Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
File: 3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: gJd7tx6gXlGz/UsEu5C1kW2vqZLXPN6SkPM6GQRe/j0=
Subject key identifier: 4C:81:9A:40:6D:2E:4A:E9:2D:0F:F5:3F:4A:F9:F9:7C:C3:96:9A:C2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0FC05E9F832FCCDA802BDF567AF6CBA387FE5A32
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
Signing time: Mon 27 Jan 2025 09:45:02 +0000
ROA not before: Mon 27 Jan 2025 09:40:02 +0000
ROA not after: Mon 26 Jan 2026 09:45:02 +0000
asID: 61317
IP address blocks: 185.111.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c0:5e:9f:83:2f:cc:da:80:2b:df:56:7a:f6:cb:a3:87:fe:5a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:02 2025 GMT
Not After : Jan 26 09:45:02 2026 GMT
Subject: CN=4C819A406D2E4AE92D0FF53F4AF9F97CC3969AC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:b8:a5:f2:78:94:be:21:73:27:4b:83:75:
10:bd:ce:37:7f:94:c7:82:3c:64:bd:86:98:9a:7d:
53:bc:30:c5:1c:44:67:81:d8:19:19:b5:9a:33:47:
71:42:8f:05:c3:e4:97:22:10:19:9f:73:f3:22:d0:
44:9d:53:b7:a8:d1:a2:21:a6:f6:7a:6e:45:9e:28:
ac:00:33:f5:c1:56:b9:66:2a:69:27:ec:73:bd:64:
e2:ad:4f:02:8a:23:77:8a:b4:b3:33:71:4e:31:82:
5e:b0:dc:ea:6a:ec:56:c3:3d:dc:dc:6a:4e:97:7b:
e6:77:24:12:19:0c:95:4b:0d:41:86:c6:24:b7:ce:
db:21:38:fd:92:7b:fb:89:e4:b9:e9:6e:b8:25:61:
4e:b0:78:f1:a6:94:d0:c5:8f:11:1d:57:de:65:2d:
71:d3:7e:4b:55:01:24:f3:26:3f:c9:36:56:dc:b4:
bd:c3:10:f0:c1:c8:04:e8:ce:6f:a6:87:13:66:43:
dc:3f:cf:2c:40:e9:f0:2e:71:5f:0d:0f:61:f6:4f:
34:91:5f:ba:9d:57:fa:a7:38:f8:53:42:72:36:27:
60:07:37:90:a0:15:53:05:6f:6a:d3:01:b4:42:92:
5b:71:f8:b2:eb:ab:67:b3:bc:ed:97:5c:8b:f2:b6:
ce:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:81:9A:40:6D:2E:4A:E9:2D:0F:F5:3F:4A:F9:F9:7C:C3:96:9A:C2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.158.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:9e:39:1f:78:56:bb:92:e9:c3:5c:a4:74:fa:c4:c0:ee:86:
32:01:d9:44:b0:6e:25:a6:89:af:91:e4:01:f6:36:a9:0f:5f:
fb:5c:7f:1a:49:77:b5:8a:18:29:10:27:b0:aa:db:70:de:bd:
06:87:4a:2e:4c:bd:81:3c:76:53:08:ab:e5:eb:dd:6f:b1:b4:
7b:fb:2f:3d:c1:18:24:f6:0c:d1:c8:01:8e:98:ea:fd:8e:f0:
bb:ae:31:9e:cf:46:3d:98:20:ef:23:f2:f5:98:ed:70:bd:5f:
9b:18:de:ae:fa:d1:41:dc:7c:bb:b6:d8:e4:76:83:e3:c1:22:
15:4e:0d:5d:bb:0e:5e:56:e5:38:71:5d:fd:56:8c:06:b3:c3:
c0:db:60:e0:08:d6:8d:73:9e:51:49:cf:5d:25:e1:90:01:0f:
c5:f8:01:98:6f:d1:9d:05:87:e4:11:90:24:4b:cd:9e:34:4e:
31:b6:f0:b4:a9:cd:39:a0:a6:13:6b:a5:19:e7:c9:1a:79:17:
7c:c1:9a:95:fb:39:b4:57:8b:1d:3d:25:38:a1:b4:71:ab:f5:
3e:5a:37:cd:0b:e6:cb:d0:57:73:67:4a:b7:fd:7d:95:b0:c9:
3a:d7:bd:b3:0e:75:07:91:a4:01:f1:bc:bd:eb:11:03:e6:8f:
45:ef:70:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUD8Ben4MvzNqAK99WevbLo4f+WjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDJaFw0yNjAxMjYwOTQ1MDJaMDMxMTAvBgNV
BAMTKDRDODE5QTQwNkQyRTRBRTkyRDBGRjUzRjRBRjlGOTdDQzM5NjlBQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDVril8niUviFzJ0uDdRC9zjd/
lMeCPGS9hpiafVO8MMUcRGeB2BkZtZozR3FCjwXD5JciEBmfc/Mi0ESdU7eo0aIh
pvZ6bkWeKKwAM/XBVrlmKmkn7HO9ZOKtTwKKI3eKtLMzcU4xgl6w3Opq7FbDPdzc
ak6Xe+Z3JBIZDJVLDUGGxiS3ztshOP2Se/uJ5LnpbrglYU6wePGmlNDFjxEdV95l
LXHTfktVASTzJj/JNlbctL3DEPDByATozm+mhxNmQ9w/zyxA6fAucV8ND2H2TzSR
X7qdV/qnOPhTQnI2J2AHN5CgFVMFb2rTAbRCkltx+LLrq2ezvO2XXIvyts55AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTIGaQG0uSuktD/U/Svn5fMOWmsIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b54wDQYJKoZIhvcNAQELBQADggEBAC2eOR94VruS6cNcpHT6xMDuhjIB2USw
biWmia+R5AH2NqkPX/tcfxpJd7WKGCkQJ7Cq23DevQaHSi5MvYE8dlMIq+Xr3W+x
tHv7Lz3BGCT2DNHIAY6Y6v2O8LuuMZ7PRj2YIO8j8vWY7XC9X5sY3q760UHcfLu2
2OR2g+PBIhVODV27Dl5W5ThxXf1WjAazw8DbYOAI1o1znlFJz10l4ZABD8X4AZhv
0Z0Fh+QRkCRLzZ40TjG28LSpzTmgphNrpRnnyRp5F3zBmpX7ObRXix09JTihtHGr
9T5aN80L5svQV3NnSrf9fZWwyTrXvbMOdQeRpAHxvL3rEQPmj0XvcAY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:13 2025 by rpki-client