Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3234382e302f32342d3332203d3e20313336373837.roa
File: 3138352e3230372e3234382e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: YvrMddozUtVm4D2tUmE8w7JEBXs9d1aDzAtIoAJhqiA=
Subject key identifier: C0:A3:B2:CB:79:83:A1:8B:6D:3E:43:32:02:AD:E7:2F:B0:BA:D3:5E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F5296782B51DB5BE9FBEF309A70E98F72A134E6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3234382e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:04:56 +0000
ROA not before: Fri 20 Sep 2024 13:59:56 +0000
ROA not after: Fri 19 Sep 2025 14:04:56 +0000
asID: 136787
IP address blocks: 185.207.248.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:52:96:78:2b:51:db:5b:e9:fb:ef:30:9a:70:e9:8f:72:a1:34:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:56 2024 GMT
Not After : Sep 19 14:04:56 2025 GMT
Subject: CN=C0A3B2CB7983A18B6D3E433202ADE72FB0BAD35E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:e7:d9:99:2c:ed:e3:72:ab:8c:e8:f5:95:
d2:7a:d9:23:59:d9:51:2d:30:73:ba:00:66:21:e4:
05:6d:0b:45:b5:1f:8d:a2:6b:39:33:71:d1:8b:6c:
43:cc:48:b6:59:91:77:2d:f6:fb:1d:4f:a6:9a:c5:
aa:59:e9:62:56:a4:a4:08:78:bc:b4:ba:48:4f:8a:
e0:c2:1c:ae:f6:b3:84:d0:71:06:c2:76:99:48:f0:
47:84:ce:5a:e0:e5:a1:04:17:78:ac:8f:09:7e:ab:
1b:47:b1:ab:dd:ff:dd:0a:3e:3d:5c:40:b0:5a:10:
e9:eb:46:2d:f8:fb:b2:b2:25:e3:2b:ba:81:e7:55:
49:e8:11:03:51:f6:f3:20:2b:e4:22:ff:a5:9d:8f:
8e:c2:0d:b1:a9:54:39:b7:f0:e9:12:93:78:4d:3f:
a2:47:63:e8:d3:5d:e6:8f:5b:ff:98:08:a0:b9:28:
30:71:5d:7a:2f:52:a6:f2:68:b2:7c:6e:21:d3:a0:
31:5f:c7:8c:67:60:7d:0a:37:a0:3a:79:db:ad:69:
49:0b:12:39:87:ed:24:18:96:37:f2:f6:94:42:43:
af:f0:37:6f:5f:5a:f9:93:30:c5:a2:b3:94:69:7c:
54:9f:61:80:87:a4:a1:2c:c0:7c:ff:03:d9:23:ca:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A3:B2:CB:79:83:A1:8B:6D:3E:43:32:02:AD:E7:2F:B0:BA:D3:5E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3234382e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.248.0/24
Signature Algorithm: sha256WithRSAEncryption
71:0a:d4:25:bf:da:d1:a1:f1:fc:14:60:d0:1e:a4:db:3e:aa:
c1:05:77:e3:fa:44:a7:6d:22:50:ba:28:5b:2c:7d:f9:ca:93:
ab:7d:6e:fc:05:d5:79:0e:f9:a0:de:9d:e4:c9:e3:8c:21:d6:
10:6f:a1:8a:a3:6d:bb:38:52:77:e1:90:e4:30:5a:99:ed:57:
43:50:41:d6:30:4f:a6:bf:e0:0a:53:51:d7:04:bf:cb:13:bc:
c8:37:61:89:54:79:fe:9f:aa:34:de:b0:ab:5f:e6:4b:b0:88:
e2:ba:c1:1e:a0:f3:63:44:45:67:ce:c6:a3:46:29:aa:a0:d9:
14:a1:b3:5c:23:68:b8:69:7d:ca:86:ff:2f:9d:cd:02:30:2d:
54:31:f9:be:c8:dd:50:2b:b4:18:e9:c6:c0:02:63:79:8a:28:
76:65:5d:82:04:34:8f:e8:d8:d3:cc:37:d0:fb:2d:a8:35:eb:
39:6d:a4:68:38:3a:5f:8f:f6:a5:d9:f0:6d:c8:e2:c2:ce:7b:
54:1d:c4:a1:ef:d2:23:18:92:ac:56:22:23:44:c9:0f:75:dc:
db:bb:28:af:6c:1b:d4:41:4d:71:66:6b:91:ce:2b:04:6e:04:
99:e6:e6:46:b4:e3:0c:1c:f9:01:32:d0:57:d5:b6:65:45:9b:
43:c5:2d:17
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUb1KWeCtR21vp++8wmnDpj3KhNOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTZaFw0yNTA5MTkxNDA0NTZaMDMxMTAvBgNV
BAMTKEMwQTNCMkNCNzk4M0ExOEI2RDNFNDMzMjAyQURFNzJGQjBCQUQzNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC88efZmSzt43KrjOj1ldJ62SNZ
2VEtMHO6AGYh5AVtC0W1H42iazkzcdGLbEPMSLZZkXct9vsdT6aaxapZ6WJWpKQI
eLy0ukhPiuDCHK72s4TQcQbCdplI8EeEzlrg5aEEF3isjwl+qxtHsavd/90KPj1c
QLBaEOnrRi34+7KyJeMruoHnVUnoEQNR9vMgK+Qi/6Wdj47CDbGpVDm38OkSk3hN
P6JHY+jTXeaPW/+YCKC5KDBxXXovUqbyaLJ8biHToDFfx4xnYH0KN6A6edutaUkL
EjmH7SQYljfy9pRCQ6/wN29fWvmTMMWis5RpfFSfYYCHpKEswHz/A9kjyhDdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUwKOyy3mDoYttPkMyAq3nL7C6014wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzcyZTMy
MzQzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnP+DANBgkqhkiG9w0BAQsFAAOCAQEAcQrUJb/a0aHx/BRg0B6k2z6qwQV3
4/pEp20iULooWyx9+cqTq31u/AXVeQ75oN6d5MnjjCHWEG+hiqNtuzhSd+GQ5DBa
me1XQ1BB1jBPpr/gClNR1wS/yxO8yDdhiVR5/p+qNN6wq1/mS7CI4rrBHqDzY0RF
Z87Go0YpqqDZFKGzXCNouGl9yob/L53NAjAtVDH5vsjdUCu0GOnGwAJjeYoodmVd
ggQ0j+jY08w30PstqDXrOW2kaDg6X4/2pdnwbcjiws57VB3Eoe/SIxiSrFYiI0TJ
D3Xc27sor2wb1EFNcWZrkc4rBG4EmebmRrTjDBz5ATLQV9W2ZUWbQ8UtFw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org