Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
File: 3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 3LnRUJXQeC/R7zFywLDtNJSRnIaMrY1yySr+bCkFnOk=
Subject key identifier: 24:6D:5F:8B:9E:9C:DC:68:57:58:3E:8E:A0:A5:CB:31:56:DA:B3:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1FB001C66F22D971C741CAD93BA5298576D3DC25
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:05 +0000
ROA not before: Mon 27 Jan 2025 09:40:05 +0000
ROA not after: Mon 26 Jan 2026 09:45:05 +0000
asID: 136787
IP address blocks: 185.217.170.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:b0:01:c6:6f:22:d9:71:c7:41:ca:d9:3b:a5:29:85:76:d3:dc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:05 2025 GMT
Not After : Jan 26 09:45:05 2026 GMT
Subject: CN=246D5F8B9E9CDC6857583E8EA0A5CB3156DAB36F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:32:0a:f6:4a:9e:5a:6f:1b:4d:1c:86:e4:e5:
93:1a:02:02:f0:aa:15:32:d3:6f:7b:b8:83:26:ae:
41:91:ff:47:6a:a0:f1:c7:fa:3f:db:b5:b7:36:c5:
94:45:fa:13:54:79:0e:78:42:47:e8:99:1d:c7:9f:
2b:25:8d:48:85:b5:1a:80:df:e2:d2:69:bd:e5:82:
6d:0f:e3:e6:e5:dd:c7:e8:a6:ed:a8:9f:52:5d:ab:
b4:f1:f9:2c:5f:1b:21:60:a0:ad:c1:04:51:8a:67:
e5:d9:5e:83:2f:bf:5c:0e:84:1b:46:7c:a5:95:35:
79:45:ca:a1:b9:1c:22:f0:cf:2c:53:f2:44:69:c4:
0c:80:9b:58:8b:37:b6:04:1f:4c:1d:69:08:29:1a:
b7:f8:d2:13:bb:2a:43:2f:c2:12:6c:57:6b:46:99:
31:7c:01:4a:ff:f6:a2:cf:92:82:47:58:d5:14:4c:
70:0c:e8:4a:ba:db:92:6b:d8:2d:65:99:28:69:07:
77:b5:39:fe:4b:05:93:81:95:62:dd:35:8e:10:c3:
e8:c4:ab:61:33:d0:88:cd:20:e4:21:44:b2:3d:e4:
d2:aa:3b:b9:9a:f2:f4:61:6d:00:1f:9b:4d:23:d1:
43:3d:fd:a7:45:c8:64:47:dc:fe:24:38:83:d6:fd:
7d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6D:5F:8B:9E:9C:DC:68:57:58:3E:8E:A0:A5:CB:31:56:DA:B3:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3137302e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:83:8e:b3:e5:42:99:ad:17:89:3b:24:e1:79:9b:88:77:22:
d5:42:f9:fa:e0:85:78:d2:d3:68:4f:30:cd:7c:f1:14:05:31:
e3:22:a7:e4:ab:65:45:76:58:00:f3:fb:92:47:1a:3b:e6:26:
12:d6:6c:91:39:c1:c7:95:34:0c:31:69:93:8c:4f:1a:07:99:
71:36:da:18:c7:45:c8:82:8b:79:3a:d6:65:67:97:e0:b6:84:
c6:3a:9e:14:a8:21:9d:d6:6e:cb:77:17:44:4a:52:e4:46:93:
8f:cc:fb:65:72:51:73:f1:69:56:e2:cf:22:cf:66:84:86:55:
69:ca:61:8d:a6:55:5b:2d:b2:c2:08:0e:b3:8e:b8:a4:28:3f:
a1:9a:33:62:3f:38:88:0c:81:a6:21:6f:ac:b4:a1:9f:dc:70:
e1:c7:43:53:46:69:aa:d1:d0:9f:f8:18:60:9e:0c:94:66:51:
5c:a3:23:b8:c9:0c:21:44:16:b5:32:a3:59:c5:97:94:05:e3:
67:e3:8b:69:3b:3b:34:c9:c4:45:50:09:28:a4:d0:f4:5d:73:
53:0b:42:53:59:ae:13:42:9b:58:c2:29:20:e0:87:f8:aa:db:
54:82:fe:7b:cd:88:4b:ba:27:3b:31:da:ba:db:46:2e:ce:a3:
05:fd:60:bf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUH7ABxm8i2XHHQcrZO6UphXbT3CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDVaFw0yNjAxMjYwOTQ1MDVaMDMxMTAvBgNV
BAMTKDI0NkQ1RjhCOUU5Q0RDNjg1NzU4M0U4RUEwQTVDQjMxNTZEQUIzNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgMgr2Sp5abxtNHIbk5ZMaAgLw
qhUy0297uIMmrkGR/0dqoPHH+j/btbc2xZRF+hNUeQ54QkfomR3HnysljUiFtRqA
3+LSab3lgm0P4+bl3cfopu2on1Jdq7Tx+SxfGyFgoK3BBFGKZ+XZXoMvv1wOhBtG
fKWVNXlFyqG5HCLwzyxT8kRpxAyAm1iLN7YEH0wdaQgpGrf40hO7KkMvwhJsV2tG
mTF8AUr/9qLPkoJHWNUUTHAM6Eq625Jr2C1lmShpB3e1Of5LBZOBlWLdNY4Qw+jE
q2Ez0IjNIOQhRLI95NKqO7ma8vRhbQAfm00j0UM9/adFyGRH3P4kOIPW/X0VAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUJG1fi56c3GhXWD6OoKXLMVbas28wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzczMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqjANBgkqhkiG9w0BAQsFAAOCAQEAfoOOs+VCma0XiTsk4XmbiHci1UL5
+uCFeNLTaE8wzXzxFAUx4yKn5KtlRXZYAPP7kkcaO+YmEtZskTnBx5U0DDFpk4xP
GgeZcTbaGMdFyIKLeTrWZWeX4LaExjqeFKghndZuy3cXREpS5EaTj8z7ZXJRc/Fp
VuLPIs9mhIZVacphjaZVWy2ywggOs464pCg/oZozYj84iAyBpiFvrLShn9xw4cdD
U0ZpqtHQn/gYYJ4MlGZRXKMjuMkMIUQWtTKjWcWXlAXjZ+OLaTs7NMnERVAJKKTQ
9F1zUwtCU1muE0KbWMIpIOCH+KrbVIL+e82IS7onOzHauttGLs6jBf1gvw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:16:13 2025 by rpki-client