Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: 9wL9vZ1R0VJox6oxmZq8SIe8xnmjosr2VwfqPVfihJs=
Subject key identifier: B1:FA:8C:A9:93:C5:1A:A3:A4:26:6D:28:29:0A:7A:01:70:2D:DA:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 076311AAD8AA0EA977B02EABEACF49CA595CBFB4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 14 Jun 2024 07:03:55 +0000
ROA not before: Fri 14 Jun 2024 06:58:55 +0000
ROA not after: Fri 13 Jun 2025 07:03:55 +0000
asID: 207137
IP address blocks: 185.214.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:63:11:aa:d8:aa:0e:a9:77:b0:2e:ab:ea:cf:49:ca:59:5c:bf:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 14 06:58:55 2024 GMT
Not After : Jun 13 07:03:55 2025 GMT
Subject: CN=B1FA8CA993C51AA3A4266D28290A7A01702DDAC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6d:61:e7:56:1d:b4:fe:60:20:23:06:13:af:
a3:13:37:4f:d0:14:44:26:73:f0:d3:e6:62:6d:77:
6a:98:60:e2:95:5e:8a:18:cb:86:96:01:1f:2c:3c:
86:5f:d4:9a:1d:7a:30:9c:ed:f8:1c:e6:dd:eb:9d:
4f:e4:15:ff:0e:de:45:c6:e0:e5:00:6a:62:00:9b:
01:19:89:10:03:30:0c:06:ac:eb:e4:15:57:66:78:
1e:01:aa:6b:f9:34:11:1f:76:12:a5:5c:d5:df:ae:
13:25:42:1b:52:3c:77:65:ca:9c:84:9c:37:9b:68:
a9:10:47:a1:5c:e2:2c:38:59:8a:1c:fa:56:77:d6:
49:dc:10:3c:36:73:9c:22:5d:14:74:b1:3a:10:42:
d2:53:af:62:fd:73:8b:86:1e:93:1f:e5:09:35:3c:
d2:60:f1:23:81:be:66:f5:71:dd:0b:6d:50:59:87:
83:08:46:55:65:97:b3:67:ab:3c:7f:a5:02:dd:92:
36:3f:58:cc:46:12:c7:5d:c2:27:5e:19:7c:6e:68:
18:9c:41:69:a7:44:12:58:ec:08:29:1b:b8:57:2f:
cd:f3:e3:3e:00:12:38:85:e1:6e:b9:32:ed:1d:1b:
1e:a1:39:8d:3f:2e:01:b7:ee:0b:dc:04:35:99:41:
b6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:FA:8C:A9:93:C5:1A:A3:A4:26:6D:28:29:0A:7A:01:70:2D:DA:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d4:ea:f4:45:e2:1f:1b:8d:e8:4c:51:43:37:30:2b:70:1d:
b0:60:ed:c1:2c:b5:ce:6f:a9:f4:e3:39:72:90:e4:7a:e4:3a:
3d:9f:31:21:03:0c:23:d6:77:3a:26:80:e3:5a:fb:79:f6:2f:
5f:87:fe:d5:a3:1e:ee:1c:c1:52:8e:80:3b:d9:3c:12:40:74:
31:f9:ac:21:4e:1e:a2:5e:d9:e5:7c:d8:52:67:49:64:52:b1:
61:67:37:4d:16:5b:9f:ed:55:6c:cb:82:a9:a2:3c:6f:1b:13:
d3:6a:5a:a0:f6:ba:7b:91:e5:27:88:5a:fe:d7:2d:22:de:22:
e4:55:3e:d4:23:72:73:04:7f:50:a7:52:c1:9a:7d:04:c8:54:
8c:82:fb:1f:88:e1:5e:68:e5:4d:9f:c8:f3:3e:8c:60:6e:a0:
87:dd:35:fa:c6:00:c8:06:0a:ee:ce:94:0a:51:6d:7e:63:b6:
b2:d2:1f:a9:04:ac:21:1e:4a:ea:a1:c8:57:d6:82:c5:af:85:
20:3e:d0:e2:71:30:02:51:92:aa:a1:ca:3d:96:37:59:e7:a7:
38:2b:3d:c2:79:88:e7:32:17:b3:e1:c4:27:9d:7c:fa:d9:a7:
bc:da:bd:70:3b:ab:de:ae:f5:90:36:fd:5d:b6:72:49:d5:9e:
6e:2c:06:77
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUB2MRqtiqDql3sC6r6s9Jyllcv7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTQwNjU4NTVaFw0yNTA2MTMwNzAzNTVaMDMxMTAvBgNV
BAMTKEIxRkE4Q0E5OTNDNTFBQTNBNDI2NkQyODI5MEE3QTAxNzAyRERBQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkbWHnVh20/mAgIwYTr6MTN0/Q
FEQmc/DT5mJtd2qYYOKVXooYy4aWAR8sPIZf1JodejCc7fgc5t3rnU/kFf8O3kXG
4OUAamIAmwEZiRADMAwGrOvkFVdmeB4Bqmv5NBEfdhKlXNXfrhMlQhtSPHdlypyE
nDebaKkQR6Fc4iw4WYoc+lZ31kncEDw2c5wiXRR0sToQQtJTr2L9c4uGHpMf5Qk1
PNJg8SOBvmb1cd0LbVBZh4MIRlVll7Nnqzx/pQLdkjY/WMxGEsddwideGXxuaBic
QWmnRBJY7AgpG7hXL83z4z4AEjiF4W65Mu0dGx6hOY0/LgG37gvcBDWZQbZ5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsfqMqZPFGqOkJm0oKQp6AXAt2sEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mEwDQYJKoZIhvcNAQELBQADggEBAGrU6vRF4h8bjehMUUM3MCtwHbBg7cEs
tc5vqfTjOXKQ5HrkOj2fMSEDDCPWdzomgONa+3n2L1+H/tWjHu4cwVKOgDvZPBJA
dDH5rCFOHqJe2eV82FJnSWRSsWFnN00WW5/tVWzLgqmiPG8bE9NqWqD2unuR5SeI
Wv7XLSLeIuRVPtQjcnMEf1CnUsGafQTIVIyC+x+I4V5o5U2fyPM+jGBuoIfdNfrG
AMgGCu7OlApRbX5jtrLSH6kErCEeSuqhyFfWgsWvhSA+0OJxMAJRkqqhyj2WN1nn
pzgrPcJ5iOcyF7PhxCedfPrZp7zavXA7q96u9ZA2/V22cknVnm4sBnc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org