Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +Oz4Xb930pacSDOVBA6g2x2n+8dBjHdY/qHPjDP/O38=
Subject key identifier: AA:14:E4:91:34:1D:C3:AF:67:EF:0E:93:1E:C3:85:12:A6:5A:DD:FD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 411B2747AA97260B8A4CF6378BF8D9550E76FA2D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:29 +0000
ROA not before: Fri 26 Jan 2024 18:57:29 +0000
ROA not after: Fri 24 Jan 2025 19:02:29 +0000
asID: 136787
IP address blocks: 185.234.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:1b:27:47:aa:97:26:0b:8a:4c:f6:37:8b:f8:d9:55:0e:76:fa:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:29 2024 GMT
Not After : Jan 24 19:02:29 2025 GMT
Subject: CN=AA14E491341DC3AF67EF0E931EC38512A65ADDFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:f9:58:4a:73:42:1b:ed:7b:3e:2b:3b:17:
51:ac:48:be:bb:4f:22:04:32:e6:aa:23:6f:85:a6:
a0:8d:6a:6b:71:c3:e3:5c:13:df:ee:63:35:78:b6:
e7:34:e8:a3:95:79:1d:ec:04:23:20:be:94:b0:b4:
f4:2d:4a:40:95:58:78:dc:ba:da:a7:7d:1f:85:a1:
b5:5c:89:4c:42:03:30:00:eb:1e:55:e5:ca:2b:1b:
2f:01:09:ab:bc:24:e5:88:4d:89:6f:4d:5e:e9:14:
db:7b:14:83:af:a8:37:8c:31:c5:38:92:07:f9:f1:
a5:1a:01:a5:2c:ad:b4:34:75:7c:c6:9a:97:ff:52:
36:f4:ae:3d:28:bd:8d:74:a2:3b:9f:17:d6:62:be:
b8:3e:2e:bf:f0:c1:a1:7e:04:d9:30:f0:82:4e:2c:
fc:71:31:cd:4c:ad:12:69:d8:95:9e:13:af:b2:7f:
1b:88:c0:ef:61:79:0d:6c:8b:2e:d6:82:e4:43:14:
7c:ca:58:39:fb:77:49:8e:0a:de:ea:15:25:3d:13:
6c:00:59:e7:d8:6a:93:21:6e:30:10:8d:e0:ae:b2:
71:d9:a2:63:f9:11:b3:71:ac:b4:e4:b8:2c:a4:d4:
1b:57:78:07:16:76:bf:41:5d:64:a2:a8:bd:36:f6:
3c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:14:E4:91:34:1D:C3:AF:67:EF:0E:93:1E:C3:85:12:A6:5A:DD:FD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.70.0/24
Signature Algorithm: sha256WithRSAEncryption
94:af:f2:17:32:40:44:ae:b3:7f:07:4f:4d:f5:1c:3d:20:e3:
1b:c2:24:ad:de:01:e4:6a:55:c0:42:eb:94:2f:38:5d:17:ba:
5c:08:e9:12:93:a1:e4:9a:56:93:33:5d:45:cc:fc:88:4b:3a:
35:25:95:bd:dd:a6:29:98:0b:72:7d:a2:89:72:8e:9b:01:10:
c0:d9:2e:d2:12:61:87:cd:1c:28:dc:56:e8:d9:70:84:19:06:
61:4d:ee:03:a8:0b:b5:5f:b1:b5:71:78:3a:d1:81:50:9a:23:
00:b0:9a:5a:d0:73:65:6a:df:45:2e:5e:65:c6:eb:c0:a7:b2:
34:73:39:3e:04:01:7a:51:e5:ad:54:24:66:06:1c:5a:f9:b1:
f0:3a:fe:32:97:b9:2c:1b:84:ea:ad:e5:27:4b:0f:fb:93:62:
ec:3f:65:3e:fe:2c:7c:88:30:27:0e:53:2d:4c:df:84:d2:eb:
3f:02:2a:c0:ca:bb:0c:85:b2:96:19:46:53:95:c3:3e:3e:45:
f0:f2:77:c7:44:b0:2c:ef:59:e0:af:0d:21:ea:a6:60:a9:1c:
22:a3:c3:b6:b5:34:67:90:bf:02:3a:66:40:23:44:8a:a7:31:
1a:03:48:9d:e7:5e:64:eb:06:64:df:ff:de:28:2c:1a:2c:d8:
ca:05:c4:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQRsnR6qXJguKTPY3i/jZVQ52+i0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MjlaFw0yNTAxMjQxOTAyMjlaMDMxMTAvBgNV
BAMTKEFBMTRFNDkxMzQxREMzQUY2N0VGMEU5MzFFQzM4NTEyQTY1QURERkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5RPlYSnNCG+17Pis7F1GsSL67
TyIEMuaqI2+FpqCNamtxw+NcE9/uYzV4tuc06KOVeR3sBCMgvpSwtPQtSkCVWHjc
utqnfR+FobVciUxCAzAA6x5V5corGy8BCau8JOWITYlvTV7pFNt7FIOvqDeMMcU4
kgf58aUaAaUsrbQ0dXzGmpf/Ujb0rj0ovY10ojufF9Zivrg+Lr/wwaF+BNkw8IJO
LPxxMc1MrRJp2JWeE6+yfxuIwO9heQ1siy7WguRDFHzKWDn7d0mOCt7qFSU9E2wA
WefYapMhbjAQjeCusnHZomP5EbNxrLTkuCyk1BtXeAcWdr9BXWSiqL029jxdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqhTkkTQdw69n7w6THsOFEqZa3f0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kYwDQYJKoZIhvcNAQELBQADggEBAJSv8hcyQESus38HT031HD0g4xvCJK3e
AeRqVcBC65QvOF0XulwI6RKToeSaVpMzXUXM/IhLOjUllb3dpimYC3J9oolyjpsB
EMDZLtISYYfNHCjcVujZcIQZBmFN7gOoC7VfsbVxeDrRgVCaIwCwmlrQc2Vq30Uu
XmXG68CnsjRzOT4EAXpR5a1UJGYGHFr5sfA6/jKXuSwbhOqt5SdLD/uTYuw/ZT7+
LHyIMCcOUy1M34TS6z8CKsDKuwyFspYZRlOVwz4+RfDyd8dEsCzvWeCvDSHqpmCp
HCKjw7a1NGeQvwI6ZkAjRIqnMRoDSJ3nXmTrBmTf/94oLBos2MoFxFk=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org