Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134312e302f32342d3234203d3e20313437303439.roa
File: 3138352e3231392e3134312e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: b43IYjhAtQjqaPim7GGzf77ep7ACFKyZ4dSVCgGVbmo=
Subject key identifier: 75:3F:7F:04:07:89:8D:A2:14:24:8F:EC:4D:58:42:CB:45:42:47:3D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 507CEC6E830B8FD1807F3C261F48BEA7C729AF51
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134312e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 147049
IP address blocks: 185.219.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:7c:ec:6e:83:0b:8f:d1:80:7f:3c:26:1f:48:be:a7:c7:29:af:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=753F7F0407898DA214248FEC4D5842CB4542473D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bb:00:73:87:5f:ba:61:34:ff:86:bf:0a:69:
14:73:3e:cf:69:45:a1:cb:70:18:9e:1c:7b:d2:be:
8a:df:d8:b8:6f:d4:1b:3f:ac:49:4d:40:d7:f8:cf:
6f:3b:75:44:81:26:f7:99:fc:ef:2a:d9:ca:c9:ae:
b2:ce:bf:f4:23:da:aa:1d:5b:8d:19:a7:8f:24:df:
04:ee:99:61:df:2a:a4:3e:2e:e5:13:24:a2:d5:a6:
b0:a1:e5:29:3e:b6:18:82:77:64:7d:e2:f6:b7:ad:
ab:44:1b:9a:46:21:41:06:4c:9e:cc:91:fa:22:78:
0c:73:73:3c:17:9c:95:46:74:74:ed:1e:c4:62:74:
7c:7c:31:ba:39:7d:ea:6d:ea:f5:17:4c:1b:c2:57:
24:7f:31:15:ea:27:d6:07:3e:48:95:a5:ae:93:da:
44:04:49:82:df:ca:13:0f:a3:69:0e:19:3a:13:c9:
b1:f8:2b:36:fb:42:52:4f:cc:29:a4:c4:95:98:46:
e5:f2:32:14:7d:50:92:93:05:6f:75:2f:01:82:46:
54:d0:89:8e:23:cc:ca:40:d5:97:4a:1a:cb:1d:11:
3e:70:60:e6:58:df:da:e4:fa:e5:52:b3:48:59:45:
bd:1e:3b:9b:45:51:82:20:54:4b:87:90:05:e6:2e:
40:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3F:7F:04:07:89:8D:A2:14:24:8F:EC:4D:58:42:CB:45:42:47:3D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134312e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.141.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9a:9b:ae:73:93:2e:a5:b5:dd:8b:bc:98:1b:c7:61:f3:bf:
e8:43:a6:11:d5:3a:45:0a:f0:e5:8b:1b:e3:d8:f8:e2:32:fd:
a7:83:03:d5:b7:00:65:1d:ac:21:b0:8d:eb:6b:bd:35:b0:75:
f0:e2:91:f2:dd:02:d3:28:01:94:29:75:84:76:7c:f1:56:f1:
13:75:27:ac:a1:5b:ef:d3:9d:0e:93:1c:16:8f:ba:60:1e:25:
d1:09:9a:b6:4f:bf:5b:50:ca:6e:30:dc:a0:f1:19:32:ae:8e:
cd:be:0e:c3:7c:28:10:2b:e2:8f:bb:0d:58:4d:4a:17:f6:cb:
6e:91:ae:56:bf:17:c8:24:45:79:ee:66:0a:ae:3c:93:cf:f5:
13:56:b8:39:80:1f:d7:a6:fa:a5:e1:fd:a0:b0:88:77:a3:f9:
c7:c1:e5:85:d4:f0:a2:b5:76:cc:cf:81:8b:64:84:7c:55:0a:
94:7c:15:84:19:0f:0a:2c:e6:4f:12:c5:a3:64:39:3d:d5:28:
69:73:85:5e:e5:c7:27:0a:01:7e:03:f3:93:4d:31:0d:07:2f:
01:6f:99:6e:97:dd:cd:f5:7c:24:a3:2b:6c:de:1c:66:f2:43:
9b:4c:11:4d:69:37:f1:17:d0:98:e0:b0:63:ff:91:99:3b:99:
5e:03:fc:27
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUHzsboMLj9GAfzwmH0i+p8cpr1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKDc1M0Y3RjA0MDc4OThEQTIxNDI0OEZFQzRENTg0MkNCNDU0MjQ3M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfuwBzh1+6YTT/hr8KaRRzPs9p
RaHLcBieHHvSvorf2Lhv1Bs/rElNQNf4z287dUSBJveZ/O8q2crJrrLOv/Qj2qod
W40Zp48k3wTumWHfKqQ+LuUTJKLVprCh5Sk+thiCd2R94va3ratEG5pGIUEGTJ7M
kfoieAxzczwXnJVGdHTtHsRidHx8Mbo5fept6vUXTBvCVyR/MRXqJ9YHPkiVpa6T
2kQESYLfyhMPo2kOGToTybH4Kzb7QlJPzCmkxJWYRuXyMhR9UJKTBW91LwGCRlTQ
iY4jzMpA1ZdKGssdET5wYOZY39rk+uVSs0hZRb0eO5tFUYIgVEuHkAXmLkBtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdT9/BAeJjaIUJI/sTVhCy0VCRz0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnbjTANBgkqhkiG9w0BAQsFAAOCAQEAGJqbrnOTLqW13Yu8mBvHYfO/6EOm
EdU6RQrw5Ysb49j44jL9p4MD1bcAZR2sIbCN62u9NbB18OKR8t0C0ygBlCl1hHZ8
8VbxE3UnrKFb79OdDpMcFo+6YB4l0Qmatk+/W1DKbjDcoPEZMq6Ozb4Ow3woECvi
j7sNWE1KF/bLbpGuVr8XyCRFee5mCq48k8/1E1a4OYAf16b6peH9oLCId6P5x8Hl
hdTworV2zM+Bi2SEfFUKlHwVhBkPCizmTxLFo2Q5PdUoaXOFXuXHJwoBfgPzk00x
DQcvAW+ZbpfdzfV8JKMrbN4cZvJDm0wRTWk38RfQmOCwY/+RmTuZXgP8Jw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org