Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
File: 3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: ec5xOUc480+e5JO/ICwsbCu2lA5HMjImnr1k0XoW+BQ=
Subject key identifier: A4:1C:3B:13:DC:BD:93:F7:95:F8:1B:BE:F9:BE:69:32:28:66:58:8C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3DE086ED0ADB74F5783DDB613434200D02CC2869
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 51167
IP address blocks: 185.237.252.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e0:86:ed:0a:db:74:f5:78:3d:db:61:34:34:20:0d:02:cc:28:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=A41C3B13DCBD93F795F81BBEF9BE69322866588C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:8d:a6:43:99:c4:19:09:dd:8c:98:71:33:cf:
53:8f:ba:c2:67:7a:d8:54:51:69:26:df:40:37:96:
fe:5d:c5:fe:e9:51:3b:2f:2a:04:87:cf:78:d0:c2:
5c:65:0f:a7:b3:fb:81:cc:48:7c:ea:0e:bd:a7:4a:
44:52:8a:6b:23:4e:dc:2b:a1:11:7c:28:68:dd:8b:
ab:80:5b:3a:84:8d:e1:f3:ea:7f:19:cb:d9:0c:36:
30:fb:66:31:ab:31:33:1c:b2:86:2a:fa:a7:fa:4d:
c4:dc:5d:15:46:26:e9:4c:81:b1:de:35:37:0a:b8:
88:62:8e:d0:c0:b7:fb:20:f3:7c:d3:8e:06:e6:51:
7d:de:f1:8c:c0:c9:04:be:39:a8:ca:04:f6:30:03:
9e:1c:6b:6b:f3:c6:a8:13:2e:b0:16:67:e5:94:e1:
bc:37:0c:2b:a3:90:29:9c:52:04:3e:45:04:1c:c4:
ec:5e:98:97:ac:e9:73:ca:b9:63:17:c7:81:f0:eb:
15:68:de:ba:af:01:53:46:7f:24:5c:07:42:2a:4a:
88:df:c4:59:2d:fb:78:96:6f:13:f0:a4:28:cf:ba:
92:68:eb:81:8e:d9:b7:fe:f9:5c:b0:a4:89:d0:93:
0c:b7:a6:9d:df:f3:66:29:d4:bc:f1:3c:11:8a:7f:
bf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:1C:3B:13:DC:BD:93:F7:95:F8:1B:BE:F9:BE:69:32:28:66:58:8C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:d6:7a:36:3b:6e:98:ae:8c:97:a0:6a:25:3b:fe:f3:07:d1:
7c:b2:89:3d:7b:a3:4e:0b:50:3c:29:04:58:70:04:d5:69:57:
ab:b9:d9:ac:c1:c9:7f:4c:01:c3:43:6d:b5:39:a8:3d:69:bc:
03:e1:dc:cd:80:5b:a5:76:ec:38:31:16:da:24:95:0f:a3:8d:
11:1d:da:bd:fe:06:a5:94:58:10:ca:76:23:3c:83:0d:52:8c:
bf:bb:a0:2b:13:b1:85:64:ea:10:5c:14:ca:be:16:d3:80:6e:
5b:4d:7b:47:61:99:90:72:f1:84:e0:8a:61:30:94:51:c9:ef:
c5:d2:48:eb:7f:d2:ad:9f:97:95:c9:23:2b:fa:16:c0:8d:9a:
bb:74:9d:9f:8b:e4:60:da:ee:ac:73:bf:9c:bd:a0:08:02:9c:
bf:94:b6:3c:39:23:a6:bf:4a:0f:bc:24:3d:5b:76:cb:81:48:
21:d6:bd:0a:aa:54:3a:87:e6:97:2c:71:0b:1b:fc:25:b8:1e:
cb:16:81:cc:33:5d:5d:0a:77:83:95:74:5c:54:d3:75:8c:d8:
40:f1:3d:39:f4:f5:e4:14:b2:8a:a0:53:c3:eb:4d:16:f8:1a:
d8:4c:61:92:59:07:cb:96:04:f5:1a:51:ba:26:38:df:97:69:
d8:28:cf:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPeCG7QrbdPV4PdthNDQgDQLMKGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKEE0MUMzQjEzRENCRDkzRjc5NUY4MUJCRUY5QkU2OTMyMjg2NjU4OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxjaZDmcQZCd2MmHEzz1OPusJn
ethUUWkm30A3lv5dxf7pUTsvKgSHz3jQwlxlD6ez+4HMSHzqDr2nSkRSimsjTtwr
oRF8KGjdi6uAWzqEjeHz6n8Zy9kMNjD7ZjGrMTMcsoYq+qf6TcTcXRVGJulMgbHe
NTcKuIhijtDAt/sg83zTjgbmUX3e8YzAyQS+OajKBPYwA54ca2vzxqgTLrAWZ+WU
4bw3DCujkCmcUgQ+RQQcxOxemJes6XPKuWMXx4Hw6xVo3rqvAVNGfyRcB0IqSojf
xFkt+3iWbxPwpCjPupJo64GO2bf++VywpInQkwy3pp3f82Yp1LzxPBGKf7+lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpBw7E9y9k/eV+Bu++b5pMihmWIwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzcyZTMy
MzUzMjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG57fwwDQYJKoZIhvcNAQELBQADggEBAHrWejY7bpiujJegaiU7/vMH0XyyiT17
o04LUDwpBFhwBNVpV6u52azByX9MAcNDbbU5qD1pvAPh3M2AW6V27DgxFtoklQ+j
jREd2r3+BqWUWBDKdiM8gw1SjL+7oCsTsYVk6hBcFMq+FtOAbltNe0dhmZBy8YTg
imEwlFHJ78XSSOt/0q2fl5XJIyv6FsCNmrt0nZ+L5GDa7qxzv5y9oAgCnL+Utjw5
I6a/Sg+8JD1bdsuBSCHWvQqqVDqH5pcscQsb/CW4HssWgcwzXV0Kd4OVdFxU03WM
2EDxPTn09eQUsoqgU8PrTRb4GthMYZJZB8uWBPUaUbomON+XadgozxU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org