Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
File: 3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: Cwqx3QOqXMUIlWyph7PK6Ye/PzJJkSVgcquzpec5vdw=
Subject key identifier: 0F:26:85:A1:59:34:54:97:B9:54:77:06:14:20:FF:30:D9:08:AA:08
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79BA5825228D1D928CA3F3AB02CD34B0D35C7584
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
Signing time: Fri 20 Sep 2024 14:04:54 +0000
ROA not before: Fri 20 Sep 2024 13:59:54 +0000
ROA not after: Fri 19 Sep 2025 14:04:54 +0000
asID: 40021
IP address blocks: 185.187.235.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ba:58:25:22:8d:1d:92:8c:a3:f3:ab:02:cd:34:b0:d3:5c:75:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:54 2024 GMT
Not After : Sep 19 14:04:54 2025 GMT
Subject: CN=0F2685A159345497B95477061420FF30D908AA08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:40:57:66:59:8a:af:55:28:1b:d3:ab:90:c8:
f2:4b:2d:d7:19:76:a3:28:22:3b:ff:9b:82:e1:e9:
21:6f:85:16:c5:f6:12:19:80:a6:e9:bd:65:40:03:
fc:2b:8b:0f:65:b4:0f:87:f9:08:b1:c5:67:0f:1b:
f2:7c:a0:31:44:0b:cd:71:8d:24:b9:a7:bd:a5:29:
e8:2b:85:6e:3d:a3:78:aa:b4:52:12:15:d1:43:7c:
08:e1:01:36:eb:0e:d3:cf:6a:d9:f0:6e:4b:43:88:
d2:1f:08:ff:ba:cc:7c:80:dd:2d:f8:fe:cf:4a:e5:
ef:96:d1:e3:9e:e0:b9:b2:9d:4e:b6:66:25:71:3f:
13:40:c7:ef:ca:16:da:1f:e5:cc:85:20:c1:04:e3:
ca:41:f0:aa:9f:8e:cd:b2:e5:d8:ac:4f:83:af:02:
85:22:65:08:91:78:5a:d0:46:de:99:82:12:f3:d9:
9d:bf:44:98:99:3c:db:3a:12:a2:71:35:55:32:59:
e3:da:1a:fb:b9:2f:40:2d:0d:63:22:8d:58:98:73:
0a:80:80:0e:ec:0b:ba:35:c9:08:e3:08:b2:ac:be:
48:19:6e:b4:03:9b:25:0d:b0:98:06:c2:3e:76:0e:
34:42:69:01:25:9a:da:0c:35:33:1c:09:4e:1d:f3:
76:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:26:85:A1:59:34:54:97:B9:54:77:06:14:20:FF:30:D9:08:AA:08
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233352e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.235.0/24
Signature Algorithm: sha256WithRSAEncryption
15:93:af:58:9a:43:84:63:9e:2a:d6:2f:e6:68:0e:25:01:5f:
c1:25:0f:3e:9f:54:53:c8:92:02:36:93:ff:bf:3e:f0:26:26:
a2:71:d5:23:0f:db:56:eb:fd:5b:30:4a:76:2c:8d:37:37:01:
6f:1b:25:8d:56:61:f3:8e:7f:49:e5:0e:9b:19:65:0f:e0:25:
c4:51:a9:6c:a3:44:d8:7e:b0:1d:ce:84:86:d4:33:da:45:d7:
f5:be:da:69:76:9b:2e:fb:f9:30:50:fb:6d:1e:26:0d:6a:97:
13:7c:9b:10:62:5c:13:ac:34:3f:99:b4:db:04:76:c5:c1:25:
ea:4d:d7:b8:5d:89:f5:30:46:80:86:7c:72:f3:4d:94:7d:70:
48:46:2d:74:44:d4:0e:ed:7a:38:94:33:db:3a:a2:7d:e7:76:
06:9d:a8:67:f2:c2:bc:d8:f2:63:64:b0:df:7a:6c:e1:51:6c:
f6:1a:fb:dc:38:d3:b6:fc:15:9e:2d:62:e5:78:a3:fa:d2:a6:
32:47:a2:21:9e:d9:57:89:87:14:d6:4c:85:e2:37:fb:fe:2e:
67:c4:21:25:e2:dc:50:a9:c0:c2:04:bb:98:69:fe:6f:05:4d:
1a:13:73:13:27:4d:0b:58:27:a5:dd:86:30:ed:4a:9b:cb:7c:
57:1b:b6:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUebpYJSKNHZKMo/OrAs00sNNcdYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTRaFw0yNTA5MTkxNDA0NTRaMDMxMTAvBgNV
BAMTKDBGMjY4NUExNTkzNDU0OTdCOTU0NzcwNjE0MjBGRjMwRDkwOEFBMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGQFdmWYqvVSgb06uQyPJLLdcZ
dqMoIjv/m4Lh6SFvhRbF9hIZgKbpvWVAA/wriw9ltA+H+QixxWcPG/J8oDFEC81x
jSS5p72lKegrhW49o3iqtFISFdFDfAjhATbrDtPPatnwbktDiNIfCP+6zHyA3S34
/s9K5e+W0eOe4LmynU62ZiVxPxNAx+/KFtof5cyFIMEE48pB8Kqfjs2y5disT4Ov
AoUiZQiReFrQRt6ZghLz2Z2/RJiZPNs6EqJxNVUyWePaGvu5L0AtDWMijViYcwqA
gA7sC7o1yQjjCLKsvkgZbrQDmyUNsJgGwj52DjRCaQElmtoMNTMcCU4d83b/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDyaFoVk0VJe5VHcGFCD/MNkIqggwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u+swDQYJKoZIhvcNAQELBQADggEBABWTr1iaQ4RjnirWL+ZoDiUBX8ElDz6f
VFPIkgI2k/+/PvAmJqJx1SMP21br/VswSnYsjTc3AW8bJY1WYfOOf0nlDpsZZQ/g
JcRRqWyjRNh+sB3OhIbUM9pF1/W+2ml2my77+TBQ+20eJg1qlxN8mxBiXBOsND+Z
tNsEdsXBJepN17hdifUwRoCGfHLzTZR9cEhGLXRE1A7tejiUM9s6on3ndgadqGfy
wrzY8mNksN96bOFRbPYa+9w407b8FZ4tYuV4o/rSpjJHoiGe2VeJhxTWTIXiN/v+
LmfEISXi3FCpwMIEu5hp/m8FTRoTcxMnTQtYJ6XdhjDtSpvLfFcbtn4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org