Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EgSIneLAfEKZJBpRjTchrawqQfGpuQ4zJymvy9pu9eo=
Subject key identifier: 04:49:EA:09:AD:BA:4B:E6:C5:AE:D4:29:EB:36:1C:91:00:09:AC:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 371AC519EAEF1890C9983FD7F219C525171C366F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 185.222.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:1a:c5:19:ea:ef:18:90:c9:98:3f:d7:f2:19:c5:25:17:1c:36:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=0449EA09ADBA4BE6C5AED429EB361C910009ACB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:80:39:21:01:5b:57:6c:98:14:62:6d:40:
e0:1b:3c:80:65:b8:b2:99:1b:98:40:f6:ac:ea:0f:
9f:c5:ee:d6:06:27:a5:59:b4:d2:3c:16:44:05:0b:
f3:4a:ee:6b:7e:e7:c9:80:78:6e:fa:7d:f3:f8:a6:
36:48:c9:bf:9a:2d:d2:c5:38:91:f9:91:f3:4e:99:
6b:f3:2d:af:eb:c2:32:47:16:de:37:f9:cb:47:61:
d4:ab:29:c1:5d:60:80:9e:be:f9:7c:00:17:88:eb:
56:9b:4e:64:37:77:74:92:99:d3:6f:f9:da:74:b9:
dc:e8:03:b8:ba:bc:ea:a5:01:0e:1c:e0:17:d7:77:
43:c8:75:a9:86:cf:3c:05:e1:f3:fd:f0:2f:4e:1d:
85:35:5c:a2:93:30:7f:2b:fb:23:d2:cd:e2:9f:7c:
4a:d5:ef:ea:90:e3:0b:af:68:15:e8:1b:c4:6f:5b:
66:0c:9b:5c:d1:73:b3:28:16:1c:1a:07:a2:3d:8a:
22:27:46:4e:e2:2b:d3:76:9e:fa:41:47:e2:a5:f3:
dd:94:05:ce:f1:45:a1:c2:2f:3d:bb:cd:32:66:9e:
50:92:47:9f:03:61:66:50:8e:1e:19:03:54:c8:06:
97:52:4a:9c:38:d0:60:03:42:9e:02:a5:12:ea:3f:
3d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:49:EA:09:AD:BA:4B:E6:C5:AE:D4:29:EB:36:1C:91:00:09:AC:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.137.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:96:ff:f3:c5:a2:7e:ac:8b:61:1f:db:da:17:7e:bd:42:36:
a3:96:82:32:75:6a:9e:33:17:7d:03:77:49:aa:39:bc:86:5e:
8a:88:b0:81:2a:d6:84:1f:5d:f8:c9:22:8d:25:c5:7e:a2:33:
a8:23:9e:94:4a:86:6c:dc:5e:b2:94:18:b2:61:5f:9e:3f:f0:
34:9d:7e:99:f9:58:97:38:f5:82:ae:97:62:dc:6f:06:c9:fc:
23:e2:d8:b5:c5:10:c9:73:e1:fd:ab:ce:d9:48:d1:d0:3c:f4:
51:aa:14:22:82:bf:3d:f4:83:d4:db:4b:08:36:bb:65:8b:2f:
ea:02:9d:ba:a6:94:60:17:39:15:a0:48:d1:ed:01:16:66:32:
1c:8e:83:da:88:86:47:c7:e9:31:c6:84:64:74:a0:00:27:b3:
e0:be:8d:94:e9:73:6b:d2:de:ed:79:e6:36:22:4c:4e:97:15:
81:9d:e3:45:fa:31:80:ef:a9:4c:b9:a7:56:09:7a:57:17:e6:
05:3c:16:43:f3:ad:5c:89:71:94:03:75:67:c2:c4:c5:47:f3:
ab:78:49:01:fc:fd:4b:16:79:de:ef:28:8b:97:b7:5b:27:b4:
1f:cb:e9:2a:03:ed:5d:92:53:4f:a2:b8:7f:ec:4f:bf:98:ab:
45:de:7e:2a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNxrFGervGJDJmD/X8hnFJRccNm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDA0NDlFQTA5QURCQTRCRTZDNUFFRDQyOUVCMzYxQzkxMDAwOUFDQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsYoA5IQFbV2yYFGJtQOAbPIBl
uLKZG5hA9qzqD5/F7tYGJ6VZtNI8FkQFC/NK7mt+58mAeG76ffP4pjZIyb+aLdLF
OJH5kfNOmWvzLa/rwjJHFt43+ctHYdSrKcFdYICevvl8ABeI61abTmQ3d3SSmdNv
+dp0udzoA7i6vOqlAQ4c4BfXd0PIdamGzzwF4fP98C9OHYU1XKKTMH8r+yPSzeKf
fErV7+qQ4wuvaBXoG8RvW2YMm1zRc7MoFhwaB6I9iiInRk7iK9N2nvpBR+Kl892U
Bc7xRaHCLz27zTJmnlCSR58DYWZQjh4ZA1TIBpdSSpw40GADQp4CpRLqPz13AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUBEnqCa26S+bFrtQp6zYckQAJrLkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALneiTANBgkqhkiG9w0BAQsFAAOCAQEAm5b/88WifqyLYR/b2hd+vUI2o5aC
MnVqnjMXfQN3Sao5vIZeioiwgSrWhB9d+MkijSXFfqIzqCOelEqGbNxespQYsmFf
nj/wNJ1+mflYlzj1gq6XYtxvBsn8I+LYtcUQyXPh/avO2UjR0Dz0UaoUIoK/PfSD
1NtLCDa7ZYsv6gKduqaUYBc5FaBI0e0BFmYyHI6D2oiGR8fpMcaEZHSgACez4L6N
lOlza9Le7XnmNiJMTpcVgZ3jRfoxgO+pTLmnVgl6VxfmBTwWQ/OtXIlxlAN1Z8LE
xUfzq3hJAfz9SxZ53u8oi5e3Wye0H8vpKgPtXZJTT6K4f+xPv5irRd5+Kg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org