Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
File: 3138352e3138352e38312e302f32342d3332203d3e203536383736.roa (raw, json)
Hash identifier: aVH8XwprTUIe0qYpYE1TWlDvxpOP7ECxnptf97zzpxI=
Subject key identifier: DE:07:14:96:F5:79:9F:9A:7B:B2:AE:B5:D8:2D:5D:5E:B0:4D:EA:93
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4FBEE5CDCDBBA3EEF7F2EEE4B96A7811492CF7BA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
Signing time: Mon 27 Jan 2025 09:45:06 +0000
ROA not before: Mon 27 Jan 2025 09:40:06 +0000
ROA not after: Mon 26 Jan 2026 09:45:06 +0000
asID: 56876
IP address blocks: 185.185.81.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:be:e5:cd:cd:bb:a3:ee:f7:f2:ee:e4:b9:6a:78:11:49:2c:f7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:06 2025 GMT
Not After : Jan 26 09:45:06 2026 GMT
Subject: CN=DE071496F5799F9A7BB2AEB5D82D5D5EB04DEA93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5c:2e:8f:43:16:46:77:bb:91:f9:3b:0b:14:
fc:ff:db:0f:b3:cf:25:69:3f:a9:1e:e2:e5:b7:45:
6a:10:52:9b:63:c8:8a:44:49:2b:01:ae:6c:4c:c0:
29:f7:e7:63:6a:0b:97:a6:41:25:d0:0f:3a:48:1f:
df:30:d4:b1:7e:6e:c5:4e:90:44:93:72:ab:ce:00:
2f:93:5b:51:ac:3c:bf:34:92:a0:0c:45:92:e6:f9:
16:de:a5:99:48:52:71:47:dc:ae:e4:e0:ad:b3:4f:
85:24:74:d7:1d:1b:7c:37:0f:ff:61:49:8c:a7:71:
13:6d:76:19:b7:40:3c:b5:42:40:74:6d:c4:14:8f:
71:07:ac:6b:8f:7c:ec:b8:cd:96:f1:f5:27:aa:c9:
43:5d:25:69:c2:c7:9f:f5:e3:13:4f:60:2a:f8:33:
f7:94:ba:27:93:70:12:c6:af:36:e0:cc:59:8f:84:
a1:d9:44:52:c0:7e:63:8e:15:8b:49:bf:b5:f5:3d:
aa:a8:5d:96:24:51:1e:ea:a1:d8:cb:39:cf:e4:26:
25:8e:fe:54:37:45:dd:c4:f5:bd:10:29:28:19:06:
56:3a:f0:00:19:dc:b7:ef:a2:8a:94:02:05:e8:b5:
0c:5d:ff:11:10:07:f2:97:1a:a5:79:23:0d:bd:6f:
4b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:07:14:96:F5:79:9F:9A:7B:B2:AE:B5:D8:2D:5D:5E:B0:4D:EA:93
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.81.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:c3:fd:90:a9:7d:08:f1:eb:ae:71:99:1d:5d:75:2f:6e:00:
11:0f:59:27:6a:bc:57:2a:f2:cb:05:24:c1:da:31:d7:bd:fd:
e3:67:08:08:28:f0:ab:5c:02:16:98:9f:d0:97:9f:95:20:fe:
cd:b7:43:f8:a3:8c:f0:dc:16:9d:3c:5c:1e:19:ea:5a:ca:0c:
ee:f8:10:f5:9b:75:34:81:2f:d4:40:84:0d:7c:1c:a1:5b:86:
a9:23:a9:bc:ca:a1:fb:03:6b:30:0a:75:8c:8c:61:75:98:9c:
f0:f9:85:19:6d:6e:1f:d1:57:15:4f:18:77:ee:53:83:f1:74:
4f:59:b3:3d:43:ba:5d:d9:ef:2d:29:66:4d:99:74:47:c7:35:
7f:c8:b1:f3:ca:a4:a6:a5:b2:1e:01:cd:15:b2:89:15:fe:f6:
18:84:69:1a:0b:af:bd:31:56:42:db:ce:d5:63:95:5a:97:89:
a1:3b:bc:f0:8a:49:86:ed:d4:9a:ea:e7:b4:49:ae:5a:59:9e:
65:ad:ba:2f:b9:81:22:db:44:87:18:de:e5:e6:0a:17:73:93:
cd:04:e6:fa:63:c0:2c:b0:33:83:3e:e8:0b:5a:90:b3:9a:39:
ff:0a:a3:96:d9:3a:95:9c:b9:b5:6e:86:08:fd:23:61:f2:92:
18:6f:e0:66
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT77lzc27o+738u7kuWp4EUks97owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDZaFw0yNjAxMjYwOTQ1MDZaMDMxMTAvBgNV
BAMTKERFMDcxNDk2RjU3OTlGOUE3QkIyQUVCNUQ4MkQ1RDVFQjA0REVBOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFXC6PQxZGd7uR+TsLFPz/2w+z
zyVpP6ke4uW3RWoQUptjyIpESSsBrmxMwCn352NqC5emQSXQDzpIH98w1LF+bsVO
kESTcqvOAC+TW1GsPL80kqAMRZLm+RbepZlIUnFH3K7k4K2zT4UkdNcdG3w3D/9h
SYyncRNtdhm3QDy1QkB0bcQUj3EHrGuPfOy4zZbx9SeqyUNdJWnCx5/14xNPYCr4
M/eUuieTcBLGrzbgzFmPhKHZRFLAfmOOFYtJv7X1PaqoXZYkUR7qodjLOc/kJiWO
/lQ3Rd3E9b0QKSgZBlY68AAZ3LfvooqUAgXotQxd/xEQB/KXGqV5Iw29b0tdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3gcUlvV5n5p7sq612C1dXrBN6pMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTM2MzgzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ublRMA0GCSqGSIb3DQEBCwUAA4IBAQAPw/2QqX0I8euucZkdXXUvbgARD1knarxX
KvLLBSTB2jHXvf3jZwgIKPCrXAIWmJ/Ql5+VIP7Nt0P4o4zw3BadPFweGepaygzu
+BD1m3U0gS/UQIQNfByhW4apI6m8yqH7A2swCnWMjGF1mJzw+YUZbW4f0VcVTxh3
7lOD8XRPWbM9Q7pd2e8tKWZNmXRHxzV/yLHzyqSmpbIeAc0VsokV/vYYhGkaC6+9
MVZC287VY5Val4mhO7zwikmG7dSa6ue0Sa5aWZ5lrbovuYEi20SHGN7l5goXc5PN
BOb6Y8AssDODPugLWpCzmjn/CqOW2TqVnLm1boYI/SNh8pIYb+Bm
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:20 2025 by rpki-client