Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: yxKruRi4tkJxbtQ+1s/XlagU/qoWNx9UeE7nYXc9+Ww=
Subject key identifier: 6B:1B:38:58:E7:C9:C4:41:F5:8F:DF:08:32:D2:A6:54:41:BB:D8:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 407D8B00087F6D3E1D1CF0CE85A20D41B2F63A99
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:47 +0000
ROA not before: Fri 20 Oct 2023 13:36:47 +0000
ROA not after: Fri 18 Oct 2024 13:41:47 +0000
asID: 136787
IP address blocks: 185.237.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:7d:8b:00:08:7f:6d:3e:1d:1c:f0:ce:85:a2:0d:41:b2:f6:3a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:47 2023 GMT
Not After : Oct 18 13:41:47 2024 GMT
Subject: CN=6B1B3858E7C9C441F58FDF0832D2A65441BBD864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:b7:56:49:de:2c:0c:aa:15:0e:e6:78:c0:
5a:d7:4e:e6:18:90:42:96:c7:6d:0c:35:61:3a:94:
ec:b3:ad:ed:72:77:1f:52:6a:7c:a3:b0:7c:26:73:
2c:17:9d:d7:60:06:0e:8c:db:29:54:5e:f0:c3:7f:
dd:3d:57:81:5f:be:dd:82:f5:14:d9:96:b3:f5:8b:
d4:92:88:5c:f3:c2:54:c9:85:59:9f:99:3f:e3:9c:
77:76:7c:0f:a4:c5:79:bf:be:19:fd:7f:ca:c4:a9:
3a:f9:25:ec:ab:2b:07:45:04:7d:6d:b5:aa:9b:a9:
47:90:98:bf:b9:73:f8:70:32:14:0f:41:81:a2:00:
8e:51:72:46:99:1d:22:be:5d:f0:37:c8:9c:a6:bf:
20:52:eb:ec:57:62:04:70:d2:6b:cf:6f:84:ba:e4:
7f:5c:a3:73:76:d7:93:12:b1:be:6f:cb:9c:00:b7:
d6:30:df:61:89:4c:41:2b:45:81:6b:99:9d:ef:99:
f5:88:8b:73:64:b9:ee:c8:3f:80:1a:3f:ff:5e:0c:
fd:b0:bb:73:7d:b1:68:9a:0c:b5:ee:6f:54:e9:50:
e2:9f:73:bd:13:13:c7:03:29:fa:24:c4:e4:c5:ba:
ee:d1:c1:43:f1:58:e1:23:8f:fd:2b:e4:97:df:df:
f4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:38:58:E7:C9:C4:41:F5:8F:DF:08:32:D2:A6:54:41:BB:D8:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.254.0/24
Signature Algorithm: sha256WithRSAEncryption
68:6c:ae:76:e0:a2:18:9c:ee:15:6d:69:88:05:93:02:df:82:
e0:65:4a:eb:fc:60:9f:2b:e2:e0:89:36:56:58:88:f0:72:29:
5c:62:99:27:7a:60:45:86:e8:19:96:4a:66:9f:85:ac:99:32:
d3:92:1f:8b:d8:84:33:20:b7:97:d9:18:b6:08:3a:eb:fc:3f:
01:e3:c0:c7:d8:67:9e:e6:7b:68:53:26:c0:c0:0b:bd:0b:35:
17:66:b4:0c:b5:86:7d:fd:6c:72:69:d0:95:8f:a3:27:e5:3e:
51:a5:46:e5:29:52:79:06:52:a7:57:de:65:43:3e:87:27:75:
b6:26:0c:71:9f:1a:2a:5d:30:4b:72:0e:02:10:d3:04:42:1e:
84:52:fa:2e:aa:4a:72:f1:2a:d2:4d:1c:39:2b:16:8a:f6:e7:
f9:24:1a:82:e3:7c:ec:48:b6:61:ab:19:d2:b3:1b:06:7f:15:
ba:49:bd:43:06:38:e5:4b:58:b1:3c:f5:87:2e:af:05:ca:7c:
cd:f0:b2:41:1f:a3:6e:62:73:af:e7:76:7f:71:08:3b:8f:d7:
d6:21:c1:43:09:15:47:cf:76:b1:03:b4:a4:d6:64:6a:75:22:
1e:4d:82:5c:63:6f:62:d7:d2:7f:e8:4e:a7:4a:06:c1:83:56:
a8:7e:e3:92
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQH2LAAh/bT4dHPDOhaINQbL2OpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDdaFw0yNDEwMTgxMzQxNDdaMDMxMTAvBgNV
BAMTKDZCMUIzODU4RTdDOUM0NDFGNThGREYwODMyRDJBNjU0NDFCQkQ4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9/LdWSd4sDKoVDuZ4wFrXTuYY
kEKWx20MNWE6lOyzre1ydx9SanyjsHwmcywXnddgBg6M2ylUXvDDf909V4Ffvt2C
9RTZlrP1i9SSiFzzwlTJhVmfmT/jnHd2fA+kxXm/vhn9f8rEqTr5JeyrKwdFBH1t
taqbqUeQmL+5c/hwMhQPQYGiAI5RckaZHSK+XfA3yJymvyBS6+xXYgRw0mvPb4S6
5H9co3N215MSsb5vy5wAt9Yw32GJTEErRYFrmZ3vmfWIi3Nkue7IP4AaP/9eDP2w
u3N9sWiaDLXub1TpUOKfc70TE8cDKfokxOTFuu7RwUPxWOEjj/0r5Jff3/SNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaxs4WOfJxEH1j98IMtKmVEG72GQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzcyZTMy
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnt/jANBgkqhkiG9w0BAQsFAAOCAQEAaGyuduCiGJzuFW1piAWTAt+C4GVK
6/xgnyvi4Ik2VliI8HIpXGKZJ3pgRYboGZZKZp+FrJky05Ifi9iEMyC3l9kYtgg6
6/w/AePAx9hnnuZ7aFMmwMALvQs1F2a0DLWGff1scmnQlY+jJ+U+UaVG5SlSeQZS
p1feZUM+hyd1tiYMcZ8aKl0wS3IOAhDTBEIehFL6LqpKcvEq0k0cOSsWivbn+SQa
guN87Ei2YasZ0rMbBn8Vukm9QwY45UtYsTz1hy6vBcp8zfCyQR+jbmJzr+d2f3EI
O4/X1iHBQwkVR892sQO0pNZkanUiHk2CXGNvYtfSf+hOp0oGwYNWqH7jkg==
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org