Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
File: 3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: mS+eUlXpvGVUGYGdiKxMFAWotJKHYqTobUgH8xMlmTU=
Subject key identifier: 74:B4:29:25:E2:1E:04:42:6F:E4:2C:B1:8D:7C:97:13:CE:7B:0A:02
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 386FC94A42FC329B49CA68C09CEE5DDA63D1AE73
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 20 Oct 2023 13:41:59 +0000
ROA not before: Fri 20 Oct 2023 13:36:59 +0000
ROA not after: Fri 18 Oct 2024 13:41:59 +0000
asID: 207137
IP address blocks: 185.234.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:6f:c9:4a:42:fc:32:9b:49:ca:68:c0:9c:ee:5d:da:63:d1:ae:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:59 2023 GMT
Not After : Oct 18 13:41:59 2024 GMT
Subject: CN=74B42925E21E04426FE42CB18D7C9713CE7B0A02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:de:9f:cd:ca:a7:06:24:a6:71:91:87:6a:
45:54:91:a0:72:88:55:19:f6:c7:ca:37:fe:02:fe:
65:47:3e:a2:18:99:df:cb:da:6b:1f:89:19:7a:e7:
54:03:3a:77:7b:88:ed:78:c8:8e:27:58:52:b4:02:
9f:a7:b6:e9:e3:d9:50:ac:4b:97:7f:4c:4a:dc:4f:
bc:87:d0:7b:d6:18:2d:8d:75:3b:a2:c4:34:b1:fe:
43:b2:5f:ca:24:08:d0:fa:e1:b2:61:e9:82:75:ea:
03:71:17:64:41:27:5a:b4:4e:02:63:dd:f1:47:7d:
5f:44:fc:42:6b:d9:7e:3f:d6:40:87:4b:97:92:86:
ae:a6:d0:e9:8c:6d:03:e3:d4:b2:74:8f:e7:1d:62:
92:b8:b7:30:2c:a3:9f:25:cd:f1:77:4a:4c:83:79:
94:c4:fe:3c:14:ae:6b:34:8c:3a:29:d2:75:3d:76:
c2:ad:5a:f1:9f:ab:bb:3c:fb:6c:e8:52:b5:4a:e0:
e9:71:82:8f:f1:32:4f:de:57:df:33:eb:70:cc:1b:
70:c5:b7:7a:c9:16:97:d2:34:d1:f5:08:50:85:f8:
65:8b:1f:33:1c:fc:d3:73:fb:9e:26:6c:35:51:f5:
e1:c7:56:bd:7b:fa:05:e5:7b:88:a2:2b:e9:97:ea:
4e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B4:29:25:E2:1E:04:42:6F:E4:2C:B1:8D:7C:97:13:CE:7B:0A:02
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.68.0/24
Signature Algorithm: sha256WithRSAEncryption
78:02:54:5f:a3:21:c6:99:66:f0:3e:e9:6a:25:5d:6d:16:da:
ac:1b:5f:71:30:5c:bb:7a:e3:db:8b:30:1b:4c:08:7c:e4:f3:
04:30:01:67:23:e9:66:fd:98:84:cd:f4:1b:5b:2c:9b:35:8c:
dd:d3:78:2b:bd:2f:e6:80:f0:8e:b1:df:af:7a:50:2a:e1:80:
f3:1a:67:45:6e:74:d1:db:ad:af:4d:6d:8b:d4:80:3c:f4:dc:
be:de:87:f8:bf:4c:8d:49:c1:fe:7c:7c:c2:bf:68:6c:e7:18:
1c:1a:d7:d9:34:84:02:4c:1f:cc:5f:da:f4:33:bb:2a:b2:7c:
4d:d7:30:0d:42:a8:8c:8d:1e:02:64:31:76:bd:bb:02:40:97:
10:69:ad:6d:74:c6:5e:f1:66:28:02:4f:95:4c:d5:80:bc:a1:
18:3d:ce:eb:a3:1a:92:bc:64:f6:b6:74:e5:88:72:0c:54:d3:
54:f5:44:7a:7a:0c:65:c6:ac:7d:26:5f:97:36:fc:1b:71:bb:
bb:c6:f6:bc:53:12:ea:76:d6:71:8f:4b:82:79:78:59:0b:70:
49:f5:b3:75:78:c4:40:ae:0d:6e:bd:5a:7b:3d:16:23:15:a7:
e0:ae:ea:dd:2c:bc:03:de:c0:cc:99:68:49:aa:41:ad:4f:05:
44:37:fd:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOG/JSkL8MptJymjAnO5d2mPRrnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTlaFw0yNDEwMTgxMzQxNTlaMDMxMTAvBgNV
BAMTKDc0QjQyOTI1RTIxRTA0NDI2RkU0MkNCMThEN0M5NzEzQ0U3QjBBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFYd6fzcqnBiSmcZGHakVUkaBy
iFUZ9sfKN/4C/mVHPqIYmd/L2msfiRl651QDOnd7iO14yI4nWFK0Ap+ntunj2VCs
S5d/TErcT7yH0HvWGC2NdTuixDSx/kOyX8okCND64bJh6YJ16gNxF2RBJ1q0TgJj
3fFHfV9E/EJr2X4/1kCHS5eShq6m0OmMbQPj1LJ0j+cdYpK4tzAso58lzfF3SkyD
eZTE/jwUrms0jDop0nU9dsKtWvGfq7s8+2zoUrVK4Olxgo/xMk/eV98z63DMG3DF
t3rJFpfSNNH1CFCF+GWLHzMc/NNz+54mbDVR9eHHVr17+gXle4iiK+mX6k5hAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdLQpJeIeBEJv5CyxjXyXE857CgIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kQwDQYJKoZIhvcNAQELBQADggEBAHgCVF+jIcaZZvA+6WolXW0W2qwbX3Ew
XLt649uLMBtMCHzk8wQwAWcj6Wb9mITN9BtbLJs1jN3TeCu9L+aA8I6x3696UCrh
gPMaZ0VudNHbra9NbYvUgDz03L7eh/i/TI1Jwf58fMK/aGznGBwa19k0hAJMH8xf
2vQzuyqyfE3XMA1CqIyNHgJkMXa9uwJAlxBprW10xl7xZigCT5VM1YC8oRg9zuuj
GpK8ZPa2dOWIcgxU01T1RHp6DGXGrH0mX5c2/Btxu7vG9rxTEup21nGPS4J5eFkL
cEn1s3V4xECuDW69Wns9FiMVp+Cu6t0svAPewMyZaEmqQa1PBUQ3/XE=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org