1a:25:59:ae:c2:
97:69:df:97:52:9e:8e:a0:23:11:46:91:fa:6e:0d:
c7:ff:ea:b6:62:05:96:da:fd:bc:6b:d7:dc:36:a6:
bb:bd:b9:fd:d6:57:09:b4:af:c4:37:20:87:dd:9a:
43:d5:64:03:58:00:37:3c:80:d5:0a:e9:6c:61:bb:
fd:e4:53:d3:f2:e8:78:22:72:0f:4c:cb:f7:99:1a:
9c:d0:33:2e:dd:f2:f0:02:48:7e:11:44:71:39:b9:
2c:51:ad:83:62:13:d5:b9:3b:72:c8:d1:c3:19:fd:
cf:01:d2:c7:26:9b:19:53:98:fe:63:a5:f6:a4:b4:
e3:47:c6:38:e1:e9:70:7f:4b:5d:6e:ec:22:4e:26:
91:6f:cc:22:cd:47:60:76:9a:33:b9:a8:5d:9a:b8:
24:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CB:0F:84:CE:7B:C0:77:96:12:C9:63:3B:D5:D8:AA:99:54:BD:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.138.0/24
Signature Algorithm: sha256WithRSAEncryption
94:7d:25:e9:e5:38:0e:9f:94:78:96:0b:6e:73:f2:66:44:de:
a2:c3:03:60:73:90:22:39:5b:50:08:1b:8f:85:8c:62:c9:3d:
e2:59:90:5f:42:50:a7:8b:8c:2d:3b:dd:6c:31:d7:17:90:4e:
7a:0f:2a:fe:4a:46:9d:78:4c:41:c4:1a:84:90:f6:8c:5a:64:
24:35:36:44:0a:96:0c:79:7f:9e:1f:bc:04:bc:a5:44:6b:db:
c2:bf:2f:62:b2:4b:89:8c:02:d4:be:ed:41:5e:6c:11:65:e0:
62:8a:d5:06:d2:da:f2:23:75:9f:8e:ac:5c:83:a3:2d:80:09:
ba:23:2c:e1:55:0f:6c:2e:57:1c:51:75:e3:67:c4:da:2a:af:
32:c0:e8:f8:d0:8a:20:90:c3:f1:df:0d:84:3b:6a:82:c8:ce:
5c:9a:0c:ec:a9:4f:14:79:31:15:ce:cb:ce:64:f7:4d:ef:d4:
26:2f:19:62:0b:cf:8c:73:e2:e1:8b:df:04:0d:77:0a:b1:2e:
b5:9a:52:c8:86:c8:e7:63:d7:86:27:b9:ff:f1:59:b4:4b:36:
44:5a:a0:f1:21:53:d6:ad:30:f7:5c:34:2f:b6:3a:e0:a7:a0:
67:f6:e5:61:c3:6f:12:21:72:c3:86:db:52:7f:fd:37:1a:e1:
04:03:cf:f7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAT6flflxH6Tbnj2Mlkmjy91bUTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDVaFw0yNTAyMjQwODUzMDVaMDMxMTAvBgNV
BAMTKDk4Q0IwRjg0Q0U3QkMwNzc5NjEyQzk2MzNCRDVEOEFBOTk1NEJEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbKr07xaNZBuYROpg1HHm/NcKN
rLYMgyvtilaQXd8x7u4D3WPAsS44+EOcFQog/GuCZR7EmYeWoD7cYmaUpJlvqsD3
2PikMAKpWYocyMZ0xHJvO8hJ/K8nBtXsouP12j5FOasaJVmuwpdp35dSno6gIxFG
kfpuDcf/6rZiBZba/bxr19w2pru9uf3WVwm0r8Q3IIfdmkPVZANYADc8gNUK6Wxh
u/3kU9Py6Hgicg9My/eZGpzQMy7d8vACSH4RRHE5uSxRrYNiE9W5O3LI0cMZ/c8B
0scmmxlTmP5jpfaktONHxjjh6XB/S11u7CJOJpFvzCLNR2B2mjO5qF2auCQdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmMsPhM57wHeWEsljO9XYqplUvRkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55oowDQYJKoZIhvcNAQELBQADggEBAJR9JenlOA6flHiWC25z8mZE3qLDA2Bz
kCI5W1AIG4+FjGLJPeJZkF9CUKeLjC073Wwx1xeQTnoPKv5KRp14TEHEGoSQ9oxa
ZCQ1NkQKlgx5f54fvAS8pURr28K/L2KyS4mMAtS+7UFebBFl4GKK1QbS2vIjdZ+O
rFyDoy2ACbojLOFVD2wuVxxRdeNnxNoqrzLA6PjQiiCQw/HfDYQ7aoLIzlyaDOyp
TxR5MRXOy85k903v1CYvGWILz4xz4uGL3wQNdwqxLrWaUsiGyOdj14Ynuf/xWbRL
NkRaoPEhU9atMPdcNC+2OuCnoGf25WHDbxIhcsOG21J//Tca4QQDz/c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org