Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33362e302f32332d3332203d3e203531313637.roa
File: 3138352e3235302e33362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: POnhFyCCC2dkm6/NzWnKwTlVBM3/nMGVcjWQ3MLsnzo=
Subject key identifier: 41:CC:8A:AC:BA:86:98:FD:7E:E2:1F:C1:FC:BA:56:A6:95:D4:69:9E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 47DE34000A04A050E8D88D80861EF6CAB8263B7F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:59 +0000
ROA not before: Fri 20 Sep 2024 13:59:59 +0000
ROA not after: Fri 19 Sep 2025 14:04:59 +0000
asID: 51167
IP address blocks: 185.250.36.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:de:34:00:0a:04:a0:50:e8:d8:8d:80:86:1e:f6:ca:b8:26:3b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:59 2024 GMT
Not After : Sep 19 14:04:59 2025 GMT
Subject: CN=41CC8AACBA8698FD7EE21FC1FCBA56A695D4699E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:6e:22:6e:f3:66:d3:07:70:c1:78:8a:15:
5d:83:3f:1e:66:4f:72:dc:a7:4b:c9:fb:17:cd:40:
0f:ed:5a:4b:84:3d:2a:f4:23:2f:81:79:04:f6:0f:
d6:b3:12:a5:4b:d2:a7:98:b1:e2:ef:37:75:39:ef:
fd:c9:dc:b1:5c:97:ce:12:44:f3:73:81:59:b7:d3:
b2:3d:4a:f0:2b:14:80:1a:29:bf:04:0e:f4:60:42:
c1:07:4b:8e:55:99:95:d9:cd:de:e2:9f:a2:4f:f7:
fd:70:8b:f9:a8:eb:a1:dd:85:93:9f:64:fb:cb:92:
3a:66:ca:fd:91:5f:d1:c0:49:e6:e1:46:24:11:aa:
14:80:ab:76:75:2e:d5:6e:24:b0:b5:c5:0d:ee:8f:
fa:4b:da:c1:96:06:99:3b:88:e4:fd:21:d1:22:76:
01:e2:aa:e6:c9:d1:bf:ce:38:67:c7:62:1a:b0:9c:
a1:c6:26:28:c0:78:6a:bc:20:7b:ae:62:78:af:e8:
a1:fd:0a:f2:51:99:20:2f:83:0b:9d:eb:08:94:8c:
0d:11:7c:c2:c8:ce:30:ac:9b:9e:6f:35:61:53:47:
a9:75:0d:c6:68:09:8d:3d:62:2d:8c:17:fa:b3:b6:
af:ea:7e:a9:da:aa:0c:41:3a:6a:0e:e4:db:3e:b8:
92:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:8A:AC:BA:86:98:FD:7E:E2:1F:C1:FC:BA:56:A6:95:D4:69:9E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.36.0/23
Signature Algorithm: sha256WithRSAEncryption
02:50:6d:40:7a:80:d7:67:47:05:2c:44:aa:89:f5:4a:d0:32:
a0:08:89:ea:e7:f6:ea:1d:89:d5:54:73:69:a6:1c:7c:09:97:
cf:3d:46:a9:07:42:03:9c:f9:90:64:e2:d5:05:94:4a:a3:1e:
a7:21:27:72:82:f3:72:5a:61:b8:cb:97:5b:12:32:b5:81:ad:
9f:8a:27:ca:73:22:cc:9f:0c:d8:07:4a:a0:25:c0:6a:f3:fe:
34:8d:22:78:88:6d:b5:b5:49:53:79:9e:63:65:41:96:d5:46:
57:8a:9d:8d:d9:86:75:c2:e7:26:23:8e:b1:83:ca:11:14:6e:
a7:8b:87:6b:c5:c8:91:d5:3a:a8:fb:2b:b6:ac:93:01:89:67:
3c:c1:ef:31:6a:9d:cd:13:9d:2d:01:8b:e6:28:9d:10:1d:d6:
4e:4d:5a:35:32:89:f4:1c:f0:d3:5c:a3:e3:be:a2:00:c9:ff:
58:13:67:23:5c:45:7b:a9:47:09:e4:01:4e:eb:28:65:e8:cb:
b2:12:e0:40:14:a6:08:81:5a:ef:07:4b:fe:73:32:40:1f:0a:
60:7b:d1:94:35:4d:69:07:77:c4:ad:c5:f5:1c:73:69:35:0c:
03:ac:37:c2:78:ec:fb:c3:3b:71:4b:4a:40:e1:c9:8f:38:71:
16:8b:7c:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR940AAoEoFDo2I2Ahh72yrgmO38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTlaFw0yNTA5MTkxNDA0NTlaMDMxMTAvBgNV
BAMTKDQxQ0M4QUFDQkE4Njk4RkQ3RUUyMUZDMUZDQkE1NkE2OTVENDY5OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Jm4ibvNm0wdwwXiKFV2DPx5m
T3Lcp0vJ+xfNQA/tWkuEPSr0Iy+BeQT2D9azEqVL0qeYseLvN3U57/3J3LFcl84S
RPNzgVm307I9SvArFIAaKb8EDvRgQsEHS45VmZXZzd7in6JP9/1wi/mo66HdhZOf
ZPvLkjpmyv2RX9HASebhRiQRqhSAq3Z1LtVuJLC1xQ3uj/pL2sGWBpk7iOT9IdEi
dgHiqubJ0b/OOGfHYhqwnKHGJijAeGq8IHuuYniv6KH9CvJRmSAvgwud6wiUjA0R
fMLIzjCsm55vNWFTR6l1DcZoCY09Yi2MF/qztq/qfqnaqgxBOmoO5Ns+uJIxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQcyKrLqGmP1+4h/B/LpWppXUaZ4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM1MzAyZTMz
MzYyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
ufokMA0GCSqGSIb3DQEBCwUAA4IBAQACUG1AeoDXZ0cFLESqifVK0DKgCInq5/bq
HYnVVHNpphx8CZfPPUapB0IDnPmQZOLVBZRKox6nISdygvNyWmG4y5dbEjK1ga2f
iifKcyLMnwzYB0qgJcBq8/40jSJ4iG21tUlTeZ5jZUGW1UZXip2N2YZ1wucmI46x
g8oRFG6ni4drxciR1Tqo+yu2rJMBiWc8we8xap3NE50tAYvmKJ0QHdZOTVo1Mon0
HPDTXKPjvqIAyf9YE2cjXEV7qUcJ5AFO6yhl6MuyEuBAFKYIgVrvB0v+czJAHwpg
e9GUNU1pB3fErcX1HHNpNQwDrDfCeOz7wztxS0pA4cmPOHEWi3zK
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org