Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: yIvgr1CCf36pVgBaPYvjWb8pVRksQVGLMo/idLtDRGg=
Subject key identifier: A1:95:6A:85:15:D1:DB:B1:F2:D5:AD:47:57:1C:85:C4:FD:A9:4E:C5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 268CB57BEF6050DFD3C9F4D232B6DAF886DE69E5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 136787
IP address blocks: 185.199.103.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8c:b5:7b:ef:60:50:df:d3:c9:f4:d2:32:b6:da:f8:86:de:69:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=A1956A8515D1DBB1F2D5AD47571C85C4FDA94EC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:45:b0:7b:3f:ae:7e:a7:6c:f2:aa:2c:54:
20:30:2b:65:a1:d3:2e:a8:b7:82:28:ef:ae:ac:44:
d2:63:a9:c1:a0:33:f3:a9:e9:5c:30:35:ae:c5:45:
d1:7a:28:40:81:d8:ed:29:e4:79:e3:18:6c:a2:98:
a1:18:e6:4c:fb:d0:63:9b:13:ae:67:75:42:37:41:
ea:2d:46:0a:8a:a7:a5:4a:6b:24:c4:85:69:bd:38:
20:4b:4a:6e:ea:ea:6f:0f:b8:96:29:10:cc:18:ce:
03:4b:7f:72:ed:0a:2e:ba:94:ce:23:01:8c:4a:c7:
4e:db:d0:29:57:23:8d:6b:3a:cc:de:35:01:0f:ac:
4d:e9:65:c8:c9:0d:5c:96:50:01:7e:78:21:aa:05:
68:2d:9f:d7:63:6f:15:e5:4d:ef:45:56:97:18:65:
5e:4b:57:c1:5b:68:74:a0:ed:65:cd:be:f9:4e:8a:
94:3e:df:a2:6c:90:5a:c6:6d:86:57:07:b2:5c:55:
ea:8e:09:72:4c:f4:8b:b7:44:04:87:65:b6:6c:24:
4c:c8:6e:5a:53:2f:3a:7a:e4:fc:0a:2b:0a:6c:71:
13:7e:9b:ff:25:20:3e:03:dd:a3:3b:d8:f7:86:da:
96:09:35:e7:19:4d:28:b8:86:73:e9:e9:af:28:54:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:95:6A:85:15:D1:DB:B1:F2:D5:AD:47:57:1C:85:C4:FD:A9:4E:C5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.103.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6d:1a:b8:66:83:d2:ba:4d:e9:a0:22:73:e9:74:05:16:bc:
40:7b:2d:71:f2:8c:44:af:9e:37:c5:0f:8e:1a:5d:c2:2a:84:
88:e4:fd:78:ef:b2:86:dd:2e:a5:0d:b0:84:40:b1:70:e0:d7:
93:2b:86:b9:66:3e:18:85:a8:70:96:4e:85:b0:10:5c:b0:3f:
2a:78:5d:08:af:81:75:91:84:93:ce:13:bf:97:42:6e:11:d5:
24:dd:f6:6d:95:ec:e6:8c:39:2a:d1:9b:dc:82:63:06:a6:97:
1a:39:8c:94:54:ac:bf:c7:26:ea:be:fb:cc:a9:79:e9:1f:32:
fd:06:89:5d:04:e2:a6:65:5c:3d:c9:71:67:bc:1b:cb:f7:25:
b2:b9:6c:1d:30:66:8f:a8:48:ee:f3:f1:fb:b6:5a:69:f4:26:
80:db:2b:56:d2:47:bb:31:d4:82:e6:17:4e:d8:93:59:b3:35:
84:db:4a:57:bf:77:5c:d8:14:b5:2a:4b:a2:65:3b:a6:57:17:
eb:67:3f:a9:27:a1:d3:34:33:59:e5:06:87:3d:08:cf:60:eb:
76:08:dd:56:b6:02:28:c2:bf:c4:f7:ed:02:16:79:71:98:92:
41:6e:ca:c1:62:d1:b9:d6:f7:fd:5e:44:c5:c5:a0:88:5a:e9:
5c:82:af:36
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJoy1e+9gUN/TyfTSMrba+IbeaeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKEExOTU2QTg1MTVEMURCQjFGMkQ1QUQ0NzU3MUM4NUM0RkRBOTRFQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3IEWwez+ufqds8qosVCAwK2Wh
0y6ot4Io766sRNJjqcGgM/Op6VwwNa7FRdF6KECB2O0p5HnjGGyimKEY5kz70GOb
E65ndUI3QeotRgqKp6VKayTEhWm9OCBLSm7q6m8PuJYpEMwYzgNLf3LtCi66lM4j
AYxKx07b0ClXI41rOszeNQEPrE3pZcjJDVyWUAF+eCGqBWgtn9djbxXlTe9FVpcY
ZV5LV8FbaHSg7WXNvvlOipQ+36JskFrGbYZXB7JcVeqOCXJM9Iu3RASHZbZsJEzI
blpTLzp65PwKKwpscRN+m/8lID4D3aM72PeG2pYJNecZTSi4hnPp6a8oVA0xAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUoZVqhRXR27Hy1a1HVxyFxP2pTsUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZzANBgkqhkiG9w0BAQsFAAOCAQEACW0auGaD0rpN6aAic+l0BRa8QHst
cfKMRK+eN8UPjhpdwiqEiOT9eO+yht0upQ2whECxcODXkyuGuWY+GIWocJZOhbAQ
XLA/KnhdCK+BdZGEk84Tv5dCbhHVJN32bZXs5ow5KtGb3IJjBqaXGjmMlFSsv8cm
6r77zKl56R8y/QaJXQTipmVcPclxZ7wby/clsrlsHTBmj6hI7vPx+7ZaafQmgNsr
VtJHuzHUguYXTtiTWbM1hNtKV793XNgUtSpLomU7plcX62c/qSeh0zQzWeUGhz0I
z2DrdgjdVrYCKMK/xPftAhZ5cZiSQW7KwWLRudb3/V5ExcWgiFrpXIKvNg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org