Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136372e302f32342d3332203d3e203531313637.roa
File: 3138352e3231352e3136372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: vEqzD6ngmiLbegjI6IQpHQrORfgdfrN4kYY0pbkZWTc=
Subject key identifier: 1C:E9:DC:9A:24:02:D5:DF:EE:29:9F:A8:60:34:83:20:8F:9F:10:03
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 34DE07A049D1A1405345B581FD616269B2ECCEB2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:04 +0000
ROA not before: Mon 27 Jan 2025 09:40:04 +0000
ROA not after: Mon 26 Jan 2026 09:45:04 +0000
asID: 51167
IP address blocks: 185.215.167.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:de:07:a0:49:d1:a1:40:53:45:b5:81:fd:61:62:69:b2:ec:ce:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:04 2025 GMT
Not After : Jan 26 09:45:04 2026 GMT
Subject: CN=1CE9DC9A2402D5DFEE299FA8603483208F9F1003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:c1:64:16:41:8e:81:26:90:4a:5d:a4:1a:
8b:eb:e3:03:b3:f1:78:81:44:99:56:f6:73:96:7b:
97:ec:4e:17:df:8a:d4:8b:c9:e1:40:a1:1f:39:93:
06:99:45:b8:5f:13:5b:70:39:07:b5:29:40:dc:73:
cb:94:26:83:73:7c:f3:78:90:c3:c1:ee:af:45:8a:
87:e6:b1:fd:80:c8:86:9e:98:41:64:fe:b6:9a:5b:
1a:2a:ce:e8:3c:3c:0e:b4:20:4e:71:37:c7:ff:30:
0a:79:93:a5:67:44:f2:cc:f8:ca:8a:ae:24:2b:5a:
02:6b:c1:cf:98:37:dd:d8:35:eb:bf:71:b7:73:1e:
1d:1c:56:33:63:3e:70:63:89:2a:70:f8:51:b5:63:
b8:88:4f:09:14:09:56:1a:cd:86:fa:16:9a:4f:97:
76:21:db:10:5f:51:7f:05:f3:15:6f:75:7b:5d:f9:
b0:ad:fe:f1:41:27:3b:63:c9:6b:7d:f2:53:bc:c5:
84:52:5c:ba:09:44:21:b4:3c:d3:a5:35:06:d8:fd:
ca:a5:eb:0a:cc:1b:68:71:42:76:a8:c6:80:16:57:
b0:85:6e:b6:8d:ac:d1:7e:f6:f0:47:fc:25:81:ce:
89:dc:5b:46:01:87:6e:e7:08:7d:3d:dd:d3:41:dc:
a1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E9:DC:9A:24:02:D5:DF:EE:29:9F:A8:60:34:83:20:8F:9F:10:03
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.167.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ea:a0:82:7b:17:e1:fe:61:20:72:d2:39:69:d2:2c:2a:ee:
b2:50:90:8d:52:91:95:8b:5e:23:64:2b:80:89:15:e7:b5:bd:
df:d5:24:05:3a:5a:bc:97:3f:4f:e2:ba:91:cb:3e:5b:6f:7b:
b6:4e:ca:97:c1:49:d2:65:41:ae:b7:c0:5a:fb:b1:bb:a5:b1:
30:5e:dd:dd:e5:24:e6:72:31:2f:74:aa:74:98:74:8b:6e:28:
75:c3:04:29:65:d3:3c:13:0a:c0:c3:e4:eb:9d:e8:e1:5a:13:
e2:ce:76:5b:1b:19:a0:2f:35:83:ba:8f:00:59:1a:4d:b0:e8:
5c:97:1b:89:94:6a:74:64:6d:67:e7:b4:b3:a9:08:67:f7:25:
ef:3e:82:6b:72:aa:e8:29:2b:73:71:4a:82:b5:87:ce:f5:71:
76:ba:9f:c1:fb:d8:f0:98:30:5b:9d:82:29:40:70:4d:bd:e1:
d5:be:67:0d:ae:f1:78:46:84:60:69:25:b9:2f:57:b0:2b:36:
99:58:c9:b1:43:e9:ef:06:b7:a6:70:da:48:13:ed:1f:a7:2f:
28:b6:c3:ee:bc:08:23:07:10:36:25:20:86:db:90:27:04:ec:
2b:b0:c3:55:26:2b:fa:34:39:d1:0d:96:eb:ac:4c:12:1c:86:
a5:07:da:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNN4HoEnRoUBTRbWB/WFiabLszrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDRaFw0yNjAxMjYwOTQ1MDRaMDMxMTAvBgNV
BAMTKDFDRTlEQzlBMjQwMkQ1REZFRTI5OUZBODYwMzQ4MzIwOEY5RjEwMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6scFkFkGOgSaQSl2kGovr4wOz
8XiBRJlW9nOWe5fsThffitSLyeFAoR85kwaZRbhfE1twOQe1KUDcc8uUJoNzfPN4
kMPB7q9Fiofmsf2AyIaemEFk/raaWxoqzug8PA60IE5xN8f/MAp5k6VnRPLM+MqK
riQrWgJrwc+YN93YNeu/cbdzHh0cVjNjPnBjiSpw+FG1Y7iITwkUCVYazYb6FppP
l3Yh2xBfUX8F8xVvdXtd+bCt/vFBJztjyWt98lO8xYRSXLoJRCG0PNOlNQbY/cql
6wrMG2hxQnaoxoAWV7CFbraNrNF+9vBH/CWBzoncW0YBh27nCH093dNB3KGDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHOncmiQC1d/uKZ+oYDSDII+fEAMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzUyZTMx
MzYzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC516cwDQYJKoZIhvcNAQELBQADggEBAJvqoIJ7F+H+YSBy0jlp0iwq7rJQkI1S
kZWLXiNkK4CJFee1vd/VJAU6WryXP0/iupHLPltve7ZOypfBSdJlQa63wFr7sbul
sTBe3d3lJOZyMS90qnSYdItuKHXDBCll0zwTCsDD5Oud6OFaE+LOdlsbGaAvNYO6
jwBZGk2w6FyXG4mUanRkbWfntLOpCGf3Je8+gmtyqugpK3NxSoK1h871cXa6n8H7
2PCYMFudgilAcE294dW+Zw2u8XhGhGBpJbkvV7ArNplYybFD6e8Gt6Zw2kgT7R+n
Lyi2w+68CCMHEDYlIIbbkCcE7Cuww1UmK/o0OdENluusTBIchqUH2sI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:04:12 2025 by rpki-client