Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
File: 3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: mIF6gqaIMS0Kzy5dratLPGZXOH/h2x4GE+DwXRj36fI=
Subject key identifier: CF:FE:3A:1B:35:60:90:84:C0:C4:B6:18:5C:30:5E:B0:BB:BA:1A:F4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5653EAB1ECE964681FB0689CD692B8367F76461E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
Signing time: Mon 26 Feb 2024 08:53:26 +0000
ROA not before: Mon 26 Feb 2024 08:48:26 +0000
ROA not after: Mon 24 Feb 2025 08:53:26 +0000
asID: 141995
IP address blocks: 185.111.159.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:53:ea:b1:ec:e9:64:68:1f:b0:68:9c:d6:92:b8:36:7f:76:46:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:26 2024 GMT
Not After : Feb 24 08:53:26 2025 GMT
Subject: CN=CFFE3A1B35609084C0C4B6185C305EB0BBBA1AF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fc:38:05:2e:68:bd:d6:3a:90:21:68:83:c3:
37:69:6f:43:8b:11:63:d5:8d:c0:72:62:94:18:3f:
e3:be:c4:53:af:7e:9c:3f:92:e8:63:58:cd:72:e8:
e5:f0:46:30:d6:05:0b:bb:4c:f7:ff:da:45:4e:da:
1f:70:bc:45:41:6d:b8:24:ab:d1:a3:37:94:6d:c0:
ab:bb:08:9d:62:07:1c:95:07:9b:4a:65:94:95:ab:
1d:28:da:2b:66:ea:56:c8:fb:4d:dc:ae:ba:e0:cf:
09:d2:e6:08:f7:89:46:a5:3e:0a:64:c3:1f:21:05:
07:3e:6a:d4:31:2e:8f:7b:78:cc:22:79:9c:99:6c:
65:cc:3d:f4:54:36:45:00:77:39:fa:42:00:75:13:
87:b5:8b:a5:e1:f1:89:d3:f9:fd:6c:38:c5:b2:d1:
3a:c8:c8:84:58:f2:6b:40:b2:38:90:da:aa:31:72:
06:d2:a6:02:22:ba:04:cd:22:01:aa:19:27:87:28:
84:bf:b4:86:a2:91:98:00:40:b0:80:5b:14:24:f6:
46:a6:f2:d7:86:f4:96:56:41:4e:d8:d6:41:48:3c:
09:6e:07:95:18:3c:d3:fe:7b:e4:10:4c:5f:9c:8c:
78:f9:e5:69:8c:df:57:de:c4:8c:8f:8e:5b:c7:e8:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FE:3A:1B:35:60:90:84:C0:C4:B6:18:5C:30:5E:B0:BB:BA:1A:F4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.159.0/24
Signature Algorithm: sha256WithRSAEncryption
46:90:94:70:e4:7b:ae:cc:02:e2:31:65:39:f5:89:c4:f0:cf:
9b:c0:90:a4:bb:cc:25:73:4a:7e:9c:3c:5a:dd:24:ca:09:cc:
5f:d0:37:1e:15:21:6b:47:24:36:90:b3:49:15:d4:cc:7a:ae:
f3:d1:54:8a:f4:ad:a4:88:14:26:db:51:f0:8c:58:11:da:a3:
33:82:02:4c:f0:ad:d0:4c:5a:cc:6a:d8:50:83:85:42:89:59:
7b:49:e4:9f:5f:e3:ac:f0:92:2b:98:5c:1a:53:ce:d0:4d:ab:
5b:28:62:0d:a9:45:45:4b:91:58:e1:65:de:fd:74:76:90:93:
c2:2b:c4:ca:ed:a0:d6:31:b6:8e:f7:50:c5:36:b5:05:b7:77:
27:7f:8d:c1:03:f4:5d:28:f7:bd:e0:c2:ba:0b:dc:92:e8:b1:
e2:d5:5b:d1:e7:15:e7:5e:5a:0b:02:be:c6:17:1d:ab:2b:d2:
81:e4:a6:dc:63:59:2b:47:da:3d:83:85:55:d9:59:54:64:31:
5c:a5:91:bd:09:12:39:30:7e:4d:3f:14:35:26:6b:d6:d6:03:
61:f2:f2:59:6b:e2:64:93:1f:2f:f8:42:81:95:21:0c:8f:68:
a4:b6:aa:cf:0c:e9:9f:6a:5c:9e:01:5c:eb:76:85:96:b3:4c:
d1:20:c6:27
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVlPqsezpZGgfsGic1pK4Nn92Rh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjZaFw0yNTAyMjQwODUzMjZaMDMxMTAvBgNV
BAMTKENGRkUzQTFCMzU2MDkwODRDMEM0QjYxODVDMzA1RUIwQkJCQTFBRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP/DgFLmi91jqQIWiDwzdpb0OL
EWPVjcByYpQYP+O+xFOvfpw/kuhjWM1y6OXwRjDWBQu7TPf/2kVO2h9wvEVBbbgk
q9GjN5RtwKu7CJ1iBxyVB5tKZZSVqx0o2itm6lbI+03crrrgzwnS5gj3iUalPgpk
wx8hBQc+atQxLo97eMwieZyZbGXMPfRUNkUAdzn6QgB1E4e1i6Xh8YnT+f1sOMWy
0TrIyIRY8mtAsjiQ2qoxcgbSpgIiugTNIgGqGSeHKIS/tIaikZgAQLCAWxQk9kam
8teG9JZWQU7Y1kFIPAluB5UYPNP+e+QQTF+cjHj55WmM31fexIyPjlvH6PCjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUz/46GzVgkITAxLYYXDBesLu6GvQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzOTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlvnzANBgkqhkiG9w0BAQsFAAOCAQEARpCUcOR7rswC4jFlOfWJxPDPm8CQ
pLvMJXNKfpw8Wt0kygnMX9A3HhUha0ckNpCzSRXUzHqu89FUivStpIgUJttR8IxY
EdqjM4ICTPCt0ExazGrYUIOFQolZe0nkn1/jrPCSK5hcGlPO0E2rWyhiDalFRUuR
WOFl3v10dpCTwivEyu2g1jG2jvdQxTa1Bbd3J3+NwQP0XSj3veDCugvckuix4tVb
0ecV515aCwK+xhcdqyvSgeSm3GNZK0faPYOFVdlZVGQxXKWRvQkSOTB+TT8UNSZr
1tYDYfLyWWviZJMfL/hCgZUhDI9opLaqzwzpn2pcngFc63aFlrNM0SDGJw==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org