Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7UW1btlOsEb6f9xLQSgxibBruXDFteYtFa/N9iowpB4=
Subject key identifier: 81:1C:E8:7C:34:F8:B8:FC:27:1A:D9:52:65:19:BC:2B:4E:F2:6F:73
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 070F4BD442D7D2C1F55238306E6D50D3D312ECB1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 23 Jul 2024 21:04:22 +0000
ROA not before: Tue 23 Jul 2024 20:59:22 +0000
ROA not after: Tue 22 Jul 2025 21:04:22 +0000
asID: 136787
IP address blocks: 185.217.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:0f:4b:d4:42:d7:d2:c1:f5:52:38:30:6e:6d:50:d3:d3:12:ec:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 20:59:22 2024 GMT
Not After : Jul 22 21:04:22 2025 GMT
Subject: CN=811CE87C34F8B8FC271AD9526519BC2B4EF26F73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:17:b4:62:5a:41:11:66:62:f2:6c:81:dd:
98:e3:f8:54:9e:33:6f:53:0b:1f:b3:ae:5b:73:cc:
b1:e7:d1:e3:df:53:03:79:cb:b5:c8:85:2b:0c:73:
93:f9:af:e2:94:66:36:8b:1c:9e:4e:63:d6:e5:7e:
cc:68:28:80:c2:ce:eb:2d:72:5f:19:f8:0d:c7:84:
5a:3e:68:c9:d8:7d:66:0b:2a:be:73:32:6a:3c:03:
71:d1:97:de:8b:b1:9e:da:3f:d5:1d:0e:5b:d9:95:
a1:d4:1c:e4:e2:26:65:5a:58:6e:7d:b0:32:62:55:
cd:22:17:b9:b6:5e:45:0b:dc:94:89:d2:d7:b1:0b:
f1:13:5f:04:f1:db:f0:99:1e:53:59:16:ce:42:10:
66:a9:ba:36:b1:77:10:8c:ac:1e:16:8a:c6:34:5e:
6b:30:38:5a:59:ae:e2:49:cc:0c:c9:50:f9:22:d5:
a0:6d:b1:16:9f:38:7a:6e:b6:92:8b:a6:d4:b1:ac:
61:61:91:12:09:d7:9d:4f:e3:13:9d:ac:cc:0d:c0:
6c:f3:40:d8:8e:59:77:98:7f:55:b7:10:e8:f7:69:
3f:bf:34:ee:08:3e:d8:42:da:bb:33:7c:9b:e2:4c:
c5:c7:35:72:24:dc:09:47:a4:c3:ac:eb:ae:c2:f5:
46:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1C:E8:7C:34:F8:B8:FC:27:1A:D9:52:65:19:BC:2B:4E:F2:6F:73
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.168.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:06:b0:90:44:f0:12:2f:6b:a7:5c:aa:ff:8b:ba:38:76:f2:
60:49:5e:c3:84:0a:39:66:ec:be:a1:e4:1c:1a:78:5b:d6:04:
84:fa:70:e0:33:86:6c:3b:a3:82:74:09:cd:ea:e5:96:2b:eb:
28:70:84:26:73:81:57:42:ee:80:5e:21:03:db:2c:cc:b4:1c:
95:b7:59:1e:38:0c:7f:ef:1c:df:d8:08:2d:bf:31:d8:e4:1c:
94:ac:4a:2f:b9:c0:58:43:a8:68:a6:bf:a6:63:f1:77:80:b2:
9f:d0:54:80:f9:09:29:66:73:77:91:78:45:80:b4:72:f7:47:
88:e6:7e:61:2e:b3:bc:b6:29:a7:bc:bf:04:bb:49:7f:41:58:
03:c9:17:8c:da:f8:1a:56:c2:d7:0e:f0:8c:77:b3:96:c5:a2:
8d:e4:bd:00:a1:25:cf:33:cf:25:0f:8a:84:80:07:b5:d0:86:
99:e9:1b:54:ed:5c:24:c0:de:90:f2:e0:87:e2:33:58:e3:32:
f3:8e:45:0a:47:90:89:f9:7c:df:29:82:0a:06:4b:c7:a8:5b:
33:9c:81:27:5f:71:da:2b:52:db:bf:ae:12:fa:b9:92:ff:3b:
31:94:85:63:b4:9c:ac:87:32:7f:c6:f5:fe:57:23:e0:75:98:
42:44:e1:fe
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBw9L1ELX0sH1Ujgwbm1Q09MS7LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MjMyMDU5MjJaFw0yNTA3MjIyMTA0MjJaMDMxMTAvBgNV
BAMTKDgxMUNFODdDMzRGOEI4RkMyNzFBRDk1MjY1MTlCQzJCNEVGMjZGNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHdhe0YlpBEWZi8myB3Zjj+FSe
M29TCx+zrltzzLHn0ePfUwN5y7XIhSsMc5P5r+KUZjaLHJ5OY9blfsxoKIDCzust
cl8Z+A3HhFo+aMnYfWYLKr5zMmo8A3HRl96LsZ7aP9UdDlvZlaHUHOTiJmVaWG59
sDJiVc0iF7m2XkUL3JSJ0texC/ETXwTx2/CZHlNZFs5CEGapujaxdxCMrB4WisY0
XmswOFpZruJJzAzJUPki1aBtsRafOHputpKLptSxrGFhkRIJ151P4xOdrMwNwGzz
QNiOWXeYf1W3EOj3aT+/NO4IPthC2rszfJviTMXHNXIk3AlHpMOs667C9UYbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUgRzofDT4uPwnGtlSZRm8K07yb3MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqDANBgkqhkiG9w0BAQsFAAOCAQEAfQawkETwEi9rp1yq/4u6OHbyYEle
w4QKOWbsvqHkHBp4W9YEhPpw4DOGbDujgnQJzerllivrKHCEJnOBV0LugF4hA9ss
zLQclbdZHjgMf+8c39gILb8x2OQclKxKL7nAWEOoaKa/pmPxd4Cyn9BUgPkJKWZz
d5F4RYC0cvdHiOZ+YS6zvLYpp7y/BLtJf0FYA8kXjNr4GlbC1w7wjHezlsWijeS9
AKElzzPPJQ+KhIAHtdCGmekbVO1cJMDekPLgh+IzWOMy845FCkeQifl83ymCCgZL
x6hbM5yBJ19x2itS27+uEvq5kv87MZSFY7ScrIcyf8b1/lcj4HWYQkTh/g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org