Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
File: 3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: QRTEasPIQPe+uaeIQqrlK0VcpoC7+JGiELTxf/RmSvs=
Subject key identifier: 2B:D2:2C:B3:E7:E3:49:BA:88:D9:E9:67:B1:10:F4:AA:FD:14:34:D2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 286CFB78D3C5E96CCE0CA4E0183EA5D93BAA65CD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
Signing time: Fri 20 Oct 2023 13:41:56 +0000
ROA not before: Fri 20 Oct 2023 13:36:56 +0000
ROA not after: Fri 18 Oct 2024 13:41:56 +0000
asID: 47583
IP address blocks: 185.239.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:6c:fb:78:d3:c5:e9:6c:ce:0c:a4:e0:18:3e:a5:d9:3b:aa:65:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:56 2023 GMT
Not After : Oct 18 13:41:56 2024 GMT
Subject: CN=2BD22CB3E7E349BA88D9E967B110F4AAFD1434D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:10:53:e0:0c:ae:62:19:d3:0b:b1:a3:52:
e5:c8:01:40:04:ff:6a:ab:0c:03:65:b6:28:0c:fc:
a7:1c:59:d5:a6:8c:59:04:7a:e9:22:34:d4:18:d3:
6e:52:e1:e5:ad:88:a7:9a:b2:cd:61:ce:ad:7f:f3:
0c:83:29:3b:37:2f:2b:e7:3a:58:66:d9:30:24:21:
4b:42:ae:1c:3b:91:34:98:cc:1e:35:05:c0:47:72:
32:b8:a5:d1:8f:cd:3f:6e:30:19:41:7e:68:da:03:
de:7a:f3:44:59:c8:f7:31:08:dc:17:8c:b0:40:35:
5c:b2:81:6d:dd:f6:5f:86:74:57:9a:cd:0b:b9:6e:
92:d7:ee:45:5b:5e:d3:86:80:a5:6d:8b:f0:a7:bf:
54:a1:10:f6:4d:94:ec:03:1d:84:a4:e0:07:38:6f:
85:d4:7d:f3:8c:9c:63:04:f8:1e:a5:18:0c:80:d4:
df:a5:80:10:30:e0:5a:74:3b:4d:23:c0:79:f0:cf:
9c:ad:6c:7a:24:09:96:42:48:17:fd:0c:a3:34:5d:
6f:c0:f5:cf:94:da:fe:85:50:c2:03:1d:35:c4:cb:
92:18:32:51:f4:bf:53:ce:82:8a:85:eb:67:5a:f1:
13:93:29:e6:81:df:fa:de:55:86:34:97:72:51:c2:
11:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D2:2C:B3:E7:E3:49:BA:88:D9:E9:67:B1:10:F4:AA:FD:14:34:D2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.210.0/24
Signature Algorithm: sha256WithRSAEncryption
21:4f:5c:ca:ac:1f:9b:fd:96:5b:cb:2b:ed:0f:29:c3:19:9a:
26:e5:86:57:49:9c:3e:23:5c:f6:80:fc:fe:30:fe:bd:df:b3:
62:e0:5d:be:a1:62:68:4a:c5:f0:49:6c:05:e5:b7:f1:37:4a:
b6:2c:ec:a0:15:fe:41:b5:02:c3:5c:1e:04:62:66:72:87:69:
4f:5e:f0:a8:55:c8:31:80:3c:8d:07:e0:3d:6e:02:54:13:c6:
22:f8:2b:91:ca:8d:48:33:6b:9c:28:90:cc:0e:64:9d:1f:02:
7e:3f:c6:b5:90:a1:b8:8a:16:f7:60:e2:e0:56:9a:da:0d:29:
5e:5f:38:b1:08:6e:22:34:1c:1e:66:9d:67:2b:92:bd:df:a9:
ec:01:55:5c:30:8d:a2:b3:3d:f8:78:87:ba:62:ab:52:70:aa:
2f:69:56:ff:94:7e:33:de:d8:71:b4:3c:40:1f:93:ee:25:24:
d0:e5:e7:06:ec:d0:0f:25:12:18:be:eb:87:35:62:97:55:d1:
66:66:c9:7d:aa:35:21:40:ec:43:a6:80:7d:4d:4f:f9:3c:df:
f0:44:b1:e8:4d:a7:70:68:47:87:b8:9a:e6:48:0c:47:fc:ff:
64:aa:d9:20:83:c0:13:c7:ea:6c:c6:1f:64:8a:b1:cb:f4:35:
f8:08:c6:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKGz7eNPF6WzODKTgGD6l2TuqZc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTZaFw0yNDEwMTgxMzQxNTZaMDMxMTAvBgNV
BAMTKDJCRDIyQ0IzRTdFMzQ5QkE4OEQ5RTk2N0IxMTBGNEFBRkQxNDM0RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuEBBT4AyuYhnTC7GjUuXIAUAE
/2qrDANltigM/KccWdWmjFkEeukiNNQY025S4eWtiKeass1hzq1/8wyDKTs3Lyvn
Olhm2TAkIUtCrhw7kTSYzB41BcBHcjK4pdGPzT9uMBlBfmjaA95680RZyPcxCNwX
jLBANVyygW3d9l+GdFeazQu5bpLX7kVbXtOGgKVti/Cnv1ShEPZNlOwDHYSk4Ac4
b4XUffOMnGME+B6lGAyA1N+lgBAw4Fp0O00jwHnwz5ytbHokCZZCSBf9DKM0XW/A
9c+U2v6FUMIDHTXEy5IYMlH0v1POgoqF62da8ROTKeaB3/reVYY0l3JRwhELAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUK9Iss+fjSbqI2elnsRD0qv0UNNIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC579IwDQYJKoZIhvcNAQELBQADggEBACFPXMqsH5v9llvLK+0PKcMZmiblhldJ
nD4jXPaA/P4w/r3fs2LgXb6hYmhKxfBJbAXlt/E3SrYs7KAV/kG1AsNcHgRiZnKH
aU9e8KhVyDGAPI0H4D1uAlQTxiL4K5HKjUgza5wokMwOZJ0fAn4/xrWQobiKFvdg
4uBWmtoNKV5fOLEIbiI0HB5mnWcrkr3fqewBVVwwjaKzPfh4h7piq1Jwqi9pVv+U
fjPe2HG0PEAfk+4lJNDl5wbs0A8lEhi+64c1YpdV0WZmyX2qNSFA7EOmgH1NT/k8
3/BEsehNp3BoR4e4muZIDEf8/2Sq2SCDwBPH6mzGH2SKscv0NfgIxlk=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org