Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: w1vh9vXfcSauK6Io+RKdOft//nH1I3GWdSC8CLvNJtY=
Subject key identifier: 24:01:BD:DE:89:91:9A:FE:AD:25:4F:60:9E:9E:F4:FD:E1:D3:52:9D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 75EEA7C6774B775418298CE7D178D9066957BE7A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 14 Jun 2024 07:03:55 +0000
ROA not before: Fri 14 Jun 2024 06:58:55 +0000
ROA not after: Fri 13 Jun 2025 07:03:55 +0000
asID: 207137
IP address blocks: 185.214.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ee:a7:c6:77:4b:77:54:18:29:8c:e7:d1:78:d9:06:69:57:be:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 14 06:58:55 2024 GMT
Not After : Jun 13 07:03:55 2025 GMT
Subject: CN=2401BDDE89919AFEAD254F609E9EF4FDE1D3529D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:98:4c:97:3b:e2:d2:44:82:37:d8:c8:c5:43:
72:c9:7a:74:aa:88:bc:48:81:48:d5:a5:8c:4c:b1:
1f:f7:21:31:48:e1:7d:5c:dd:3b:cc:10:87:e6:dc:
16:21:96:51:f5:f2:71:e6:93:d3:ba:9c:d8:8b:86:
89:e1:fc:99:38:0a:96:18:f2:46:43:ec:6b:a5:90:
2e:e4:df:21:cc:b7:45:35:ed:84:00:dd:7f:73:82:
0a:f5:81:a6:30:18:e6:2b:e7:70:68:4f:66:10:7d:
1b:54:f7:44:29:09:3d:73:0b:94:48:4b:b1:62:35:
e9:2e:4c:49:d1:83:ed:14:a5:d5:57:e7:b3:17:dc:
6e:bc:82:06:ca:9c:3e:c2:d5:2c:d0:ce:69:14:5a:
7b:3a:92:13:01:e3:cf:6f:c8:21:87:87:e9:e8:04:
d1:8d:fa:c6:05:22:11:d2:65:2d:a7:74:7a:64:f2:
34:44:b6:4a:79:1e:58:e0:7c:96:9a:e9:5f:70:16:
8d:5c:16:5f:b8:57:41:36:4a:52:92:86:61:3c:69:
30:a1:8b:99:df:1b:e9:f3:40:8a:d5:fb:d2:51:cf:
b4:5c:70:51:62:3f:ac:99:4f:51:3b:25:9d:60:9f:
b4:7e:7d:69:1c:40:32:14:9f:af:fd:bd:b1:ca:25:
94:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:01:BD:DE:89:91:9A:FE:AD:25:4F:60:9E:9E:F4:FD:E1:D3:52:9D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.96.0/24
Signature Algorithm: sha256WithRSAEncryption
13:a7:d3:38:ca:d2:ef:8c:53:c7:ac:78:76:df:ce:de:b2:35:
90:e4:f3:bb:07:df:d2:bd:67:fc:ad:eb:7c:a7:38:dc:17:84:
b8:57:35:d1:3c:c9:29:80:0f:10:15:3f:41:4d:5c:f7:4a:41:
74:4d:ff:11:b7:2b:20:e6:a8:31:67:02:7a:09:25:20:81:76:
03:d7:a6:7f:a9:c0:42:d8:19:e0:2b:fe:9e:bf:2e:f1:63:f7:
4c:e0:06:fe:ae:53:84:70:0c:f2:b7:0d:01:7c:82:39:f4:10:
b5:db:50:ac:e2:d9:0a:e2:cc:64:5a:3b:91:b0:b1:e5:76:db:
29:e7:98:01:1e:aa:0c:57:61:02:66:07:59:fb:5a:74:cf:65:
56:cd:15:4d:87:14:61:b5:f2:65:44:da:59:55:08:76:80:c1:
c4:5d:9b:9a:08:d3:cf:2f:54:b8:8a:8a:8d:63:44:b6:9c:e4:
97:62:a3:86:7c:4d:75:16:75:c3:1b:e3:38:c2:87:5e:00:ca:
61:66:ba:49:79:7a:a1:f5:89:99:54:02:81:38:77:30:1f:e0:
2d:9f:bb:8e:b2:62:5a:a9:5a:6e:89:7e:a3:cb:a4:cc:97:6b:
e3:c4:40:67:e4:69:2c:63:79:f4:27:94:fb:b4:01:8e:5a:27:
06:22:d0:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUde6nxndLd1QYKYzn0XjZBmlXvnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTQwNjU4NTVaFw0yNTA2MTMwNzAzNTVaMDMxMTAvBgNV
BAMTKDI0MDFCRERFODk5MTlBRkVBRDI1NEY2MDlFOUVGNEZERTFEMzUyOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmmEyXO+LSRII32MjFQ3LJenSq
iLxIgUjVpYxMsR/3ITFI4X1c3TvMEIfm3BYhllH18nHmk9O6nNiLhonh/Jk4CpYY
8kZD7GulkC7k3yHMt0U17YQA3X9zggr1gaYwGOYr53BoT2YQfRtU90QpCT1zC5RI
S7FiNekuTEnRg+0UpdVX57MX3G68ggbKnD7C1SzQzmkUWns6khMB489vyCGHh+no
BNGN+sYFIhHSZS2ndHpk8jREtkp5HljgfJaa6V9wFo1cFl+4V0E2SlKShmE8aTCh
i5nfG+nzQIrV+9JRz7RccFFiP6yZT1E7JZ1gn7R+fWkcQDIUn6/9vbHKJZQ3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJAG93omRmv6tJU9gnp70/eHTUp0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mAwDQYJKoZIhvcNAQELBQADggEBABOn0zjK0u+MU8eseHbfzt6yNZDk87sH
39K9Z/yt63ynONwXhLhXNdE8ySmADxAVP0FNXPdKQXRN/xG3KyDmqDFnAnoJJSCB
dgPXpn+pwELYGeAr/p6/LvFj90zgBv6uU4RwDPK3DQF8gjn0ELXbUKzi2QrizGRa
O5GwseV22ynnmAEeqgxXYQJmB1n7WnTPZVbNFU2HFGG18mVE2llVCHaAwcRdm5oI
088vVLiKio1jRLac5Jdio4Z8TXUWdcMb4zjCh14AymFmukl5eqH1iZlUAoE4dzAf
4C2fu46yYlqpWm6JfqPLpMyXa+PEQGfkaSxjefQnlPu0AY5aJwYi0H4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:59 2025 by rpki-client