Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: O1u1Qb5OSytK4gtidOH0IXADRdybekrlidR6JDd4qCI=
Subject key identifier: 5F:F5:C5:4B:21:AE:8A:C5:5A:61:19:1C:E4:97:FB:8A:E0:F9:79:8B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E251A283A464C2F1FC95C639DF535CD93A32D71
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:18 +0000
ROA not before: Sun 27 Oct 2024 20:00:18 +0000
ROA not after: Sun 26 Oct 2025 20:05:18 +0000
asID: 136787
IP address blocks: 185.222.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:25:1a:28:3a:46:4c:2f:1f:c9:5c:63:9d:f5:35:cd:93:a3:2d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:18 2024 GMT
Not After : Oct 26 20:05:18 2025 GMT
Subject: CN=5FF5C54B21AE8AC55A61191CE497FB8AE0F9798B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:86:8b:6c:c7:47:7f:c9:78:38:f1:98:95:9f:
1c:1e:04:5b:b0:04:05:9e:f4:10:7f:44:f2:9a:4b:
24:65:e4:cd:a8:ac:6c:eb:d6:15:5b:ad:80:db:5e:
b0:05:2f:b1:96:ee:18:d7:ed:b1:14:cb:1e:c7:16:
e0:ba:1f:7a:e0:62:74:03:bd:18:a7:88:9e:24:13:
b5:3a:93:b1:d7:86:b2:8e:fe:ed:80:3b:9e:ac:d0:
f5:85:36:1c:37:87:5d:4b:19:74:6e:64:c5:43:80:
a5:b9:5e:6e:ed:ab:c3:e2:bd:d0:a4:35:e7:a0:7d:
62:bb:30:2d:f2:9e:fe:1d:4a:e0:c4:fc:1d:b9:5c:
f6:94:1d:dd:d7:92:fe:e3:19:e8:a3:0d:0c:02:a0:
03:2e:3e:ac:3c:3b:53:4d:40:7b:d1:ff:aa:b7:91:
8a:59:db:2f:bc:74:66:36:71:b5:0b:e8:62:09:2e:
b2:a9:10:1e:b1:e6:7e:c7:93:01:7f:e7:1e:0c:93:
7e:4c:61:09:c4:9a:1f:34:16:1d:0e:11:09:d2:76:
2d:69:9b:5d:57:d9:20:09:96:44:a2:20:cd:64:b5:
32:3f:1b:62:de:0d:d9:8c:47:c1:16:41:5e:41:de:
be:ef:5d:c0:95:66:4b:f0:bf:73:7c:c2:f8:7b:8c:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F5:C5:4B:21:AE:8A:C5:5A:61:19:1C:E4:97:FB:8A:E0:F9:79:8B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.136.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1e:77:4c:93:2f:84:e8:1d:23:59:4a:09:7a:f7:3a:94:51:
50:2f:df:fb:77:d1:1d:3e:47:ef:cf:71:21:ec:9c:ee:44:03:
16:01:ed:7c:b8:49:bc:db:4b:39:ec:8a:18:13:8e:7e:cc:36:
f0:af:17:f8:5b:2c:9e:20:d3:c5:ff:00:24:32:6a:99:12:5b:
e9:bc:d3:df:c4:89:d4:1d:14:b1:22:fe:52:76:5b:ea:e9:a7:
fc:7a:4b:0f:5c:c9:6e:a7:e8:21:41:8d:af:db:ab:12:d1:7d:
7b:26:19:05:fd:c0:47:11:ea:15:81:1e:29:2b:27:c1:1a:64:
5e:67:e1:ea:38:fe:db:b7:ce:27:2d:28:e2:8d:52:3c:a2:5a:
f3:ab:c3:a5:b7:8f:c4:a5:a7:ab:4c:18:90:ff:ed:03:02:ce:
f0:25:14:26:c1:2a:a2:f6:9d:67:d5:3c:bb:df:bc:c6:35:86:
78:1b:fd:47:cd:1d:d3:10:4f:31:46:92:d1:57:ec:21:df:c3:
06:9f:5c:81:d8:ce:c6:95:c3:9e:85:65:09:e2:78:72:38:40:
3d:67:c9:65:b3:a5:88:50:29:b5:4e:8c:be:c2:39:3d:b9:9e:
b0:16:06:dc:01:38:f8:c2:45:6c:fb:af:8c:96:c1:e7:40:73:
e2:56:52:b0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDiUaKDpGTC8fyVxjnfU1zZOjLXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMThaFw0yNTEwMjYyMDA1MThaMDMxMTAvBgNV
BAMTKDVGRjVDNTRCMjFBRThBQzU1QTYxMTkxQ0U0OTdGQjhBRTBGOTc5OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEhotsx0d/yXg48ZiVnxweBFuw
BAWe9BB/RPKaSyRl5M2orGzr1hVbrYDbXrAFL7GW7hjX7bEUyx7HFuC6H3rgYnQD
vRiniJ4kE7U6k7HXhrKO/u2AO56s0PWFNhw3h11LGXRuZMVDgKW5Xm7tq8PivdCk
NeegfWK7MC3ynv4dSuDE/B25XPaUHd3Xkv7jGeijDQwCoAMuPqw8O1NNQHvR/6q3
kYpZ2y+8dGY2cbUL6GIJLrKpEB6x5n7HkwF/5x4Mk35MYQnEmh80Fh0OEQnSdi1p
m11X2SAJlkSiIM1ktTI/G2LeDdmMR8EWQV5B3r7vXcCVZkvwv3N8wvh7jPnbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUX/XFSyGuisVaYRkc5Jf7iuD5eYswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALneiDANBgkqhkiG9w0BAQsFAAOCAQEACh53TJMvhOgdI1lKCXr3OpRRUC/f
+3fRHT5H789xIeyc7kQDFgHtfLhJvNtLOeyKGBOOfsw28K8X+FssniDTxf8AJDJq
mRJb6bzT38SJ1B0UsSL+UnZb6umn/HpLD1zJbqfoIUGNr9urEtF9eyYZBf3ARxHq
FYEeKSsnwRpkXmfh6jj+27fOJy0o4o1SPKJa86vDpbePxKWnq0wYkP/tAwLO8CUU
JsEqovadZ9U8u9+8xjWGeBv9R80d0xBPMUaS0VfsId/DBp9cgdjOxpXDnoVlCeJ4
cjhAPWfJZbOliFAptU6MvsI5PbmesBYG3AE4+MJFbPuvjJbB50Bz4lZSsA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:17 2025 by rpki-client