Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: cre0PTURymDIVlRjm+dI/pvqBMJI5y0zF3GcC5M8a/A=
Subject key identifier: AD:24:67:A3:64:E4:3C:A9:D9:E9:1D:BE:28:C0:8D:ED:96:FF:D0:2B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 630CE6745C338506548A383AA98B4DCBDF179D30
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:04:59 +0000
ROA not before: Fri 20 Sep 2024 13:59:59 +0000
ROA not after: Fri 19 Sep 2025 14:04:59 +0000
asID: 136787
IP address blocks: 185.199.102.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:0c:e6:74:5c:33:85:06:54:8a:38:3a:a9:8b:4d:cb:df:17:9d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:59 2024 GMT
Not After : Sep 19 14:04:59 2025 GMT
Subject: CN=AD2467A364E43CA9D9E91DBE28C08DED96FFD02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:03:96:a6:a5:c5:dd:75:3e:c7:10:a5:43:
60:03:bb:b9:cc:fa:7b:17:0e:94:c4:f8:20:a3:01:
bb:cf:c2:0a:51:92:63:e6:07:61:47:64:93:c9:4b:
fb:70:86:56:b9:51:db:40:01:7f:15:55:01:80:b4:
86:b4:48:b1:23:b0:9d:17:f5:17:5f:81:ef:25:63:
43:cb:d7:9c:64:60:d5:e0:5b:d6:97:c9:3d:88:28:
8d:ce:a3:93:12:e0:01:81:1a:b4:0a:06:30:6e:13:
ac:b7:17:13:01:05:1e:ba:a6:d4:86:fe:8e:0e:f9:
6f:63:a9:3b:45:7a:aa:98:5c:ce:0c:ed:ec:0c:47:
0d:3a:98:f4:4a:c6:00:f2:fb:59:c9:96:b7:8a:4f:
04:34:8e:2d:53:fe:1a:47:d6:e1:91:96:4f:aa:e0:
17:53:c1:72:0e:57:ef:f6:13:24:6f:97:e3:58:44:
dd:2d:2c:31:67:0c:e5:4c:7e:f1:30:6d:b0:be:97:
98:e0:ad:06:25:8f:bb:a2:11:5f:a6:7e:dc:2a:31:
b9:fe:dc:e4:6e:22:66:91:3b:f8:e6:21:c5:02:7f:
78:e7:ab:1d:76:4b:8f:66:51:a0:c5:ca:5e:0b:29:
33:29:7f:34:9d:73:d7:dd:24:ea:30:78:06:9f:67:
99:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:24:67:A3:64:E4:3C:A9:D9:E9:1D:BE:28:C0:8D:ED:96:FF:D0:2B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:55:e0:93:69:c7:74:44:3d:20:2e:97:5a:61:0d:68:bf:66:
21:c8:57:57:da:d7:e4:33:76:fa:55:04:f7:08:81:0b:29:e1:
17:6f:47:b3:1e:c4:3d:a9:75:d4:9e:86:b6:01:80:5d:d8:d8:
be:14:de:e4:d4:05:82:a2:50:cc:ee:9f:18:85:c2:80:9f:2c:
0f:8d:c0:84:ef:96:4f:8b:e5:b1:84:71:f1:18:17:8c:d5:4b:
bb:f3:88:ae:30:b8:8e:8d:38:78:46:34:6c:d5:71:24:16:ef:
b1:21:be:52:66:df:4b:fa:e9:a0:68:57:de:ac:03:d6:0e:0f:
45:d2:b8:57:2d:33:56:05:62:7a:bc:15:f2:54:75:83:8b:6e:
0e:e1:2a:a6:f4:fc:28:79:42:b5:b0:a2:3a:b1:ed:5c:ed:fa:
b4:22:91:1d:a0:56:97:dd:e1:38:52:fc:35:ae:c3:a5:e6:4c:
d7:26:59:6b:d9:6a:c0:17:54:1d:c8:a2:3f:18:9a:2a:76:91:
2f:c1:e9:16:66:e8:e2:73:b0:99:c5:64:ac:37:48:69:a4:fd:
dd:a7:c2:25:40:cb:cd:78:8b:94:4c:80:37:06:70:d8:f1:dd:
74:8e:eb:14:ab:e2:78:35:ab:3f:f2:06:0e:ac:08:66:59:c4:
5a:ad:57:73
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYwzmdFwzhQZUijg6qYtNy98XnTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTlaFw0yNTA5MTkxNDA0NTlaMDMxMTAvBgNV
BAMTKEFEMjQ2N0EzNjRFNDNDQTlEOUU5MURCRTI4QzA4REVEOTZGRkQwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChhAOWpqXF3XU+xxClQ2ADu7nM
+nsXDpTE+CCjAbvPwgpRkmPmB2FHZJPJS/twhla5UdtAAX8VVQGAtIa0SLEjsJ0X
9Rdfge8lY0PL15xkYNXgW9aXyT2IKI3Oo5MS4AGBGrQKBjBuE6y3FxMBBR66ptSG
/o4O+W9jqTtFeqqYXM4M7ewMRw06mPRKxgDy+1nJlreKTwQ0ji1T/hpH1uGRlk+q
4BdTwXIOV+/2EyRvl+NYRN0tLDFnDOVMfvEwbbC+l5jgrQYlj7uiEV+mftwqMbn+
3ORuImaRO/jmIcUCf3jnqx12S49mUaDFyl4LKTMpfzSdc9fdJOoweAafZ5lhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUrSRno2TkPKnZ6R2+KMCN7Zb/0CswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZjANBgkqhkiG9w0BAQsFAAOCAQEAHVXgk2nHdEQ9IC6XWmENaL9mIchX
V9rX5DN2+lUE9wiBCynhF29Hsx7EPal11J6GtgGAXdjYvhTe5NQFgqJQzO6fGIXC
gJ8sD43AhO+WT4vlsYRx8RgXjNVLu/OIrjC4jo04eEY0bNVxJBbvsSG+UmbfS/rp
oGhX3qwD1g4PRdK4Vy0zVgVierwV8lR1g4tuDuEqpvT8KHlCtbCiOrHtXO36tCKR
HaBWl93hOFL8Na7DpeZM1yZZa9lqwBdUHciiPxiaKnaRL8HpFmbo4nOwmcVkrDdI
aaT93afCJUDLzXiLlEyANwZw2PHddI7rFKvieDWrP/IGDqwIZlnEWq1Xcw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org