Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
File: 3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: m35L6p6VySHzhH6PZl8r+Qbaa3SYdke9Xa1A1Gry2TI=
Subject key identifier: 57:AA:FA:07:06:70:02:60:3B:F7:9F:45:AE:4B:FD:72:E6:E2:31:AC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D1E22ABF75D8A232FA1D862835332D90693C6C7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:51 +0000
ROA not before: Fri 20 Sep 2024 13:59:51 +0000
ROA not after: Fri 19 Sep 2025 14:04:51 +0000
asID: 51167
IP address blocks: 185.217.125.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:1e:22:ab:f7:5d:8a:23:2f:a1:d8:62:83:53:32:d9:06:93:c6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:51 2024 GMT
Not After : Sep 19 14:04:51 2025 GMT
Subject: CN=57AAFA07067002603BF79F45AE4BFD72E6E231AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:b5:2f:c2:81:6b:66:38:96:34:dc:76:10:
71:1c:2f:d4:4f:ea:64:48:71:6d:53:e0:a8:b5:da:
f4:ff:68:21:86:6a:49:b7:40:ed:c5:df:bb:18:af:
2b:ce:6e:00:07:c1:8f:f7:80:9b:f2:2a:d6:f0:9c:
39:be:71:05:a2:d0:ac:63:26:2d:e8:2a:22:82:5f:
7a:4c:4b:f9:95:f3:94:d3:61:0c:ba:19:3b:ab:cb:
35:b2:85:3a:e0:fb:c6:09:a1:26:f9:20:1f:e8:93:
39:c0:c4:2a:e4:a8:71:72:1c:1c:6d:35:dd:b5:2c:
91:3b:a0:46:45:ca:f9:a9:53:2d:36:89:9d:21:4e:
4e:ec:97:86:c3:32:f6:b5:98:bc:3c:4a:c3:77:dd:
ea:b9:36:4a:9d:16:bb:a7:e5:27:dd:fa:91:b6:fc:
09:02:22:5d:9d:f6:04:0d:0f:ec:3a:b1:88:03:f3:
16:c5:35:8b:a9:82:6b:01:5a:ed:40:b4:fe:6b:54:
c9:6a:61:1f:36:b4:5a:27:f6:f6:92:f9:f3:1b:09:
84:fe:9f:fe:8a:32:6f:c5:56:76:11:69:fe:a4:ce:
97:4f:0d:57:3c:50:d6:39:a7:86:15:15:32:26:35:
68:2d:15:35:c2:b8:ec:ac:9f:a0:ff:bb:e5:2e:f0:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AA:FA:07:06:70:02:60:3B:F7:9F:45:AE:4B:FD:72:E6:E2:31:AC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.125.0/24
Signature Algorithm: sha256WithRSAEncryption
24:d1:b8:92:af:54:10:ce:69:cc:df:91:21:9a:18:e2:53:e3:
a0:fb:38:6a:7c:c0:6e:14:2d:fe:91:92:54:36:37:8b:e8:50:
fa:05:58:90:84:1d:36:2e:f2:c2:29:3a:d8:b1:df:9b:39:54:
f8:85:c2:20:c4:c2:3d:16:20:94:01:91:63:5b:2d:7e:a2:62:
9b:4d:53:08:8c:38:9a:13:4b:b6:ce:ef:fb:65:08:ae:c5:3b:
87:b1:ba:47:31:f6:55:c0:5e:b5:83:cd:c9:87:d1:82:53:4b:
da:08:37:df:c2:84:4b:e1:3c:37:84:f8:c9:c2:83:96:c8:5a:
e3:46:82:21:6b:f7:1a:ae:87:f9:85:90:5b:84:f2:7b:aa:18:
41:3d:93:eb:a4:a6:a5:f7:12:d8:0e:89:7b:b7:12:6d:6b:29:
ba:96:2d:f5:a1:44:f3:ff:60:36:61:d9:f3:bc:78:d9:69:d8:
c0:c5:08:6d:2a:61:1b:a6:6d:09:29:a9:b6:97:91:a0:1c:31:
a2:eb:9f:e3:60:e3:29:d8:90:26:d9:cb:af:32:a7:f3:40:81:
0f:c7:9f:51:cb:8a:37:65:6e:23:c5:93:88:9d:1f:5b:f7:83:
a8:35:c7:2f:6e:01:9f:68:ae:2b:ab:89:c2:7a:b9:2b:a3:bc:
4c:c1:15:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbR4iq/ddiiMvodhig1My2QaTxscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTFaFw0yNTA5MTkxNDA0NTFaMDMxMTAvBgNV
BAMTKDU3QUFGQTA3MDY3MDAyNjAzQkY3OUY0NUFFNEJGRDcyRTZFMjMxQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj57UvwoFrZjiWNNx2EHEcL9RP
6mRIcW1T4Ki12vT/aCGGakm3QO3F37sYryvObgAHwY/3gJvyKtbwnDm+cQWi0Kxj
Ji3oKiKCX3pMS/mV85TTYQy6GTuryzWyhTrg+8YJoSb5IB/okznAxCrkqHFyHBxt
Nd21LJE7oEZFyvmpUy02iZ0hTk7sl4bDMva1mLw8SsN33eq5NkqdFrun5Sfd+pG2
/AkCIl2d9gQND+w6sYgD8xbFNYupgmsBWu1AtP5rVMlqYR82tFon9vaS+fMbCYT+
n/6KMm/FVnYRaf6kzpdPDVc8UNY5p4YVFTImNWgtFTXCuOysn6D/u+Uu8FhVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUV6r6BwZwAmA7959Frkv9cubiMawwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzIzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52X0wDQYJKoZIhvcNAQELBQADggEBACTRuJKvVBDOaczfkSGaGOJT46D7OGp8
wG4ULf6RklQ2N4voUPoFWJCEHTYu8sIpOtix35s5VPiFwiDEwj0WIJQBkWNbLX6i
YptNUwiMOJoTS7bO7/tlCK7FO4exukcx9lXAXrWDzcmH0YJTS9oIN9/ChEvhPDeE
+MnCg5bIWuNGgiFr9xquh/mFkFuE8nuqGEE9k+ukpqX3EtgOiXu3Em1rKbqWLfWh
RPP/YDZh2fO8eNlp2MDFCG0qYRumbQkpqbaXkaAcMaLrn+Ng4ynYkCbZy68yp/NA
gQ/Hn1HLijdlbiPFk4idH1v3g6g1xy9uAZ9oriuricJ6uSujvEzBFRU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org