Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
File: 3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: P8Qi/5udTFXI/i5A9fqQvKTv56Cl0WQTq5+r5u0oghU=
Subject key identifier: A5:62:10:D8:32:73:04:4F:27:F6:B7:67:55:56:F4:10:DF:6C:74:DB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2CE4EB46726E7A974F35A1D0FE54CEED2E78B729
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
Signing time: Mon 27 Jan 2025 09:45:23 +0000
ROA not before: Mon 27 Jan 2025 09:40:23 +0000
ROA not after: Mon 26 Jan 2026 09:45:23 +0000
asID: 141995
IP address blocks: 185.111.159.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e4:eb:46:72:6e:7a:97:4f:35:a1:d0:fe:54:ce:ed:2e:78:b7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:23 2025 GMT
Not After : Jan 26 09:45:23 2026 GMT
Subject: CN=A56210D83273044F27F6B7675556F410DF6C74DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:cd:c8:8c:c6:8e:9e:b5:4e:fd:29:c6:8c:
fc:f9:11:38:54:01:79:fe:c4:70:b9:f7:71:f3:5b:
86:b7:d4:7d:57:e0:bb:42:69:3b:67:41:ee:5a:5b:
a9:14:9c:cc:90:32:22:18:73:2e:53:12:7e:d9:07:
db:7a:66:6a:7f:c8:8a:9d:66:42:7c:43:38:7b:af:
24:b3:9e:78:30:8e:46:cc:d0:bf:25:0a:66:a2:e8:
1f:ed:69:00:74:bf:4b:87:d1:d1:68:e9:b9:bc:dd:
f7:7b:65:81:9f:7e:a3:dd:c6:68:7e:b8:91:64:31:
b2:cc:6e:ac:e3:1a:40:aa:18:97:33:5b:ea:c6:f1:
be:e3:8f:30:c5:94:27:6b:8d:24:ff:44:29:11:ac:
78:db:6d:a6:09:c7:4b:4b:79:e4:7e:a1:4b:ff:d6:
b5:3a:1f:8e:ba:2c:c6:be:ed:29:d3:86:2e:e6:9a:
1c:03:32:6e:2a:62:e6:74:82:38:78:fd:f5:9c:fd:
79:27:d5:42:1f:b8:01:8a:ef:1d:60:c8:a2:80:15:
f5:53:9d:90:92:25:f4:b7:8a:1f:d7:8e:32:82:21:
d3:e0:c2:12:a6:2d:78:bc:c1:65:4e:96:2c:f1:69:
d5:50:10:c4:09:5c:15:f8:6b:1f:fb:6b:b3:c1:4e:
a1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:62:10:D8:32:73:04:4F:27:F6:B7:67:55:56:F4:10:DF:6C:74:DB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135392e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.159.0/24
Signature Algorithm: sha256WithRSAEncryption
08:04:d8:bd:c4:b2:6c:2e:ab:4c:53:ec:a6:52:20:5e:15:b4:
f9:fb:c6:da:3f:70:3d:3c:46:0f:29:75:98:7f:88:3c:75:b0:
94:24:79:14:1a:97:44:94:ed:cb:93:ea:67:9e:8c:ac:35:23:
df:3a:48:b8:e3:6d:db:b9:04:fa:9e:df:10:8c:ee:8d:fa:7c:
2b:ad:40:10:92:1b:94:6d:73:24:22:76:e0:c2:81:cc:3a:2e:
97:82:fa:9f:bb:06:21:3a:a7:00:11:d7:7d:6d:13:b3:7b:5a:
dc:70:2c:f3:5b:4e:f6:f6:14:cb:6e:bd:7d:91:ac:71:a8:09:
5d:a9:cf:b8:3b:53:e4:ed:94:b6:47:8d:2c:e9:37:9f:d4:b1:
2f:18:db:ac:8c:39:0e:49:b7:4b:9c:6b:90:92:a3:1c:6b:14:
8b:db:39:9e:ab:e6:2f:ca:93:4c:14:5c:84:43:9d:49:a9:9a:
b4:df:7b:a7:09:a7:c0:34:c7:6e:c2:f8:96:45:8e:e1:fc:07:
5b:57:8b:80:92:c6:ad:33:9a:37:fa:5d:99:4e:39:ed:13:cf:
e7:48:34:ea:0f:a9:4e:19:52:a5:4b:48:d0:28:c4:b7:95:53:
e6:bc:b1:86:01:2e:b7:3e:ed:ec:e4:c1:1a:e6:3d:8e:27:46:
7b:8a:81:d7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULOTrRnJuepdPNaHQ/lTO7S54tykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjNaFw0yNjAxMjYwOTQ1MjNaMDMxMTAvBgNV
BAMTKEE1NjIxMEQ4MzI3MzA0NEYyN0Y2Qjc2NzU1NTZGNDEwREY2Qzc0REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIl83IjMaOnrVO/SnGjPz5EThU
AXn+xHC593HzW4a31H1X4LtCaTtnQe5aW6kUnMyQMiIYcy5TEn7ZB9t6Zmp/yIqd
ZkJ8Qzh7rySznngwjkbM0L8lCmai6B/taQB0v0uH0dFo6bm83fd7ZYGffqPdxmh+
uJFkMbLMbqzjGkCqGJczW+rG8b7jjzDFlCdrjST/RCkRrHjbbaYJx0tLeeR+oUv/
1rU6H466LMa+7SnThi7mmhwDMm4qYuZ0gjh4/fWc/Xkn1UIfuAGK7x1gyKKAFfVT
nZCSJfS3ih/XjjKCIdPgwhKmLXi8wWVOlizxadVQEMQJXBX4ax/7a7PBTqE3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpWIQ2DJzBE8n9rdnVVb0EN9sdNswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzOTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlvnzANBgkqhkiG9w0BAQsFAAOCAQEACATYvcSybC6rTFPsplIgXhW0+fvG
2j9wPTxGDyl1mH+IPHWwlCR5FBqXRJTty5PqZ56MrDUj3zpIuONt27kE+p7fEIzu
jfp8K61AEJIblG1zJCJ24MKBzDoul4L6n7sGITqnABHXfW0Ts3ta3HAs81tO9vYU
y269fZGscagJXanPuDtT5O2UtkeNLOk3n9SxLxjbrIw5Dkm3S5xrkJKjHGsUi9s5
nqvmL8qTTBRchEOdSamatN97pwmnwDTHbsL4lkWO4fwHW1eLgJLGrTOaN/pdmU45
7RPP50g06g+pThlSpUtI0CjEt5VT5ryxhgEutz7t7OTBGuY9jidGe4qB1w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:49 2025 by rpki-client