Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
File: 3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa (raw, json)
Hash identifier: aSI+xIDiigHuU+D4zhdWgpoM3eLxYPXi9h1tD+5aySU=
Subject key identifier: 21:EF:ED:8D:1D:71:5C:C7:5B:B7:6D:ED:F4:62:09:72:09:50:BE:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5FDFCC5B62180C6871B4680DA33660E62443CFFD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 136787
IP address blocks: 185.221.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:df:cc:5b:62:18:0c:68:71:b4:68:0d:a3:36:60:e6:24:43:cf:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=21EFED8D1D715CC75BB76DEDF46209720950BE95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8b:7f:5d:79:71:23:ba:13:46:bc:d1:c7:67:
27:bf:1c:52:d6:8a:3c:47:81:cb:ef:6b:47:af:4f:
fb:c6:d5:10:97:54:3b:21:c8:f5:0f:b5:25:ad:5b:
84:00:8e:50:08:1f:08:19:36:7d:01:3d:dc:36:41:
84:4f:78:9b:c3:c1:c0:78:3d:0a:2e:1a:1a:dc:40:
37:16:38:d6:4a:7b:03:95:d4:a4:d5:ff:ab:7c:ab:
5a:f1:d0:a0:3d:bf:81:f5:23:a5:e9:0d:e4:06:3f:
4a:65:b8:5b:8f:ed:a7:bb:dc:d9:67:3b:a5:6c:84:
cf:a0:c7:04:32:9c:6d:7d:31:c6:85:bd:78:cd:a2:
d3:9d:b7:fc:f9:46:69:8b:b0:c6:d4:9b:f6:ec:ea:
9c:0c:a8:34:53:6e:bc:41:ab:2f:c8:74:3c:f1:cd:
9d:60:cf:ed:3d:30:f0:94:e7:00:78:a0:92:81:a5:
f4:63:4a:d4:39:c0:47:19:67:d6:5f:c2:40:71:31:
ed:53:c5:45:ab:47:57:db:38:82:3e:be:e9:f8:7f:
22:63:ed:5e:54:51:3a:b3:e7:89:1a:17:63:3e:2d:
72:b7:5d:9e:56:de:4f:2c:22:8b:0a:f6:b9:7c:d2:
55:d2:e6:f7:81:09:03:41:5f:2e:38:fa:32:71:5e:
55:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EF:ED:8D:1D:71:5C:C7:5B:B7:6D:ED:F4:62:09:72:09:50:BE:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133342e302f32332d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.134.0/23
Signature Algorithm: sha256WithRSAEncryption
50:98:97:84:20:b6:19:4e:2e:58:c3:1d:08:d4:bf:bc:dc:0a:
94:f2:b1:4f:8d:cb:d5:59:b8:83:ec:63:96:02:94:bd:cc:47:
74:d5:d3:d1:31:61:bc:11:dd:5e:98:e8:c0:35:a5:49:b0:0b:
93:4e:41:ff:6b:b6:38:3d:41:c0:42:a8:d0:53:58:29:76:29:
7e:d6:e5:bd:3b:05:ea:3b:29:a7:1c:ea:d0:e8:8d:f1:dc:5e:
2d:6e:97:d5:3f:a1:45:85:ed:6c:d3:5d:c1:10:27:7a:f1:d6:
e1:d9:f4:d9:c2:c1:fb:51:ee:8e:56:18:2f:eb:ed:ad:b8:a0:
87:17:21:f1:0e:0b:dd:66:fd:f6:4c:2c:26:fc:c4:8e:53:ae:
a6:e4:e4:0d:c7:87:bb:c7:ee:0a:f1:a1:7b:12:15:a4:2f:76:
f4:18:67:6e:03:a1:b2:dd:ae:83:ab:17:50:9b:aa:71:19:ca:
19:0f:8e:2d:4e:fc:e9:3c:ef:77:64:b1:38:1a:e0:1b:2f:d5:
59:e4:ce:b2:21:5e:df:58:f5:fa:0e:2f:6a:8e:b2:07:c3:3a:
96:ca:01:74:fb:80:e7:da:8f:c8:f4:17:c1:76:12:47:67:8b:
7e:ee:70:46:d9:07:b2:ea:e0:18:ea:0e:e8:df:5e:65:c4:71:
26:76:a2:6e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUX9/MW2IYDGhxtGgNozZg5iRDz/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKDIxRUZFRDhEMUQ3MTVDQzc1QkI3NkRFREY0NjIwOTcyMDk1MEJFOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCri39deXEjuhNGvNHHZye/HFLW
ijxHgcvva0evT/vG1RCXVDshyPUPtSWtW4QAjlAIHwgZNn0BPdw2QYRPeJvDwcB4
PQouGhrcQDcWONZKewOV1KTV/6t8q1rx0KA9v4H1I6XpDeQGP0pluFuP7ae73Nln
O6VshM+gxwQynG19McaFvXjNotOdt/z5RmmLsMbUm/bs6pwMqDRTbrxBqy/IdDzx
zZ1gz+09MPCU5wB4oJKBpfRjStQ5wEcZZ9ZfwkBxMe1TxUWrR1fbOII+vun4fyJj
7V5UUTqz54kaF2M+LXK3XZ5W3k8sIosK9rl80lXS5veBCQNBXy44+jJxXlUDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIe/tjR1xXMdbt23t9GIJcglQvpUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzEyZTMx
MzMzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbndhjANBgkqhkiG9w0BAQsFAAOCAQEAUJiXhCC2GU4uWMMdCNS/vNwKlPKx
T43L1Vm4g+xjlgKUvcxHdNXT0TFhvBHdXpjowDWlSbALk05B/2u2OD1BwEKo0FNY
KXYpftblvTsF6jsppxzq0OiN8dxeLW6X1T+hRYXtbNNdwRAnevHW4dn02cLB+1Hu
jlYYL+vtrbighxch8Q4L3Wb99kwsJvzEjlOupuTkDceHu8fuCvGhexIVpC929Bhn
bgOhst2ug6sXUJuqcRnKGQ+OLU786Tzvd2SxOBrgGy/VWeTOsiFe31j1+g4vao6y
B8M6lsoBdPuA59qPyPQXwXYSR2eLfu5wRtkHsurgGOoO6N9eZcRxJnaibg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org