Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
File: 3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 3/kZ30rWdHmc5lcspaYFfIa+6TIzwstG1tH1uHrPls8=
Subject key identifier: 5D:36:16:D2:2A:12:49:D7:4E:59:15:F0:89:E5:73:51:21:CD:10:76
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 595F30515761BE0A5BC76A1233635459DC7A7EF8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 51167
IP address blocks: 185.219.142.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:5f:30:51:57:61:be:0a:5b:c7:6a:12:33:63:54:59:dc:7a:7e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=5D3616D22A1249D74E5915F089E5735121CD1076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:52:99:8e:a3:1d:13:47:6e:bc:e1:66:e7:7a:
50:cd:54:a5:a2:31:48:1a:20:e7:8c:19:fc:df:8e:
1e:ca:7d:f1:38:e9:da:a0:24:5e:58:bd:16:05:b6:
be:de:70:18:a7:de:9d:37:c4:c5:e8:92:97:34:87:
12:96:51:a4:6c:0e:39:e8:ca:34:bf:f5:77:43:62:
75:b0:d0:09:5d:7e:ff:f2:97:e5:77:a8:0f:7e:ca:
38:5d:df:96:29:ba:60:61:6d:bb:7d:b3:d5:93:88:
63:f0:dc:fa:f1:c2:28:c7:e1:bf:24:01:5f:85:fa:
55:13:82:73:76:39:8e:81:cf:cf:f8:11:4e:f9:7b:
66:56:f7:4a:3b:6d:d0:36:ef:30:75:91:3b:b6:74:
3b:c5:a2:0d:9e:b6:ce:80:4e:07:d1:24:4b:b7:2d:
f4:37:c4:2a:40:6f:db:5f:87:ce:46:ce:4c:85:0e:
69:94:26:00:75:93:03:c7:01:76:41:01:b7:61:51:
56:eb:19:02:2c:25:ee:53:62:70:b3:38:26:13:08:
ff:56:4e:6a:6a:1a:bd:5d:b5:88:b3:e9:58:ae:c2:
dd:c5:33:45:b7:8c:47:5d:59:61:ec:b3:43:6d:f4:
b8:c1:16:be:32:24:f2:09:a5:57:2f:9b:b0:1a:da:
b7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:36:16:D2:2A:12:49:D7:4E:59:15:F0:89:E5:73:51:21:CD:10:76
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.142.0/24
Signature Algorithm: sha256WithRSAEncryption
70:3c:40:5e:ae:e6:1d:1c:11:83:71:ef:2f:bd:e9:0c:ca:b2:
de:4c:6f:5b:bf:35:c5:34:91:2a:ac:5f:19:4c:65:bc:31:78:
35:8e:c9:f5:cd:41:ea:c1:92:56:07:3b:64:13:c6:da:93:4e:
16:b9:69:d0:8e:a3:bb:df:a6:59:30:5b:5f:af:cf:41:b8:d0:
23:9d:0c:ba:93:01:d9:b1:56:b7:25:93:6c:e0:d8:53:06:40:
e7:f9:77:a8:13:db:7c:70:c2:b0:35:53:a4:30:7e:09:e3:a1:
65:88:e5:b3:c2:92:1f:52:5d:2d:8f:f3:a7:0d:0a:b5:fa:dd:
bc:8d:fa:6a:c4:b6:8e:5f:81:13:17:38:74:c5:34:2f:83:73:
b7:e0:1a:83:a4:45:06:00:cb:83:66:e4:eb:cc:c1:82:65:d0:
23:f9:52:4d:71:16:8b:6b:09:a3:83:f7:76:15:11:48:65:52:
35:86:93:05:59:67:23:f1:80:55:cd:46:0d:4d:08:49:1c:d5:
c3:19:35:2c:8d:04:8b:e1:9c:8f:8c:9b:c5:17:98:63:74:52:
65:f4:33:03:89:d5:da:11:77:dd:b4:79:a8:31:2c:2e:0f:0f:
05:dd:65:65:c5:8e:80:c8:b7:f6:95:e3:7b:a9:58:58:ed:50:
ed:a4:63:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWV8wUVdhvgpbx2oSM2NUWdx6fvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKDVEMzYxNkQyMkExMjQ5RDc0RTU5MTVGMDg5RTU3MzUxMjFDRDEwNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsUpmOox0TR2684WbnelDNVKWi
MUgaIOeMGfzfjh7KffE46dqgJF5YvRYFtr7ecBin3p03xMXokpc0hxKWUaRsDjno
yjS/9XdDYnWw0Aldfv/yl+V3qA9+yjhd35YpumBhbbt9s9WTiGPw3PrxwijH4b8k
AV+F+lUTgnN2OY6Bz8/4EU75e2ZW90o7bdA27zB1kTu2dDvFog2ets6ATgfRJEu3
LfQ3xCpAb9tfh85GzkyFDmmUJgB1kwPHAXZBAbdhUVbrGQIsJe5TYnCzOCYTCP9W
TmpqGr1dtYiz6Viuwt3FM0W3jEddWWHss0Nt9LjBFr4yJPIJpVcvm7Aa2rdBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXTYW0ioSSddOWRXwieVzUSHNEHYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5244wDQYJKoZIhvcNAQELBQADggEBAHA8QF6u5h0cEYNx7y+96QzKst5Mb1u/
NcU0kSqsXxlMZbwxeDWOyfXNQerBklYHO2QTxtqTTha5adCOo7vfplkwW1+vz0G4
0COdDLqTAdmxVrclk2zg2FMGQOf5d6gT23xwwrA1U6QwfgnjoWWI5bPCkh9SXS2P
86cNCrX63byN+mrEto5fgRMXOHTFNC+Dc7fgGoOkRQYAy4Nm5OvMwYJl0CP5Uk1x
FotrCaOD93YVEUhlUjWGkwVZZyPxgFXNRg1NCEkc1cMZNSyNBIvhnI+Mm8UXmGN0
UmX0MwOJ1doRd920eagxLC4PDwXdZWXFjoDIt/aV43upWFjtUO2kY2A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org