Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
File: 3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: z2sSCfelUKBmTR7dGmiJTBa8nBSaXXYwD6uZbt39LWA=
Subject key identifier: A8:C5:FB:73:72:73:27:CC:0D:15:61:A0:C3:55:5F:31:93:EA:6A:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 65450B119C2E9D90AF2FC3C18A95DA482A0712E9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:03 +0000
ROA not before: Mon 27 Jan 2025 09:40:03 +0000
ROA not after: Mon 26 Jan 2026 09:45:03 +0000
asID: 136787
IP address blocks: 185.128.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:45:0b:11:9c:2e:9d:90:af:2f:c3:c1:8a:95:da:48:2a:07:12:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:03 2025 GMT
Not After : Jan 26 09:45:03 2026 GMT
Subject: CN=A8C5FB73727327CC0D1561A0C3555F3193EA6A4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3d:da:56:ab:a3:49:89:bf:67:6d:fb:4d:33:
8d:fa:a2:f3:9d:f0:ec:80:dd:ad:ee:a7:51:cd:bc:
cd:26:5d:74:95:5d:7f:6c:b3:48:e5:71:2a:58:dc:
41:f7:03:3c:de:43:48:ff:0b:e7:cc:77:09:63:72:
00:ba:a1:67:76:0a:9b:30:35:70:97:dc:57:90:f0:
4c:1a:29:23:ed:c0:3c:0f:52:da:27:e7:71:1a:25:
92:8e:0c:28:99:a2:ef:ea:61:bc:2d:b5:c4:e6:27:
83:fa:f5:ad:01:c7:9a:51:24:6e:10:c4:28:7d:84:
fe:98:cb:3d:e2:78:45:cd:99:b5:d3:75:27:99:65:
10:4f:0a:5e:0e:4e:2c:51:5c:52:d9:ed:15:24:dc:
8f:72:ac:22:0a:26:31:b2:c4:b8:cb:74:ab:aa:b2:
d7:03:fc:02:a6:fb:fa:7f:21:85:9b:62:02:55:d1:
03:09:e4:0f:70:30:00:d3:6f:3f:70:31:25:b2:3d:
c3:bb:3f:c8:07:75:9b:83:46:88:89:2e:6a:ff:a1:
41:16:56:ab:c1:8e:39:a5:69:16:33:22:9c:6f:db:
c2:02:3d:d7:cb:4e:78:30:e3:6a:41:79:0f:53:2e:
45:36:7e:d4:11:1f:e2:48:5e:39:62:dc:0e:2a:bd:
d9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C5:FB:73:72:73:27:CC:0D:15:61:A0:C3:55:5F:31:93:EA:6A:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3132382e3132362e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.126.0/23
Signature Algorithm: sha256WithRSAEncryption
25:32:cb:ab:35:81:dd:a2:6a:ef:fa:92:a3:12:bd:bb:26:3f:
59:cd:a2:48:f4:00:ed:67:4e:03:f9:81:98:8b:5a:b8:86:a7:
3b:f3:b3:3b:7a:df:e6:6f:f7:3c:69:2f:88:92:77:11:17:1d:
7d:2e:7a:00:0d:17:7f:bf:7b:28:55:12:16:fa:6f:64:cd:77:
c5:8f:66:77:62:3a:5d:b2:a8:44:e2:b8:ca:13:6e:d1:c4:be:
e4:49:3a:54:a7:89:92:91:d5:67:76:f8:54:d8:96:13:1c:7c:
98:22:e8:cd:c4:25:af:2d:59:ab:10:db:88:d5:46:bb:99:94:
ed:06:e8:22:ba:f1:5c:2d:9f:b5:f2:1a:ae:6c:f8:bc:39:22:
5e:aa:57:13:f1:8e:37:8c:65:4e:4c:85:ed:ae:b2:17:3b:60:
5b:98:8a:7e:08:6e:cc:89:da:db:b2:f8:56:26:a3:2e:bc:8f:
f9:8a:7a:99:6e:a6:d1:13:2d:86:46:02:5a:3a:e4:2e:a6:91:
2e:9e:f6:02:15:99:e3:ff:8c:b9:80:51:7b:ff:aa:08:42:e5:
d1:48:47:ae:ad:63:5d:fc:ca:b9:51:f8:b2:08:2a:9d:4c:fd:
5b:1b:89:ff:bf:7c:c4:af:d4:77:20:2b:3c:03:a6:5a:2f:68:
21:d3:15:2f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZUULEZwunZCvL8PBipXaSCoHEukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDNaFw0yNjAxMjYwOTQ1MDNaMDMxMTAvBgNV
BAMTKEE4QzVGQjczNzI3MzI3Q0MwRDE1NjFBMEMzNTU1RjMxOTNFQTZBNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYPdpWq6NJib9nbftNM436ovOd
8OyA3a3up1HNvM0mXXSVXX9ss0jlcSpY3EH3AzzeQ0j/C+fMdwljcgC6oWd2Cpsw
NXCX3FeQ8EwaKSPtwDwPUton53EaJZKODCiZou/qYbwttcTmJ4P69a0Bx5pRJG4Q
xCh9hP6Yyz3ieEXNmbXTdSeZZRBPCl4OTixRXFLZ7RUk3I9yrCIKJjGyxLjLdKuq
stcD/AKm+/p/IYWbYgJV0QMJ5A9wMADTbz9wMSWyPcO7P8gHdZuDRoiJLmr/oUEW
VqvBjjmlaRYzIpxv28ICPdfLTngw42pBeQ9TLkU2ftQRH+JIXjli3A4qvdmzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUqMX7c3JzJ8wNFWGgw1VfMZPqak8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMyMzgyZTMx
MzIzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbmAfjANBgkqhkiG9w0BAQsFAAOCAQEAJTLLqzWB3aJq7/qSoxK9uyY/Wc2i
SPQA7WdOA/mBmItauIanO/OzO3rf5m/3PGkviJJ3ERcdfS56AA0Xf797KFUSFvpv
ZM13xY9md2I6XbKoROK4yhNu0cS+5Ek6VKeJkpHVZ3b4VNiWExx8mCLozcQlry1Z
qxDbiNVGu5mU7QboIrrxXC2ftfIarmz4vDkiXqpXE/GON4xlTkyF7a6yFztgW5iK
fghuzIna27L4ViajLryP+Yp6mW6m0RMthkYCWjrkLqaRLp72AhWZ4/+MuYBRe/+q
CELl0UhHrq1jXfzKuVH4sggqnUz9WxuJ/798xK/UdyArPAOmWi9oIdMVLw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:10:00 2025 by rpki-client