Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
File: 3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: Ek3yi0XEE+aILfa8kDmWyqANN9MD0ykiAGInaRp5qP4=
Subject key identifier: B2:C0:29:A9:9D:F9:23:60:11:49:EF:51:8D:B7:29:FB:A7:9A:38:48
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 69A2F25C415F9245A54FD852C39815FAB3F2AD35
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 51167
IP address blocks: 185.222.242.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:a2:f2:5c:41:5f:92:45:a5:4f:d8:52:c3:98:15:fa:b3:f2:ad:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=B2C029A99DF923601149EF518DB729FBA79A3848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2c:02:08:85:4d:4f:a4:90:72:ab:dc:ba:a8:
58:5a:b7:d2:b1:12:7d:6f:26:11:95:d2:f0:9f:85:
95:7a:30:5b:0c:ca:7b:44:e0:9c:96:1c:a8:fd:f1:
78:90:6f:d6:c4:6c:81:30:c8:7c:fe:cd:80:86:9f:
a1:0d:ec:79:07:59:40:d2:06:fc:f8:21:88:18:31:
e7:0b:74:8e:e9:2f:53:48:fb:4e:d4:31:cf:45:9d:
55:cb:05:c7:81:2a:94:64:6f:33:14:03:e0:25:db:
3f:e1:d1:b1:07:04:0d:8e:3f:cb:6a:18:5d:6a:e6:
ed:fa:4c:70:91:e4:a2:91:b1:ca:16:43:76:3e:24:
31:7c:13:ce:e4:c6:4a:48:c1:9f:3d:9e:ca:6c:77:
43:98:46:cd:87:fb:75:9c:4f:c4:77:1e:52:87:63:
a1:30:f7:79:13:5a:c7:73:be:76:43:1f:63:6f:65:
e1:b6:6d:87:c1:26:3e:16:f0:81:19:16:17:3b:33:
72:5a:32:2a:57:9c:65:39:66:9f:82:66:a2:89:e2:
3a:34:b5:75:a9:ee:09:74:b6:a4:0e:96:e7:a9:be:
9a:3c:66:1a:46:69:ae:70:06:05:89:44:6d:88:00:
dc:a6:df:d2:f8:8f:9c:cd:1b:33:99:de:80:6e:f3:
7b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C0:29:A9:9D:F9:23:60:11:49:EF:51:8D:B7:29:FB:A7:9A:38:48
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.242.0/24
Signature Algorithm: sha256WithRSAEncryption
05:ae:ee:26:af:fe:18:33:1d:f2:c8:1b:40:0f:97:20:de:92:
cf:03:d8:da:3c:b3:45:78:44:29:cd:37:01:20:57:b2:3c:ef:
19:41:4f:31:eb:ae:9b:62:39:53:ae:39:b4:ce:45:d1:74:52:
dc:23:b7:1b:e5:52:bb:bd:2b:ee:80:b6:1e:11:3e:9d:2a:f2:
a5:6d:7b:2f:b3:7a:5e:e3:89:00:9d:d0:69:b0:19:f0:77:39:
6c:8b:e3:a4:bc:73:96:c4:bc:74:26:65:f6:cd:4e:ab:d4:c7:
1c:ce:57:1b:b0:b1:a0:9e:d5:81:58:ad:92:68:06:f5:d0:74:
a4:80:44:2a:7b:40:a0:ac:d5:2e:1d:60:07:83:c0:79:ee:40:
75:74:ad:be:62:9d:f7:e4:fb:28:90:98:a5:98:33:1c:30:82:
96:bf:1c:33:b0:15:f0:49:85:1a:67:bd:d1:f3:6b:bb:80:81:
07:b0:84:1a:57:e1:d0:42:f5:33:1a:4c:a3:24:e3:6c:ca:35:
9e:c4:f0:7a:c7:fd:9a:8f:e7:05:f0:47:ba:03:3a:20:bf:d6:
a3:8c:c7:f7:c2:96:37:0d:41:29:0c:c8:f2:0d:10:20:17:b0:
84:bb:0f:6b:5b:2b:00:b8:05:13:af:fe:d5:47:60:cd:4e:19:
88:40:a1:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaaLyXEFfkkWlT9hSw5gV+rPyrTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKEIyQzAyOUE5OURGOTIzNjAxMTQ5RUY1MThEQjcyOUZCQTc5QTM4NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYLAIIhU1PpJByq9y6qFhat9Kx
En1vJhGV0vCfhZV6MFsMyntE4JyWHKj98XiQb9bEbIEwyHz+zYCGn6EN7HkHWUDS
Bvz4IYgYMecLdI7pL1NI+07UMc9FnVXLBceBKpRkbzMUA+Al2z/h0bEHBA2OP8tq
GF1q5u36THCR5KKRscoWQ3Y+JDF8E87kxkpIwZ89nspsd0OYRs2H+3WcT8R3HlKH
Y6Ew93kTWsdzvnZDH2NvZeG2bYfBJj4W8IEZFhc7M3JaMipXnGU5Zp+CZqKJ4jo0
tXWp7gl0tqQOluepvpo8ZhpGaa5wBgWJRG2IANym39L4j5zNGzOZ3oBu83tPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUssApqZ35I2ARSe9Rjbcp+6eaOEgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53vIwDQYJKoZIhvcNAQELBQADggEBAAWu7iav/hgzHfLIG0APlyDeks8D2No8
s0V4RCnNNwEgV7I87xlBTzHrrptiOVOuObTORdF0UtwjtxvlUru9K+6Ath4RPp0q
8qVtey+zel7jiQCd0GmwGfB3OWyL46S8c5bEvHQmZfbNTqvUxxzOVxuwsaCe1YFY
rZJoBvXQdKSARCp7QKCs1S4dYAeDwHnuQHV0rb5inffk+yiQmKWYMxwwgpa/HDOw
FfBJhRpnvdHza7uAgQewhBpX4dBC9TMaTKMk42zKNZ7E8HrH/ZqP5wXwR7oDOiC/
1qOMx/fCljcNQSkMyPINECAXsIS7D2tbKwC4BROv/tVHYM1OGYhAocs=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org