Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: yho8fAxTevXbZiTc77RL5AqWkG+E2FKw2SYRgXw5ztY=
Subject key identifier: A8:92:B1:62:D5:C6:E0:0A:F1:93:1D:CD:3D:CA:85:84:20:6C:75:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2254B10529EDBB12F38CE6C07990AB197CAA38C3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 136787
IP address blocks: 185.222.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:54:b1:05:29:ed:bb:12:f3:8c:e6:c0:79:90:ab:19:7c:aa:38:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=A892B162D5C6E00AF1931DCD3DCA8584206C75AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7d:ee:c4:58:b7:1e:28:d3:bc:fa:43:84:5c:
41:b0:03:8c:e5:62:0e:44:41:aa:eb:5d:a3:e5:26:
e8:23:f7:b0:48:45:a5:ae:47:00:46:11:c4:a2:2f:
60:50:dc:6d:57:28:b8:12:7d:00:b4:25:f3:66:a5:
36:e3:3c:c6:23:9d:8f:69:37:6d:f2:0e:97:9d:bd:
e6:3c:ec:3c:b5:1e:cc:e9:64:08:b9:94:e5:72:1c:
71:fd:9a:0f:cc:75:af:76:1e:12:57:1d:48:87:34:
51:24:6f:77:a5:13:14:6f:5c:7b:7f:a3:54:52:53:
24:22:f6:d1:95:63:b0:1e:05:e9:b8:16:41:df:b8:
9b:12:57:51:24:aa:2d:b0:c3:ca:0e:28:4b:e2:06:
70:20:1c:c9:11:6d:30:1a:57:96:41:de:72:37:46:
f8:8f:5f:fd:fa:0c:08:ea:72:48:27:5b:a0:73:94:
bb:95:07:84:ba:06:a3:d4:3b:3c:93:98:86:38:ec:
47:59:82:02:22:b8:30:c2:10:58:40:b3:3d:ec:be:
c8:51:8d:68:07:c9:59:0c:82:dd:0e:53:56:2c:92:
1a:c3:62:2c:7c:19:be:f2:d6:4a:ee:eb:aa:93:52:
e2:f9:88:e1:a0:d8:fc:75:ec:05:db:fe:44:4f:05:
29:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:B1:62:D5:C6:E0:0A:F1:93:1D:CD:3D:CA:85:84:20:6C:75:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.243.0/24
Signature Algorithm: sha256WithRSAEncryption
49:6c:98:41:e8:ed:e6:0c:65:f1:f8:1d:55:37:69:94:22:5a:
c7:24:93:ed:b6:ba:b9:da:36:cc:c4:20:fb:78:c0:26:07:2d:
4f:e4:82:44:8d:5b:9f:29:6b:83:1a:04:9b:b0:40:cb:ad:b8:
b7:ea:dc:7b:c5:8e:d9:3e:81:f1:bf:61:d9:94:74:ea:c9:72:
83:41:0a:9b:8e:39:e8:fe:19:b8:93:a4:3a:d1:35:48:e8:a9:
d4:6e:9e:1b:ab:23:37:c3:e5:75:a9:7b:f5:a9:3c:ab:eb:c1:
2f:94:af:80:b3:97:61:b9:c0:e2:1c:3a:ca:a5:52:97:74:f3:
4f:6b:0d:24:8f:5d:0d:69:19:0b:ca:d0:0d:ee:ee:a2:87:89:
bc:61:81:b4:e3:0a:9a:6d:aa:8c:ed:62:d1:3d:f0:4e:75:c0:
25:d5:fc:af:db:bb:0a:52:02:7c:60:0a:f9:e3:10:7a:ab:99:
dc:21:f0:2e:3b:8b:14:28:3b:34:2f:25:c8:f7:47:9f:cf:3e:
1d:94:22:57:95:3f:9c:54:02:d5:90:c7:e8:c0:bb:74:79:05:
13:b9:7d:8f:fa:ad:d9:a6:6a:80:8b:58:f4:3b:b0:74:09:ec:
5f:92:a8:a1:69:2f:fe:d4:b1:dd:c8:d3:89:a7:d4:0c:5e:53:
b9:b9:8b:06
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIlSxBSntuxLzjObAeZCrGXyqOMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKEE4OTJCMTYyRDVDNkUwMEFGMTkzMURDRDNEQ0E4NTg0MjA2Qzc1QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpfe7EWLceKNO8+kOEXEGwA4zl
Yg5EQarrXaPlJugj97BIRaWuRwBGEcSiL2BQ3G1XKLgSfQC0JfNmpTbjPMYjnY9p
N23yDpedveY87Dy1HszpZAi5lOVyHHH9mg/Mda92HhJXHUiHNFEkb3elExRvXHt/
o1RSUyQi9tGVY7AeBem4FkHfuJsSV1Ekqi2ww8oOKEviBnAgHMkRbTAaV5ZB3nI3
RviPX/36DAjqckgnW6BzlLuVB4S6BqPUOzyTmIY47EdZggIiuDDCEFhAsz3svshR
jWgHyVkMgt0OU1YskhrDYix8Gb7y1kru66qTUuL5iOGg2Px17AXb/kRPBSk9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUqJKxYtXG4Arxkx3NPcqFhCBsdaowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALne8zANBgkqhkiG9w0BAQsFAAOCAQEASWyYQejt5gxl8fgdVTdplCJaxyST
7ba6udo2zMQg+3jAJgctT+SCRI1bnylrgxoEm7BAy624t+rce8WO2T6B8b9h2ZR0
6slyg0EKm4456P4ZuJOkOtE1SOip1G6eG6sjN8Pldal79ak8q+vBL5SvgLOXYbnA
4hw6yqVSl3TzT2sNJI9dDWkZC8rQDe7uooeJvGGBtOMKmm2qjO1i0T3wTnXAJdX8
r9u7ClICfGAK+eMQequZ3CHwLjuLFCg7NC8lyPdHn88+HZQiV5U/nFQC1ZDH6MC7
dHkFE7l9j/qt2aZqgItY9DuwdAnsX5KooWkv/tSx3cjTiafUDF5TubmLBg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org