Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: pkLxRPf6kywIt7vcCVnz8wpcr/6YrFR0Y23dQmr6dvo=
Subject key identifier: 5F:ED:40:6D:95:9E:C5:A1:0D:0A:84:11:F4:20:24:F1:84:BF:8E:9A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 62DA7CAC688E5D5136F1DB1719B4A7398E130B1B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:48 +0000
ROA not before: Thu 12 Sep 2024 21:59:48 +0000
ROA not after: Thu 11 Sep 2025 22:04:48 +0000
asID: 136787
IP address blocks: 185.225.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:da:7c:ac:68:8e:5d:51:36:f1:db:17:19:b4:a7:39:8e:13:0b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 12 21:59:48 2024 GMT
Not After : Sep 11 22:04:48 2025 GMT
Subject: CN=5FED406D959EC5A10D0A8411F42024F184BF8E9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:b6:16:48:80:4d:54:14:d1:90:f1:b8:c6:
91:18:10:e6:9e:07:9b:0a:e8:72:9a:4f:4e:45:99:
7d:bc:44:d9:dd:8c:ce:f2:9d:47:4d:70:cd:ff:df:
f7:ee:b5:6c:b0:83:c3:0f:0e:6c:99:4f:88:a6:61:
77:04:da:46:0a:e9:11:f5:39:7b:bb:d8:19:7a:47:
71:44:66:79:11:8c:95:fb:1f:29:21:87:c4:77:c3:
6b:4b:20:df:59:30:2f:c6:11:94:1f:2a:de:78:cd:
77:a0:3a:1a:b2:48:0f:89:f2:9c:4b:33:7a:d6:19:
09:d1:4f:f8:a9:93:6f:42:62:da:ef:85:e8:d1:29:
0f:3c:9c:8c:58:c7:93:7d:ea:ca:d6:24:c0:c9:7f:
45:2d:07:60:35:37:6e:1d:13:8e:76:d6:46:3e:c0:
29:e7:54:d4:97:4a:95:cf:50:6b:23:fc:bd:5f:b4:
0f:ec:24:03:c5:9a:d3:c1:d6:59:94:02:57:d0:41:
7f:38:f7:b3:59:39:7a:9a:68:58:71:be:3b:f0:47:
8b:e2:73:df:48:51:ae:bb:35:1b:e0:0e:e7:1a:d4:
18:cf:79:8f:e4:50:49:42:a0:7a:3f:f0:b6:d8:b6:
c0:23:04:50:d1:9a:86:78:b2:18:4d:ca:f4:ba:16:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:ED:40:6D:95:9E:C5:A1:0D:0A:84:11:F4:20:24:F1:84:BF:8E:9A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.139.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ed:dd:f2:c9:81:1d:f3:cf:7b:48:20:bc:c8:55:4f:42:b5:
10:84:10:87:d9:98:35:b9:63:c0:76:de:21:b0:10:e7:e5:1f:
8a:52:41:01:a8:30:a3:f6:7b:c0:b3:d9:5d:b7:73:29:85:b0:
2f:5e:92:79:6a:e9:42:aa:20:dd:63:ef:6a:c3:8f:35:65:08:
ea:ef:16:38:8b:df:30:fd:93:2c:5f:5f:5d:24:62:b5:96:7a:
b9:15:46:91:9d:5a:46:c7:7a:3c:17:db:49:1a:28:be:81:a0:
e1:2b:61:1b:a4:08:93:d6:b5:ee:20:8e:0a:70:49:54:09:3e:
d8:2c:70:f0:f6:88:9f:df:43:cc:49:9a:e5:28:d8:2b:d1:0b:
cf:e9:cd:40:92:10:23:53:2f:4d:dd:54:e5:15:61:fc:fa:5b:
48:0d:15:d7:3f:b9:dd:2e:5a:a7:44:02:bc:98:8a:1e:ba:30:
70:1a:bb:69:e1:b9:e4:1f:33:a9:bc:48:ba:71:3e:96:1a:e3:
d4:56:d9:81:44:9a:93:94:3c:2b:25:1c:31:8d:dc:69:ed:31:
5d:9d:31:bb:40:45:3a:52:9e:80:23:da:a7:82:df:6b:4c:21:
cf:fb:4d:63:96:b0:a7:4d:13:ca:42:c6:03:ac:0d:96:05:35:
6e:f2:04:40
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYtp8rGiOXVE28dsXGbSnOY4TCxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTIyMTU5NDhaFw0yNTA5MTEyMjA0NDhaMDMxMTAvBgNV
BAMTKDVGRUQ0MDZEOTU5RUM1QTEwRDBBODQxMUY0MjAyNEYxODRCRjhFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9yrYWSIBNVBTRkPG4xpEYEOae
B5sK6HKaT05FmX28RNndjM7ynUdNcM3/3/futWywg8MPDmyZT4imYXcE2kYK6RH1
OXu72Bl6R3FEZnkRjJX7Hykhh8R3w2tLIN9ZMC/GEZQfKt54zXegOhqySA+J8pxL
M3rWGQnRT/ipk29CYtrvhejRKQ88nIxYx5N96srWJMDJf0UtB2A1N24dE4521kY+
wCnnVNSXSpXPUGsj/L1ftA/sJAPFmtPB1lmUAlfQQX8497NZOXqaaFhxvjvwR4vi
c99IUa67NRvgDuca1BjPeY/kUElCoHo/8LbYtsAjBFDRmoZ4shhNyvS6FqjTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUX+1AbZWexaENCoQR9CAk8YS/jpowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhizANBgkqhkiG9w0BAQsFAAOCAQEAEO3d8smBHfPPe0ggvMhVT0K1EIQQ
h9mYNbljwHbeIbAQ5+UfilJBAagwo/Z7wLPZXbdzKYWwL16SeWrpQqog3WPvasOP
NWUI6u8WOIvfMP2TLF9fXSRitZZ6uRVGkZ1aRsd6PBfbSRoovoGg4SthG6QIk9a1
7iCOCnBJVAk+2Cxw8PaIn99DzEma5SjYK9ELz+nNQJIQI1MvTd1U5RVh/PpbSA0V
1z+53S5ap0QCvJiKHrowcBq7aeG55B8zqbxIunE+lhrj1FbZgUSak5Q8KyUcMY3c
ae0xXZ0xu0BFOlKegCPap4Lfa0whz/tNY5awp00TykLGA6wNlgU1bvIEQA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org