Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Vyi60KmwuORiNrL4Ga0q2hPwm43whrtjo3Y9ZvJSIKg=
Subject key identifier: 1F:78:B7:35:AF:A1:1C:5E:5C:6B:E9:A1:52:48:A2:73:EC:8F:E5:F2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 715B1C86E344D746C95070383A842E63E780412A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:48 +0000
ROA not before: Thu 12 Sep 2024 21:59:48 +0000
ROA not after: Thu 11 Sep 2025 22:04:48 +0000
asID: 136787
IP address blocks: 185.225.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:5b:1c:86:e3:44:d7:46:c9:50:70:38:3a:84:2e:63:e7:80:41:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 12 21:59:48 2024 GMT
Not After : Sep 11 22:04:48 2025 GMT
Subject: CN=1F78B735AFA11C5E5C6BE9A15248A273EC8FE5F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:83:6c:91:4a:f5:03:bd:cc:d6:ad:28:3d:e4:
74:3c:4d:64:2a:50:20:5c:f1:02:5f:7d:19:c8:a9:
eb:07:59:82:f9:c5:a6:6b:ec:5b:e8:88:20:80:12:
c7:2b:fc:07:58:f8:82:30:cc:ed:85:cb:a8:ba:f4:
06:c5:1c:83:db:56:1c:ba:8a:b0:df:0d:e7:28:fc:
a3:02:75:b3:9b:9e:85:b7:8f:74:f9:c8:3c:6a:81:
bf:93:1a:f7:96:a0:d5:86:fa:f0:92:e4:17:ad:e8:
a1:19:9e:13:de:e8:da:48:54:20:0d:d5:6d:86:d8:
ff:1b:ff:86:57:ba:bb:28:7d:03:51:5e:7e:8e:1f:
c7:e4:e8:49:bc:6b:3d:af:ce:0c:ab:4b:15:9d:52:
47:cb:70:5e:af:36:71:ed:32:b9:5b:07:e2:8b:98:
5e:c4:31:ae:54:b2:4f:23:0f:0d:a2:12:4f:76:21:
8d:5c:a7:dc:a3:e7:8c:19:f1:23:96:37:17:44:1b:
c0:af:bc:dd:f8:ac:19:56:ea:c9:14:56:c3:1b:40:
37:0b:92:cc:af:e1:c3:21:c7:9c:8f:d9:cb:06:95:
62:07:3e:41:61:7d:b4:39:44:2d:18:61:7e:bb:10:
9b:b5:63:d4:4f:9b:b6:57:e1:6f:b1:dc:59:eb:22:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:78:B7:35:AF:A1:1C:5E:5C:6B:E9:A1:52:48:A2:73:EC:8F:E5:F2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.138.0/24
Signature Algorithm: sha256WithRSAEncryption
63:96:53:70:0a:02:83:27:28:2c:8d:46:90:ae:09:77:d0:12:
e9:65:a7:e8:46:1d:d4:d4:f1:72:26:18:98:94:d3:04:58:62:
20:8b:13:1d:21:61:e7:cc:bf:5a:cf:27:f9:db:59:b8:33:f8:
58:3a:88:54:11:04:d4:34:a9:60:1f:c2:2e:84:f8:53:c3:94:
0c:73:01:da:15:6a:96:cd:36:82:86:9f:49:06:76:33:9d:09:
45:45:98:44:15:cf:68:cc:31:f8:3a:db:ef:20:60:5e:b0:0b:
24:0b:06:d9:d7:d2:9e:16:6f:aa:1f:cb:de:03:75:fc:c3:db:
1e:76:8c:e6:b5:c7:64:be:a8:24:bf:32:2f:26:dd:c4:78:61:
8c:5f:94:a3:0b:dd:80:53:c4:dc:f9:f5:17:5d:8a:04:75:fe:
09:34:66:82:6f:4b:6a:2b:50:7d:2e:9c:94:34:e2:49:c8:f4:
8d:5b:8e:9b:63:d0:be:7d:aa:f0:52:d4:39:55:21:e4:4e:1b:
14:4f:a0:7d:5d:c6:41:f1:72:90:d7:08:57:5c:ec:b6:06:96:
ac:84:66:a4:6a:d9:a2:f6:8d:5b:23:4e:6a:11:ea:06:ab:b5:
10:3e:5e:30:8e:70:d0:85:93:f5:b9:a4:81:3c:41:d5:4e:42:
5e:e7:48:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcVschuNE10bJUHA4OoQuY+eAQSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTIyMTU5NDhaFw0yNTA5MTEyMjA0NDhaMDMxMTAvBgNV
BAMTKDFGNzhCNzM1QUZBMTFDNUU1QzZCRTlBMTUyNDhBMjczRUM4RkU1RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClg2yRSvUDvczWrSg95HQ8TWQq
UCBc8QJffRnIqesHWYL5xaZr7FvoiCCAEscr/AdY+IIwzO2Fy6i69AbFHIPbVhy6
irDfDeco/KMCdbObnoW3j3T5yDxqgb+TGveWoNWG+vCS5Bet6KEZnhPe6NpIVCAN
1W2G2P8b/4ZXursofQNRXn6OH8fk6Em8az2vzgyrSxWdUkfLcF6vNnHtMrlbB+KL
mF7EMa5Usk8jDw2iEk92IY1cp9yj54wZ8SOWNxdEG8CvvN34rBlW6skUVsMbQDcL
ksyv4cMhx5yP2csGlWIHPkFhfbQ5RC0YYX67EJu1Y9RPm7ZX4W+x3FnrIkztAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUH3i3Na+hHF5ca+mhUkiic+yP5fIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhijANBgkqhkiG9w0BAQsFAAOCAQEAY5ZTcAoCgycoLI1GkK4Jd9AS6WWn
6EYd1NTxciYYmJTTBFhiIIsTHSFh58y/Ws8n+dtZuDP4WDqIVBEE1DSpYB/CLoT4
U8OUDHMB2hVqls02goafSQZ2M50JRUWYRBXPaMwx+Drb7yBgXrALJAsG2dfSnhZv
qh/L3gN1/MPbHnaM5rXHZL6oJL8yLybdxHhhjF+UowvdgFPE3Pn1F12KBHX+CTRm
gm9LaitQfS6clDTiScj0jVuOm2PQvn2q8FLUOVUh5E4bFE+gfV3GQfFykNcIV1zs
tgaWrIRmpGrZovaNWyNOahHqBqu1ED5eMI5w0IWT9bmkgTxB1U5CXudIMw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org