Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
File: 3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: N0bVeo2yorfTqPCIHe7GMideHTwsUTjqWhAGr8ATyXc=
Subject key identifier: 31:34:84:BE:09:27:C7:28:76:18:EB:8C:31:C6:AE:BA:37:AD:DF:13
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1CD1216AD06B2720061F89E9F40C4129E6C4014A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:04:53 +0000
ROA not before: Fri 20 Sep 2024 13:59:53 +0000
ROA not after: Fri 19 Sep 2025 14:04:53 +0000
asID: 136787
IP address blocks: 185.197.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:d1:21:6a:d0:6b:27:20:06:1f:89:e9:f4:0c:41:29:e6:c4:01:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:53 2024 GMT
Not After : Sep 19 14:04:53 2025 GMT
Subject: CN=313484BE0927C7287618EB8C31C6AEBA37ADDF13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:e0:f1:31:96:f4:4f:91:a2:8c:36:18:e1:
4e:22:b0:bd:0d:0a:7c:84:de:2b:b2:6e:c6:34:52:
12:c8:8a:9e:b6:30:63:77:b0:a0:ab:49:78:2c:fd:
b1:bf:84:72:be:1c:d4:e8:12:d8:21:0f:09:b7:47:
6b:53:2a:f2:14:ba:a3:77:b0:21:20:b8:85:37:81:
4d:b8:00:d1:3a:f6:cb:78:c0:99:f7:9f:35:e9:df:
a3:7d:c9:06:02:5a:12:18:2f:49:45:8f:04:0b:05:
59:60:34:c6:46:26:e9:0d:fb:f7:e3:47:b8:eb:ad:
23:7a:0c:c6:0e:44:e3:70:96:0a:32:34:ad:0e:37:
e9:ec:90:17:6a:8b:87:8a:fd:b4:6d:a7:c7:64:bf:
1d:bc:cd:a9:c8:45:d1:8d:08:da:3a:91:6a:54:ad:
b8:1f:76:dd:0f:48:32:0e:2e:f1:47:65:f6:5e:87:
e2:50:9a:8c:18:ca:94:d7:49:ad:34:67:c0:2a:49:
75:15:61:c3:77:e8:5a:19:54:3c:0d:87:b5:66:ef:
1d:7c:52:8d:5d:22:42:f4:c4:1f:ba:c1:73:7e:65:
18:5f:00:6b:64:12:24:a1:be:bf:18:f8:14:ac:01:
ce:f0:6f:eb:e6:9c:5d:6b:44:4c:c7:ca:55:2d:08:
21:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:34:84:BE:09:27:C7:28:76:18:EB:8C:31:C6:AE:BA:37:AD:DF:13
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3139322e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.192.0/23
Signature Algorithm: sha256WithRSAEncryption
70:4f:8d:ae:aa:63:89:ba:10:fe:fe:c7:ac:ec:2b:04:8a:85:
5f:73:7c:a6:e2:c5:92:59:42:0d:3e:c9:97:f4:f4:97:df:f1:
fa:a6:94:91:5b:03:85:b9:cf:49:be:1e:20:a8:ed:29:cf:2b:
1a:c3:ed:ba:e8:87:68:0c:63:b3:53:5b:94:7d:9d:47:c4:ab:
98:5c:f0:d2:e3:9e:cd:b1:87:6d:d2:38:82:79:93:9f:af:91:
d3:01:4d:15:0c:85:7e:47:57:56:fe:ae:ca:1e:c3:56:86:3c:
cd:0f:62:22:f0:1d:39:6a:9a:a4:e6:72:e7:b2:ad:d9:03:d2:
3e:82:03:17:23:10:c8:05:43:10:36:06:45:68:90:79:bc:a3:
23:5c:83:03:66:9b:72:5e:32:ab:5d:89:ec:de:14:7a:5e:b9:
69:1a:dd:fb:d0:28:60:7b:6b:7a:ea:50:87:78:e0:6b:00:d5:
b1:64:97:03:da:3d:b2:af:b7:5d:66:ce:75:9e:d9:8a:f2:a8:
77:0e:5f:86:13:e4:7b:11:e6:1c:e2:61:f9:7c:8a:e3:2a:69:
7e:2b:ae:d2:b9:25:9f:71:52:03:41:5a:b4:8d:28:eb:37:ae:
c1:31:c2:bd:be:e5:d0:a2:23:28:48:b6:68:ff:9a:ff:8f:bd:
bf:04:51:9d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHNEhatBrJyAGH4np9AxBKebEAUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTNaFw0yNTA5MTkxNDA0NTNaMDMxMTAvBgNV
BAMTKDMxMzQ4NEJFMDkyN0M3Mjg3NjE4RUI4QzMxQzZBRUJBMzdBRERGMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNPuDxMZb0T5GijDYY4U4isL0N
CnyE3iuybsY0UhLIip62MGN3sKCrSXgs/bG/hHK+HNToEtghDwm3R2tTKvIUuqN3
sCEguIU3gU24ANE69st4wJn3nzXp36N9yQYCWhIYL0lFjwQLBVlgNMZGJukN+/fj
R7jrrSN6DMYORONwlgoyNK0ON+nskBdqi4eK/bRtp8dkvx28zanIRdGNCNo6kWpU
rbgfdt0PSDIOLvFHZfZeh+JQmowYypTXSa00Z8AqSXUVYcN36FoZVDwNh7Vm7x18
Uo1dIkL0xB+6wXN+ZRhfAGtkEiShvr8Y+BSsAc7wb+vmnF1rREzHylUtCCH5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMTSEvgknxyh2GOuMMcauujet3xMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMx
MzkzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbnFwDANBgkqhkiG9w0BAQsFAAOCAQEAcE+NrqpjiboQ/v7HrOwrBIqFX3N8
puLFkllCDT7Jl/T0l9/x+qaUkVsDhbnPSb4eIKjtKc8rGsPtuuiHaAxjs1NblH2d
R8SrmFzw0uOezbGHbdI4gnmTn6+R0wFNFQyFfkdXVv6uyh7DVoY8zQ9iIvAdOWqa
pOZy57Kt2QPSPoIDFyMQyAVDEDYGRWiQebyjI1yDA2abcl4yq12J7N4Uel65aRrd
+9AoYHtreupQh3jgawDVsWSXA9o9sq+3XWbOdZ7ZivKodw5fhhPkexHmHOJh+XyK
4yppfiuu0rkln3FSA0FatI0o6zeuwTHCvb7l0KIjKEi2aP+a/4+9vwRRnQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org