Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
File: 3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: tT/85Y2LrNqp29BwmVK6pw5CwDR5NZGtapJ7XRf49fE=
Subject key identifier: 1F:E2:43:21:B9:52:03:6B:44:06:09:5D:4C:9F:D5:68:86:59:29:57
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 07A1B8CC5FC9B9B8BC50552FF38ECC582D55809D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
Signing time: Mon 26 Feb 2024 08:53:12 +0000
ROA not before: Mon 26 Feb 2024 08:48:12 +0000
ROA not after: Mon 24 Feb 2025 08:53:12 +0000
asID: 62240
IP address blocks: 185.216.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:a1:b8:cc:5f:c9:b9:b8:bc:50:55:2f:f3:8e:cc:58:2d:55:80:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:12 2024 GMT
Not After : Feb 24 08:53:12 2025 GMT
Subject: CN=1FE24321B952036B4406095D4C9FD56886592957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:b4:c8:4e:06:cd:e3:ab:6a:42:4e:04:d0:
3c:06:20:2a:5a:02:f9:70:5e:53:d9:2f:ad:37:fd:
b4:e8:63:27:5c:f8:90:a0:a7:be:38:b4:b0:5c:0c:
4f:4a:c9:df:4a:d6:3a:4d:93:f0:44:52:26:f4:9f:
10:f1:2e:3f:4d:8c:36:11:58:cb:80:3b:c0:e9:4c:
9e:58:02:e7:b6:d2:2b:31:9b:57:d8:ad:b1:e0:22:
f0:a1:aa:97:43:c5:19:da:ba:e0:8a:a2:8f:bf:8e:
8f:42:03:1e:9d:bd:14:18:1e:8e:93:35:cc:07:e1:
cd:f7:4c:30:1c:1d:da:73:ca:d4:08:b5:8b:48:36:
09:7b:8b:f9:5d:30:02:a2:6d:d4:c2:ca:64:0e:09:
49:3a:e2:c4:38:42:a1:73:66:cd:d8:d6:d6:45:fa:
92:a6:7e:6b:65:86:83:48:91:5c:b8:df:3d:14:a8:
7a:26:e6:1f:04:c5:e9:8e:04:da:dd:28:cf:8a:97:
7c:29:26:c4:a5:98:7c:15:90:e8:11:6b:aa:b5:12:
60:19:a5:78:4a:dc:8b:83:01:5b:e3:7a:a1:9a:aa:
47:b9:ac:28:85:02:1e:3b:7c:bd:2a:76:bd:ef:91:
37:44:38:92:75:ed:56:26:62:ba:82:ae:53:a3:ac:
04:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E2:43:21:B9:52:03:6B:44:06:09:5D:4C:9F:D5:68:86:59:29:57
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.201.0/24
Signature Algorithm: sha256WithRSAEncryption
78:58:0d:f9:e0:a3:7b:0e:7f:db:ac:2e:0f:eb:15:c6:69:9b:
bf:7a:18:bf:1d:7e:4d:ba:1c:dc:af:9f:14:64:ed:79:7f:b1:
5b:6f:0a:9c:6f:25:66:4b:37:05:5d:63:f8:91:bb:2a:94:a1:
58:87:fe:2a:9a:18:16:18:f5:1f:ba:01:18:c4:78:79:0f:3c:
8d:64:13:8b:31:0c:4b:d0:ad:ce:b5:63:1b:88:b7:10:db:d8:
14:85:4d:0a:e0:c3:92:fd:cb:56:51:25:c8:1b:67:77:36:1c:
4b:92:9e:91:be:57:9b:ba:46:41:66:fe:5f:d1:9c:d2:a7:d2:
55:c4:74:a7:85:b7:49:a0:97:d2:b0:a8:a3:12:e9:d7:36:09:
a6:d7:99:ce:69:78:e3:d6:24:30:ab:57:e0:e5:ca:2c:e3:4b:
75:f3:78:00:65:5c:4f:a6:3f:25:76:e8:01:2d:99:a3:93:06:
bf:50:b6:d2:7d:84:a9:97:8d:ae:4d:5c:57:09:5b:72:f1:01:
3e:1c:84:89:ae:8b:7e:a7:1e:5c:8b:e5:09:b8:51:9f:6b:c6:
63:dd:35:b3:2a:9e:d8:49:3a:3c:ac:34:a2:cc:1b:18:83:de:
09:3e:60:e0:f7:84:92:7b:87:f5:45:46:e7:fd:be:a5:a9:21:
95:d9:31:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUB6G4zF/Jubi8UFUv847MWC1VgJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTJaFw0yNTAyMjQwODUzMTJaMDMxMTAvBgNV
BAMTKDFGRTI0MzIxQjk1MjAzNkI0NDA2MDk1RDRDOUZENTY4ODY1OTI5NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR/bTITgbN46tqQk4E0DwGICpa
AvlwXlPZL603/bToYydc+JCgp744tLBcDE9Kyd9K1jpNk/BEUib0nxDxLj9NjDYR
WMuAO8DpTJ5YAue20isxm1fYrbHgIvChqpdDxRnauuCKoo+/jo9CAx6dvRQYHo6T
NcwH4c33TDAcHdpzytQItYtINgl7i/ldMAKibdTCymQOCUk64sQ4QqFzZs3Y1tZF
+pKmfmtlhoNIkVy43z0UqHom5h8ExemOBNrdKM+Kl3wpJsSlmHwVkOgRa6q1EmAZ
pXhK3IuDAVvjeqGaqke5rCiFAh47fL0qdr3vkTdEOJJ17VYmYrqCrlOjrARlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUH+JDIblSA2tEBgldTJ/VaIZZKVcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52MkwDQYJKoZIhvcNAQELBQADggEBAHhYDfngo3sOf9usLg/rFcZpm796GL8d
fk26HNyvnxRk7Xl/sVtvCpxvJWZLNwVdY/iRuyqUoViH/iqaGBYY9R+6ARjEeHkP
PI1kE4sxDEvQrc61YxuItxDb2BSFTQrgw5L9y1ZRJcgbZ3c2HEuSnpG+V5u6RkFm
/l/RnNKn0lXEdKeFt0mgl9KwqKMS6dc2CabXmc5peOPWJDCrV+DlyizjS3XzeABl
XE+mPyV26AEtmaOTBr9QttJ9hKmXja5NXFcJW3LxAT4chImui36nHlyL5Qm4UZ9r
xmPdNbMqnthJOjysNKLMGxiD3gk+YOD3hJJ7h/VFRuf9vqWpIZXZMfE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org