Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4iEaFO303//MusX3CdXvUR2eUxnRr+0Mhkdr+sP4SZ0=
Subject key identifier: 45:3D:51:D0:0C:B2:61:57:25:39:83:9A:3E:04:0E:BA:4D:16:45:67
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7D9DCD42C0BDFA7A37D050855CCDC8BC3AA502B7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 25 Jun 2024 15:30:19 +0000
ROA not before: Tue 25 Jun 2024 15:25:19 +0000
ROA not after: Tue 24 Jun 2025 15:30:19 +0000
asID: 136787
IP address blocks: 185.197.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:9d:cd:42:c0:bd:fa:7a:37:d0:50:85:5c:cd:c8:bc:3a:a5:02:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 15:25:19 2024 GMT
Not After : Jun 24 15:30:19 2025 GMT
Subject: CN=453D51D00CB261572539839A3E040EBA4D164567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ae:4e:75:21:05:d4:59:70:c4:ea:dc:46:e0:
bc:ce:2c:d9:86:f5:09:27:57:8f:28:dc:da:69:81:
a7:83:12:04:06:bb:3f:a4:ca:5b:5a:bf:ce:fd:78:
b1:71:ed:27:8f:60:ab:aa:d6:3d:d6:bf:1e:b2:e2:
4f:8e:90:08:e6:5c:2d:a9:e2:6c:76:d7:c4:63:2d:
9c:9a:7f:51:0f:d8:4d:05:fd:a7:9b:d4:0b:92:5b:
13:f1:12:03:64:14:61:61:88:44:63:0c:54:7b:f7:
6e:9f:71:25:f3:c8:de:5b:98:4e:61:ae:2e:9b:9f:
71:2c:5c:d4:75:15:76:91:23:a9:ad:65:0b:5c:88:
03:86:e3:b6:7d:31:74:45:c3:9b:da:80:30:d0:85:
83:61:f9:eb:93:95:b6:18:0f:df:15:0d:ca:a8:34:
74:ce:bc:e4:72:44:87:d0:cd:85:1b:f2:17:19:ea:
26:29:be:55:4f:f3:a7:68:ff:76:44:bc:c4:64:fa:
ef:be:8e:61:08:5f:65:0c:36:3c:a8:50:c2:fc:32:
06:86:f1:8f:77:39:58:3d:ce:8f:9f:d2:20:75:5e:
72:07:90:75:05:60:26:57:6c:ac:c6:ab:ed:8f:1a:
f7:df:79:1c:07:8c:6d:1e:70:90:46:ab:c5:5c:ff:
ea:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3D:51:D0:0C:B2:61:57:25:39:83:9A:3E:04:0E:BA:4D:16:45:67
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.248.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:b2:f1:d3:1d:40:cd:ef:40:f2:48:85:bb:9d:25:b5:eb:96:
17:e3:29:bd:1b:24:9f:f2:1b:24:81:7b:c8:bd:16:0b:6a:1d:
b3:1d:b4:bb:ac:72:a9:b7:6e:34:02:cf:10:d7:b4:d4:90:57:
9d:55:73:2c:f1:9e:97:7f:09:ce:c6:f0:fe:0c:f4:01:d6:3a:
f5:a5:36:8e:a4:81:56:13:2d:8f:18:f5:43:82:04:15:0b:e5:
83:bd:a5:d9:90:79:7a:ff:cf:91:f4:7d:1e:32:1d:df:1a:c6:
ce:d4:10:4f:d7:69:c7:d2:84:6e:66:6f:cf:0f:24:3e:94:39:
5b:a2:43:fa:45:e1:86:1e:ad:82:9e:08:fd:6e:de:68:d4:82:
a9:38:6c:f1:dc:4b:05:24:03:ca:9f:f7:f9:d9:f9:4b:88:49:
26:5c:2d:e9:13:e4:45:22:af:a3:67:ed:d0:9b:02:84:94:33:
c5:ce:b9:22:7d:61:ef:64:4d:0b:8c:c3:8c:00:ab:fd:10:16:
9b:26:9a:ff:1b:c3:2c:a6:42:e1:46:00:e2:aa:4b:e7:d3:8b:
47:a9:f9:8d:8c:57:25:01:84:9c:75:2e:a0:3f:9f:3a:65:73:
cf:78:95:27:c9:37:cf:e2:44:dd:d8:e4:81:57:ff:44:fa:f5:
14:a5:17:b8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfZ3NQsC9+no30FCFXM3IvDqlArcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUxNTI1MTlaFw0yNTA2MjQxNTMwMTlaMDMxMTAvBgNV
BAMTKDQ1M0Q1MUQwMENCMjYxNTcyNTM5ODM5QTNFMDQwRUJBNEQxNjQ1NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkrk51IQXUWXDE6txG4LzOLNmG
9QknV48o3NppgaeDEgQGuz+kyltav879eLFx7SePYKuq1j3Wvx6y4k+OkAjmXC2p
4mx218RjLZyaf1EP2E0F/aeb1AuSWxPxEgNkFGFhiERjDFR7926fcSXzyN5bmE5h
ri6bn3EsXNR1FXaRI6mtZQtciAOG47Z9MXRFw5vagDDQhYNh+euTlbYYD98VDcqo
NHTOvORyRIfQzYUb8hcZ6iYpvlVP86do/3ZEvMRk+u++jmEIX2UMNjyoUML8MgaG
8Y93OVg9zo+f0iB1XnIHkHUFYCZXbKzGq+2PGvffeRwHjG0ecJBGq8Vc/+oxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURT1R0AyyYVclOYOaPgQOuk0WRWcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnF+DANBgkqhkiG9w0BAQsFAAOCAQEAK7Lx0x1Aze9A8kiFu50lteuWF+Mp
vRskn/IbJIF7yL0WC2odsx20u6xyqbduNALPENe01JBXnVVzLPGel38Jzsbw/gz0
AdY69aU2jqSBVhMtjxj1Q4IEFQvlg72l2ZB5ev/PkfR9HjId3xrGztQQT9dpx9KE
bmZvzw8kPpQ5W6JD+kXhhh6tgp4I/W7eaNSCqThs8dxLBSQDyp/3+dn5S4hJJlwt
6RPkRSKvo2ft0JsChJQzxc65In1h72RNC4zDjACr/RAWmyaa/xvDLKZC4UYA4qpL
59OLR6n5jYxXJQGEnHUuoD+fOmVzz3iVJ8k3z+JE3djkgVf/RPr1FKUXuA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org