Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6dYf53Hk7geBy1J4jA2NjZdtxQjbmjFA8H+74de2Fp0=
Subject key identifier: 58:EA:23:8D:FF:60:72:0C:3A:F7:98:8D:A9:6F:D8:14:A8:E9:58:A6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2DB7F30D695200958020BCC36413943CD5F7C17D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:16 +0000
ROA not before: Sun 27 Oct 2024 20:00:16 +0000
ROA not after: Sun 26 Oct 2025 20:05:16 +0000
asID: 136787
IP address blocks: 185.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b7:f3:0d:69:52:00:95:80:20:bc:c3:64:13:94:3c:d5:f7:c1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:16 2024 GMT
Not After : Oct 26 20:05:16 2025 GMT
Subject: CN=58EA238DFF60720C3AF7988DA96FD814A8E958A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a2:87:77:3b:01:8a:31:c5:47:f3:2d:52:f2:
96:d6:02:b7:48:26:03:d5:60:80:63:bf:13:fa:af:
24:a3:ef:26:bf:ac:73:0c:27:86:48:6e:66:97:8c:
d4:e8:15:05:34:f3:0f:1b:4d:ab:bf:27:60:33:8f:
82:78:8c:72:37:8c:5f:c6:26:5d:2f:b6:dc:f4:31:
49:be:92:cb:32:96:7d:0f:5a:f9:26:75:df:86:9e:
87:2a:07:9c:49:85:81:6d:b9:cd:3a:ca:6b:90:62:
a9:58:71:2a:a1:12:b1:c1:1b:ec:0a:4f:1c:0d:53:
14:8e:9d:fa:53:40:38:a4:1c:cb:b4:c5:0a:18:c1:
55:2c:0f:25:f5:c2:69:6d:22:af:91:f9:ee:8f:d2:
a8:45:29:50:32:d4:3a:51:7f:e8:ce:83:b1:0c:54:
fa:81:4d:93:de:83:6e:8b:02:16:ac:59:49:75:27:
52:81:8f:23:28:3d:ef:1e:12:5f:0b:15:3a:ef:5d:
93:2c:ed:0a:6a:a0:d1:8e:45:c6:c1:aa:ac:54:bd:
6d:34:86:ae:60:dd:b9:15:8e:b6:8d:90:1c:5a:02:
09:79:0c:0d:a8:29:49:f2:a1:7e:76:ef:3c:14:af:
f4:fb:19:43:2b:83:be:c1:74:4b:56:ef:13:35:22:
8b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EA:23:8D:FF:60:72:0C:3A:F7:98:8D:A9:6F:D8:14:A8:E9:58:A6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
33:61:fa:1f:6e:f2:15:cb:ef:09:a2:6a:14:fa:ad:4e:53:82:
41:9b:1c:c0:33:6c:ee:af:40:73:b0:09:71:d2:f7:20:1b:70:
89:03:ec:9b:96:23:da:b8:9b:af:77:43:9e:33:4b:2d:53:22:
a8:60:e8:c0:ba:65:e5:e0:f3:70:fa:0a:50:b3:6d:31:36:63:
a2:e1:06:57:e1:b1:28:2b:0d:63:4c:6a:81:b3:a1:12:3e:ab:
ac:0b:10:97:5b:dc:ff:e1:50:e2:96:15:1d:d9:c8:0b:f6:03:
6f:3c:a4:9b:e4:a7:92:e3:f4:ae:3d:73:eb:ba:c0:12:c6:b6:
82:f2:e9:b0:18:fb:95:f5:73:37:68:6e:6d:f0:96:36:2b:fb:
c5:0e:3f:60:d3:5b:85:47:47:3d:58:a9:20:ae:9f:7f:17:94:
ef:91:bb:38:08:08:74:12:6c:27:57:a4:eb:7b:42:ba:33:01:
ae:15:7e:83:b7:a8:22:6e:ef:38:ec:5a:e3:aa:e1:43:70:f1:
5a:32:a7:68:d0:51:d2:59:e7:14:73:fa:22:6b:ea:a9:62:86:
94:cf:99:34:d1:ae:22:3f:8f:47:d4:3a:72:88:c2:ec:10:71:
a4:32:1f:4d:b3:2e:cb:60:69:87:7a:d2:6e:59:9d:cc:5a:a6:
4c:2e:c1:c5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULbfzDWlSAJWAILzDZBOUPNX3wX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTZaFw0yNTEwMjYyMDA1MTZaMDMxMTAvBgNV
BAMTKDU4RUEyMzhERkY2MDcyMEMzQUY3OTg4REE5NkZEODE0QThFOTU4QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyood3OwGKMcVH8y1S8pbWArdI
JgPVYIBjvxP6rySj7ya/rHMMJ4ZIbmaXjNToFQU08w8bTau/J2Azj4J4jHI3jF/G
Jl0vttz0MUm+kssyln0PWvkmdd+GnocqB5xJhYFtuc06ymuQYqlYcSqhErHBG+wK
TxwNUxSOnfpTQDikHMu0xQoYwVUsDyX1wmltIq+R+e6P0qhFKVAy1DpRf+jOg7EM
VPqBTZPeg26LAhasWUl1J1KBjyMoPe8eEl8LFTrvXZMs7QpqoNGORcbBqqxUvW00
hq5g3bkVjraNkBxaAgl5DA2oKUnyoX527zwUr/T7GUMrg77BdEtW7xM1IouHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWOojjf9gcgw695iNqW/YFKjpWKYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR5zANBgkqhkiG9w0BAQsFAAOCAQEAM2H6H27yFcvvCaJqFPqtTlOCQZsc
wDNs7q9Ac7AJcdL3IBtwiQPsm5Yj2ribr3dDnjNLLVMiqGDowLpl5eDzcPoKULNt
MTZjouEGV+GxKCsNY0xqgbOhEj6rrAsQl1vc/+FQ4pYVHdnIC/YDbzykm+SnkuP0
rj1z67rAEsa2gvLpsBj7lfVzN2hubfCWNiv7xQ4/YNNbhUdHPVipIK6ffxeU75G7
OAgIdBJsJ1ek63tCujMBrhV+g7eoIm7vOOxa46rhQ3DxWjKnaNBR0lnnFHP6Imvq
qWKGlM+ZNNGuIj+PR9Q6cojC7BBxpDIfTbMuy2Bph3rSblmdzFqmTC7BxQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:44 2025 by rpki-client