Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134302e302f32342d3332203d3e203531313637.roa
File: 3138352e3139302e3134302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: l5EDxP/Pa/VT0X12JLwkuG6bMB76clPnurUo9zyk8Ho=
Subject key identifier: C2:D3:BC:C6:4E:0A:9A:C9:D1:34:CE:C0:2A:AF:C2:EF:D1:06:8B:02
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 41C80D4D18D6AC54430B516170DD463249EFC771
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134302e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 51167
IP address blocks: 185.190.140.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:c8:0d:4d:18:d6:ac:54:43:0b:51:61:70:dd:46:32:49:ef:c7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=C2D3BCC64E0A9AC9D134CEC02AAFC2EFD1068B02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7a:08:00:c1:a1:7d:04:79:f7:8a:22:2c:0c:
69:76:9a:fc:8d:2a:e5:37:51:39:c1:81:fb:47:8f:
87:d2:b0:6b:84:66:88:d0:30:71:b1:38:78:51:b9:
14:6c:c2:1f:ff:6c:64:80:f0:34:08:f7:88:da:07:
ba:c7:73:1e:ed:e6:4e:9a:04:56:ca:6d:1f:7d:55:
5f:d6:ef:83:ce:8e:6e:98:3d:c2:29:56:b4:bd:66:
df:55:6d:53:f8:35:84:40:c6:0e:85:64:0f:6d:19:
40:2a:48:a5:90:67:c1:1b:8d:e2:10:00:f5:89:25:
e9:06:59:9f:48:fc:0f:91:b2:a8:eb:19:62:e5:87:
5c:dc:01:a9:7d:96:3d:a1:47:a4:c3:a8:68:17:47:
37:41:ba:b5:53:bc:a3:2d:a1:24:eb:3f:40:08:57:
6f:7e:95:83:5c:60:84:9c:a6:42:10:1a:28:4e:7a:
f7:ea:37:80:e4:3d:5c:23:83:11:ce:94:f9:f8:dd:
67:ba:91:f0:e7:00:eb:3d:0b:9a:b5:39:2f:2b:75:
ff:a4:50:67:5e:35:45:5a:a6:c8:6f:c5:94:c5:15:
b4:4a:8e:3b:fa:69:d6:66:b0:b9:27:ac:b2:fe:bb:
19:0c:74:72:c2:7e:82:47:27:9d:2a:b9:d7:61:a9:
75:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D3:BC:C6:4E:0A:9A:C9:D1:34:CE:C0:2A:AF:C2:EF:D1:06:8B:02
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.140.0/24
Signature Algorithm: sha256WithRSAEncryption
94:15:6e:ca:a5:df:c9:7b:10:cc:25:85:2f:37:67:29:0d:71:
f6:e3:4c:5f:5e:ca:15:f8:d4:6a:90:6b:9a:7b:40:2f:ec:45:
20:25:aa:61:93:68:a5:b1:2a:da:3d:96:fb:b2:61:98:9a:de:
d2:ca:1c:6b:f5:37:5c:61:8d:da:09:b1:b2:14:78:6e:b9:eb:
24:7e:75:67:0f:ba:60:3a:fe:e6:7f:d9:30:3f:6b:f2:57:17:
df:00:d5:85:b3:c7:e3:3c:4a:cc:e1:d9:f6:ef:56:ec:a0:ce:
d1:d5:9b:8c:f5:51:46:76:68:a5:aa:72:b3:8c:41:2e:1d:ca:
0a:7d:f1:92:63:4a:51:c5:8b:3c:20:9f:79:80:35:2a:7a:cc:
90:53:7f:a6:66:e9:5a:5a:33:a8:f2:2d:9b:9e:52:87:26:4d:
1b:09:07:c2:74:68:9e:cb:6d:e0:47:08:21:9a:29:0a:43:20:
39:15:5e:68:66:90:bd:a1:4f:f2:20:5b:22:55:cc:b3:d3:b8:
b5:79:df:a9:4b:76:af:61:2c:ea:86:f1:86:20:98:2a:2f:e9:
25:95:65:1b:1f:c0:57:dc:65:b0:7d:a9:9a:60:b3:cf:6c:82:
22:a3:53:7f:51:31:06:65:d6:c7:ef:50:3f:b5:78:cc:e6:81:
d8:31:41:6c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQcgNTRjWrFRDC1FhcN1GMknvx3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKEMyRDNCQ0M2NEUwQTlBQzlEMTM0Q0VDMDJBQUZDMkVGRDEwNjhCMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJeggAwaF9BHn3iiIsDGl2mvyN
KuU3UTnBgftHj4fSsGuEZojQMHGxOHhRuRRswh//bGSA8DQI94jaB7rHcx7t5k6a
BFbKbR99VV/W74POjm6YPcIpVrS9Zt9VbVP4NYRAxg6FZA9tGUAqSKWQZ8EbjeIQ
APWJJekGWZ9I/A+RsqjrGWLlh1zcAal9lj2hR6TDqGgXRzdBurVTvKMtoSTrP0AI
V29+lYNcYIScpkIQGihOevfqN4DkPVwjgxHOlPn43We6kfDnAOs9C5q1OS8rdf+k
UGdeNUVapshvxZTFFbRKjjv6adZmsLknrLL+uxkMdHLCfoJHJ50quddhqXX9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwtO8xk4KmsnRNM7AKq/C79EGiwIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzAyZTMx
MzQzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vowwDQYJKoZIhvcNAQELBQADggEBAJQVbsql38l7EMwlhS83ZykNcfbjTF9e
yhX41GqQa5p7QC/sRSAlqmGTaKWxKto9lvuyYZia3tLKHGv1N1xhjdoJsbIUeG65
6yR+dWcPumA6/uZ/2TA/a/JXF98A1YWzx+M8Sszh2fbvVuygztHVm4z1UUZ2aKWq
crOMQS4dygp98ZJjSlHFizwgn3mANSp6zJBTf6Zm6VpaM6jyLZueUocmTRsJB8J0
aJ7LbeBHCCGaKQpDIDkVXmhmkL2hT/IgWyJVzLPTuLV536lLdq9hLOqG8YYgmCov
6SWVZRsfwFfcZbB9qZpgs89sgiKjU39RMQZl1sfvUD+1eMzmgdgxQWw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org