Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Vhz7it+QL53CBn4TZCOI9sAvYfAzuwX6LR4VPL/XFyA=
Subject key identifier: BC:8D:5E:38:8D:E9:A9:58:77:F5:7B:6B:57:08:EC:73:64:06:0D:07
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 25B7162D9410B9B79A0ECFEE3014ACD42925E96D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:47 +0000
ROA not before: Thu 12 Sep 2024 21:59:47 +0000
ROA not after: Thu 11 Sep 2025 22:04:47 +0000
asID: 136787
IP address blocks: 185.225.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b7:16:2d:94:10:b9:b7:9a:0e:cf:ee:30:14:ac:d4:29:25:e9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 12 21:59:47 2024 GMT
Not After : Sep 11 22:04:47 2025 GMT
Subject: CN=BC8D5E388DE9A95877F57B6B5708EC7364060D07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0d:ec:19:d7:da:9a:9c:5c:07:a2:b1:d0:42:
52:f1:86:eb:b1:cf:12:12:af:82:e0:46:dc:17:59:
df:8c:48:16:51:34:97:2a:9e:9a:f1:b1:6e:83:ec:
68:26:19:f3:ed:3a:85:87:b3:9f:f3:41:b4:d8:a9:
1a:19:e6:96:dc:dd:eb:54:e1:b6:44:5a:36:08:9f:
18:be:03:c0:41:b1:dc:07:ea:b5:bc:22:87:4e:39:
7b:b1:40:6b:56:9a:5c:de:b6:00:b8:a4:70:1b:d2:
96:1c:c7:6c:6e:85:4c:d7:7c:06:e6:0a:8d:11:3d:
d9:09:d0:d9:f7:33:5b:78:8d:da:be:60:cb:d9:18:
42:fd:70:54:2a:a0:d9:c6:64:41:b8:8a:04:98:f5:
b2:4b:a9:ef:f6:7b:bb:b1:ce:be:b1:ae:36:d4:48:
35:24:b2:7d:17:43:e8:8f:0c:89:78:5a:ee:ad:b7:
d7:31:d9:69:2b:67:20:b1:67:78:22:97:7e:6d:0c:
e8:c8:64:74:50:19:2a:91:9b:c1:55:e9:6f:c2:2e:
69:08:d2:a3:ed:3f:0c:2c:cd:e0:f7:8d:07:5c:69:
5e:0f:14:45:57:f9:ad:e7:f6:50:63:63:f5:55:53:
ad:a1:13:ed:3d:ae:d6:7a:16:35:9e:61:07:c1:9d:
d7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8D:5E:38:8D:E9:A9:58:77:F5:7B:6B:57:08:EC:73:64:06:0D:07
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.137.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:8f:47:0b:ae:ff:c8:8d:59:87:e5:3a:15:d7:c3:a0:82:e3:
84:5f:d4:c0:6e:2b:8e:7c:92:71:83:95:10:26:59:31:f6:35:
e0:81:df:f2:0f:ea:20:02:8a:87:7c:8b:10:42:34:a5:ea:9a:
f4:23:f8:14:1c:10:02:aa:c8:88:7a:7a:05:d3:8c:77:96:d9:
97:9a:50:b4:10:09:22:ce:be:0b:17:87:e2:74:b8:2b:39:23:
93:d8:9f:ea:98:93:56:0c:64:b8:4d:52:4b:fe:f5:8b:4d:6f:
65:be:ea:22:f3:41:e4:83:07:f9:cc:55:18:bb:f1:ec:cc:b7:
a1:d9:79:15:59:1d:19:3a:b2:8a:bf:52:33:36:15:20:b3:ed:
a3:bf:b0:8c:11:70:80:11:fc:80:e5:af:5a:b5:e0:e8:c2:b6:
b7:cb:77:9d:39:2a:03:cb:e5:42:65:21:7b:7f:9f:f4:dc:e4:
9e:48:41:ca:bb:c8:71:21:1d:07:e3:e8:e8:bd:c7:0a:2c:cc:
6f:e1:29:41:9b:d3:fb:9d:65:19:cf:b0:69:e6:44:af:5f:17:
74:5c:0d:9b:0f:4b:3e:07:4b:46:1a:ae:8d:28:76:07:23:44:
d1:30:ed:b5:32:b6:44:11:63:e3:a3:52:6f:00:ed:df:3e:45:
0a:38:f7:cd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJbcWLZQQubeaDs/uMBSs1Ckl6W0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTIyMTU5NDdaFw0yNTA5MTEyMjA0NDdaMDMxMTAvBgNV
BAMTKEJDOEQ1RTM4OERFOUE5NTg3N0Y1N0I2QjU3MDhFQzczNjQwNjBEMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLDewZ19qanFwHorHQQlLxhuux
zxISr4LgRtwXWd+MSBZRNJcqnprxsW6D7GgmGfPtOoWHs5/zQbTYqRoZ5pbc3etU
4bZEWjYInxi+A8BBsdwH6rW8IodOOXuxQGtWmlzetgC4pHAb0pYcx2xuhUzXfAbm
Co0RPdkJ0Nn3M1t4jdq+YMvZGEL9cFQqoNnGZEG4igSY9bJLqe/2e7uxzr6xrjbU
SDUksn0XQ+iPDIl4Wu6tt9cx2WkrZyCxZ3gil35tDOjIZHRQGSqRm8FV6W/CLmkI
0qPtPwwszeD3jQdcaV4PFEVX+a3n9lBjY/VVU62hE+09rtZ6FjWeYQfBnderAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvI1eOI3pqVh39XtrVwjsc2QGDQcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhiTANBgkqhkiG9w0BAQsFAAOCAQEADI9HC67/yI1Zh+U6FdfDoILjhF/U
wG4rjnyScYOVECZZMfY14IHf8g/qIAKKh3yLEEI0peqa9CP4FBwQAqrIiHp6BdOM
d5bZl5pQtBAJIs6+CxeH4nS4Kzkjk9if6piTVgxkuE1SS/71i01vZb7qIvNB5IMH
+cxVGLvx7My3odl5FVkdGTqyir9SMzYVILPto7+wjBFwgBH8gOWvWrXg6MK2t8t3
nTkqA8vlQmUhe3+f9NzknkhByrvIcSEdB+Po6L3HCizMb+EpQZvT+51lGc+waeZE
r18XdFwNmw9LPgdLRhqujSh2ByNE0TDttTK2RBFj46NSbwDt3z5FCjj3zQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org