Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: t0AgIzP1E/fB1AgkO4xBUhjGKuLmzEZmwEzVEsZHmDU=
Subject key identifier: D8:7C:15:29:50:78:FD:D7:A1:7B:AC:5D:49:ED:17:67:F6:E0:2D:CC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5EBDAC27AA669EDDDC3739CF15B40EF9B4AB5E0D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 14 Jun 2024 09:10:01 +0000
ROA not before: Fri 14 Jun 2024 09:05:01 +0000
ROA not after: Fri 13 Jun 2025 09:10:01 +0000
asID: 212238
IP address blocks: 185.219.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bd:ac:27:aa:66:9e:dd:dc:37:39:cf:15:b4:0e:f9:b4:ab:5e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 14 09:05:01 2024 GMT
Not After : Jun 13 09:10:01 2025 GMT
Subject: CN=D87C15295078FDD7A17BAC5D49ED1767F6E02DCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e3:27:51:ea:ce:69:03:6e:f2:32:2b:03:91:
cc:68:76:46:e5:fd:da:26:7f:09:35:5b:43:5a:98:
93:71:75:4f:30:4e:ff:b6:59:75:6e:ae:5f:0b:5e:
6e:e6:4e:ca:d6:3e:36:69:23:b1:8c:96:eb:45:5d:
49:97:62:a6:b1:5e:26:2b:d2:e9:0e:47:23:02:6f:
16:7f:ae:2d:e7:3b:cb:cf:a8:69:d8:56:dd:ea:c7:
4d:6e:c0:ce:cf:08:ed:dc:66:d4:80:cb:c0:3c:21:
13:ff:26:2b:2c:42:46:89:e7:d1:49:f4:92:21:4e:
c0:26:28:55:ba:c4:cf:37:13:5e:62:04:76:53:42:
24:9a:02:d0:23:a0:19:32:dc:8a:ef:3a:df:15:da:
c4:1b:c1:ad:cd:6d:e9:3d:f6:62:64:87:c9:98:8b:
a3:8e:28:f9:24:04:0a:ec:b6:fb:96:bc:ba:a9:c7:
66:7b:4d:91:18:11:32:4c:98:e9:f5:d1:f1:6f:c6:
b3:2d:14:da:c7:6b:fb:ff:be:4c:cd:b7:30:41:b3:
fc:56:6a:1d:ac:24:db:48:a3:42:e6:aa:26:72:c9:
7c:44:61:5a:d4:be:56:43:bd:0a:66:74:cf:b8:a1:
18:70:85:82:76:dd:76:76:7b:ad:e1:a0:70:7d:10:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7C:15:29:50:78:FD:D7:A1:7B:AC:5D:49:ED:17:67:F6:E0:2D:CC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.140.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2e:9f:7b:d6:f2:2c:59:77:ff:5f:01:78:61:2b:fa:26:21:
fa:fb:35:ea:d4:7d:55:00:ba:5f:97:a6:4e:7b:b3:f3:10:60:
a0:e3:d6:15:5d:21:75:7b:fe:2b:5e:8c:71:7e:58:f9:31:b6:
44:1a:09:50:ba:df:62:cf:c3:9c:3f:23:07:f0:c2:88:8c:37:
28:50:27:b2:ab:97:df:0d:81:1c:31:13:57:64:f5:73:d7:80:
1d:dc:ed:7d:d6:b8:4c:05:59:83:70:aa:d0:73:54:df:e7:2b:
98:27:28:7f:a4:7c:85:19:25:34:7c:bb:15:df:55:9e:72:af:
76:c4:c9:49:36:27:0a:88:d7:1f:aa:74:bb:37:c0:2b:a5:90:
b1:1a:67:a4:af:74:c3:fb:df:36:b3:d2:11:11:30:aa:4a:d7:
74:0b:60:cd:17:61:1f:80:ee:7b:9e:5c:7a:52:83:ed:40:73:
ed:94:b3:c3:aa:33:fd:8b:97:7b:18:9c:75:5e:90:74:fa:97:
37:18:07:cb:39:fc:5e:03:94:48:18:13:fb:cc:db:c7:83:10:
3e:ec:f5:c8:a0:bb:01:56:b5:e0:bb:9c:6d:e0:b7:20:42:09:
72:95:a3:f5:f0:59:9e:97:50:4c:b8:4e:db:bc:e9:91:70:d4:
e1:2e:0e:77
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXr2sJ6pmnt3cNznPFbQO+bSrXg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTQwOTA1MDFaFw0yNTA2MTMwOTEwMDFaMDMxMTAvBgNV
BAMTKEQ4N0MxNTI5NTA3OEZERDdBMTdCQUM1RDQ5RUQxNzY3RjZFMDJEQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE4ydR6s5pA27yMisDkcxodkbl
/domfwk1W0NamJNxdU8wTv+2WXVurl8LXm7mTsrWPjZpI7GMlutFXUmXYqaxXiYr
0ukORyMCbxZ/ri3nO8vPqGnYVt3qx01uwM7PCO3cZtSAy8A8IRP/JissQkaJ59FJ
9JIhTsAmKFW6xM83E15iBHZTQiSaAtAjoBky3IrvOt8V2sQbwa3Nbek99mJkh8mY
i6OOKPkkBArstvuWvLqpx2Z7TZEYETJMmOn10fFvxrMtFNrHa/v/vkzNtzBBs/xW
ah2sJNtIo0LmqiZyyXxEYVrUvlZDvQpmdM+4oRhwhYJ23XZ2e63hoHB9EPERAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2HwVKVB4/dehe6xdSe0XZ/bgLcwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnbjDANBgkqhkiG9w0BAQsFAAOCAQEAQC6fe9byLFl3/18BeGEr+iYh+vs1
6tR9VQC6X5emTnuz8xBgoOPWFV0hdXv+K16McX5Y+TG2RBoJULrfYs/DnD8jB/DC
iIw3KFAnsquX3w2BHDETV2T1c9eAHdztfda4TAVZg3Cq0HNU3+crmCcof6R8hRkl
NHy7Fd9VnnKvdsTJSTYnCojXH6p0uzfAK6WQsRpnpK90w/vfNrPSEREwqkrXdAtg
zRdhH4Due55celKD7UBz7ZSzw6oz/YuXexicdV6QdPqXNxgHyzn8XgOUSBgT+8zb
x4MQPuz1yKC7AVa14LucbeC3IEIJcpWj9fBZnpdQTLhO27zpkXDU4S4Odw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org