Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136392e302f32342d3332203d3e203531313637.roa
File: 3138352e3138372e3136392e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: pX+VTguxuMOky+I097/3+ghxMfAONYJPOc3lZcJ52gA=
Subject key identifier: 54:F1:7D:67:36:A7:FF:91:F1:7D:FA:17:EF:7F:5D:65:F9:78:F9:6E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A8A14609747FDA5BD973F0CC615F28C6D53B33F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136392e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:12 +0000
ROA not before: Mon 27 Jan 2025 09:40:12 +0000
ROA not after: Mon 26 Jan 2026 09:45:12 +0000
asID: 51167
IP address blocks: 185.187.169.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8a:14:60:97:47:fd:a5:bd:97:3f:0c:c6:15:f2:8c:6d:53:b3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:12 2025 GMT
Not After : Jan 26 09:45:12 2026 GMT
Subject: CN=54F17D6736A7FF91F17DFA17EF7F5D65F978F96E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:84:1e:bd:c7:f1:d0:e2:cb:29:5e:8a:a2:
6e:22:a7:35:23:0b:7a:7a:f3:31:ed:62:6a:da:73:
6f:d0:8e:f3:6b:f5:90:2b:a2:61:c2:ef:19:13:ea:
9f:08:20:5b:f1:2e:58:33:88:b9:3f:9f:de:7d:91:
5e:a2:a0:4b:ca:eb:ee:69:2d:33:3b:b5:65:cb:0e:
07:a4:b0:f8:8c:d1:8c:61:f0:0b:20:67:4a:55:13:
c6:dd:61:e4:83:e3:db:67:4f:74:77:bf:67:37:1b:
6e:14:2e:00:b6:25:61:b4:8b:86:c4:94:dc:61:e6:
43:55:25:b8:df:fc:48:fe:2d:79:9c:03:d6:74:bb:
28:03:df:48:70:a8:8a:c0:fa:a5:c3:dc:7a:72:79:
61:bc:e5:97:3f:18:96:37:a9:c1:4c:0b:8f:62:53:
e0:0b:85:e9:4f:45:53:5c:14:48:fe:b2:70:11:ef:
09:c0:bc:fb:8b:6b:0f:96:a3:ec:19:42:b3:d1:54:
34:ce:bb:19:be:c4:24:35:be:e8:e9:15:9b:dc:0d:
29:85:83:ca:94:56:b7:56:1a:54:8b:5a:3f:7b:1e:
af:ba:2a:33:2d:68:f4:eb:c3:e3:6f:db:10:9a:2a:
c3:29:cf:4d:ba:04:ae:95:91:0e:4c:65:99:8b:87:
63:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F1:7D:67:36:A7:FF:91:F1:7D:FA:17:EF:7F:5D:65:F9:78:F9:6E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136392e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.169.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b1:37:09:53:4d:54:61:52:16:76:99:bb:08:90:53:ee:d3:
0c:93:66:a2:93:a0:03:63:ba:4a:90:6c:ae:e4:4d:87:b5:44:
cf:63:ad:c2:ad:1a:b4:bb:25:c1:20:17:08:e2:a3:42:70:d2:
b2:e0:7d:d1:51:ec:34:bf:49:0e:e4:50:84:3f:aa:0d:97:28:
cd:00:4a:3f:73:33:3c:6c:56:62:b6:05:e0:e7:c4:44:db:3a:
ec:f0:70:7f:6c:6a:be:51:43:d6:29:98:dd:bd:13:fa:0d:9f:
4f:af:91:0e:b1:83:18:37:51:0d:67:2c:50:20:b6:4c:05:65:
4c:a1:e2:c5:3a:68:d6:66:33:0d:82:39:21:fb:b0:f0:bc:20:
e6:69:11:ef:bb:42:85:6a:98:a1:97:29:cc:b4:04:8e:30:f4:
05:50:5a:cf:b4:2e:74:91:6f:99:65:f5:9a:03:20:8a:9a:79:
64:21:a6:45:f3:3d:f7:1d:8c:df:4d:e9:f9:3c:ea:b3:05:87:
67:60:80:85:96:f3:1c:a1:ca:e1:01:11:48:1e:95:76:b8:57:
3f:21:4f:ec:cf:54:ce:8c:f4:76:48:84:82:48:b4:27:3c:aa:
fa:48:2b:bb:28:dd:00:5c:df:64:ab:17:7d:3b:1e:ec:82:83:
79:25:b0:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGooUYJdH/aW9lz8MxhXyjG1Tsz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTJaFw0yNjAxMjYwOTQ1MTJaMDMxMTAvBgNV
BAMTKDU0RjE3RDY3MzZBN0ZGOTFGMTdERkExN0VGN0Y1RDY1Rjk3OEY5NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu64Qevcfx0OLLKV6Kom4ipzUj
C3p68zHtYmrac2/QjvNr9ZAromHC7xkT6p8IIFvxLlgziLk/n959kV6ioEvK6+5p
LTM7tWXLDgeksPiM0Yxh8AsgZ0pVE8bdYeSD49tnT3R3v2c3G24ULgC2JWG0i4bE
lNxh5kNVJbjf/Ej+LXmcA9Z0uygD30hwqIrA+qXD3HpyeWG85Zc/GJY3qcFMC49i
U+ALhelPRVNcFEj+snAR7wnAvPuLaw+Wo+wZQrPRVDTOuxm+xCQ1vujpFZvcDSmF
g8qUVrdWGlSLWj97Hq+6KjMtaPTrw+Nv2xCaKsMpz026BK6VkQ5MZZmLh2ONAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVPF9Zzan/5HxffoX739dZfl4+W4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMx
MzYzOTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u6kwDQYJKoZIhvcNAQELBQADggEBAAGxNwlTTVRhUhZ2mbsIkFPu0wyTZqKT
oANjukqQbK7kTYe1RM9jrcKtGrS7JcEgFwjio0Jw0rLgfdFR7DS/SQ7kUIQ/qg2X
KM0ASj9zMzxsVmK2BeDnxETbOuzwcH9sar5RQ9YpmN29E/oNn0+vkQ6xgxg3UQ1n
LFAgtkwFZUyh4sU6aNZmMw2COSH7sPC8IOZpEe+7QoVqmKGXKcy0BI4w9AVQWs+0
LnSRb5ll9ZoDIIqaeWQhpkXzPfcdjN9N6fk86rMFh2dggIWW8xyhyuEBEUgelXa4
Vz8hT+zPVM6M9HZIhIJItCc8qvpIK7so3QBc32SrF307HuyCg3klsAQ=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:03:24 2025 by rpki-client