Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
File: 3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: wOsaxsAIBJrzKwAzcWVKY33U0tVC2dWfmgJaLq5U8Q0=
Subject key identifier: D6:A1:F1:4A:7E:17:B3:4C:5E:1C:7A:C4:BC:B2:61:72:84:BA:78:57
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79734D0224AFA7EF24CD86E9FC5867FBD2DAC789
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 136787
IP address blocks: 185.225.234.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:73:4d:02:24:af:a7:ef:24:cd:86:e9:fc:58:67:fb:d2:da:c7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=D6A1F14A7E17B34C5E1C7AC4BCB2617284BA7857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:99:c4:db:9e:77:3e:7d:6f:00:17:4c:0b:01:
7b:46:c7:a1:0b:5a:68:65:ae:03:07:42:ee:78:13:
3e:d1:76:be:66:34:71:e0:ad:1f:08:62:ce:cf:3e:
30:e5:b3:0f:00:52:9a:71:d5:1e:ab:4f:61:ab:61:
8d:7a:92:bf:3c:a3:77:71:77:ce:1f:fb:4d:d5:28:
13:9c:d4:c3:b0:d1:cf:4d:90:d8:e1:11:8c:10:9a:
73:ec:12:07:0e:ab:18:c9:c1:2c:a1:94:bd:9a:4b:
bd:65:f4:f8:ab:d7:1a:7d:49:fb:53:4b:23:26:d8:
85:e3:17:a6:8b:25:bd:90:62:00:93:ba:6b:f2:f7:
61:bd:2f:c3:77:21:f7:bb:db:5f:22:5b:c8:9e:4f:
49:a4:8d:3e:0e:c5:d2:8f:8d:bc:14:fb:dc:a8:07:
8e:1d:d0:be:b7:d3:36:5e:95:ee:12:8f:8e:48:f9:
ef:23:69:ec:c0:9e:1f:71:d1:e9:a6:8a:4c:27:5c:
4a:d5:87:92:3c:ee:88:f6:f4:dd:99:a6:a5:36:d1:
27:4c:cf:19:e6:20:75:85:43:ca:48:51:d6:7b:ad:
a3:88:cb:db:30:7d:9a:98:fe:c3:2c:8a:70:fd:2b:
7a:ea:78:44:f2:2c:45:e6:79:53:6c:8c:d7:df:5c:
ab:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A1:F1:4A:7E:17:B3:4C:5E:1C:7A:C4:BC:B2:61:72:84:BA:78:57
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233342e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.234.0/24
Signature Algorithm: sha256WithRSAEncryption
38:20:75:cf:ea:1c:01:2c:d5:8f:4d:59:89:d2:54:cd:af:46:
d1:f8:1c:6d:4c:ed:3b:55:f4:6a:4c:51:b1:36:7c:f0:ac:f0:
a9:80:99:b3:3a:f8:f8:a7:47:b6:49:62:54:c2:8c:c4:2c:c7:
41:bc:d5:ea:b5:3d:a2:de:8b:62:2f:af:46:e5:06:eb:0f:e2:
1b:a0:43:cb:00:8b:08:2f:0e:1b:e6:af:da:b8:cb:11:00:45:
2b:f2:bf:f3:a8:27:0d:c8:27:13:2f:de:62:da:cf:b4:49:bd:
a8:73:74:9d:0c:b2:d6:f3:00:94:7d:5f:fe:14:21:f7:5a:7c:
12:cd:79:a1:bb:21:c3:ac:e0:3e:0c:b1:10:9a:be:59:20:a9:
ea:fa:ba:32:0c:2d:9c:4b:40:ed:97:cf:eb:35:c4:49:fb:bb:
68:ba:ae:9b:8e:23:dd:cc:7a:4c:62:3a:c4:73:72:21:fc:49:
1d:05:a0:e1:94:74:47:fb:ed:3d:f6:09:2b:d9:8d:48:6a:01:
07:59:90:7f:88:de:83:aa:26:0c:d6:16:d2:42:f5:b1:f2:f3:
d9:8c:8a:c2:93:02:a1:fc:dd:78:0f:e7:83:ff:b5:7e:8f:d2:
bb:dd:11:f1:b1:44:b5:64:8a:b0:98:3b:e4:26:20:6c:af:eb:
d9:ca:b4:5f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeXNNAiSvp+8kzYbp/Fhn+9Lax4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKEQ2QTFGMTRBN0UxN0IzNEM1RTFDN0FDNEJDQjI2MTcyODRCQTc4NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTmcTbnnc+fW8AF0wLAXtGx6EL
WmhlrgMHQu54Ez7Rdr5mNHHgrR8IYs7PPjDlsw8AUppx1R6rT2GrYY16kr88o3dx
d84f+03VKBOc1MOw0c9NkNjhEYwQmnPsEgcOqxjJwSyhlL2aS71l9Pir1xp9SftT
SyMm2IXjF6aLJb2QYgCTumvy92G9L8N3Ife7218iW8ieT0mkjT4OxdKPjbwU+9yo
B44d0L630zZele4Sj45I+e8jaezAnh9x0emmikwnXErVh5I87oj29N2ZpqU20SdM
zxnmIHWFQ8pIUdZ7raOIy9swfZqY/sMsinD9K3rqeETyLEXmeVNsjNffXKv/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1qHxSn4Xs0xeHHrEvLJhcoS6eFcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMy
MzMzNDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnh6jANBgkqhkiG9w0BAQsFAAOCAQEAOCB1z+ocASzVj01ZidJUza9G0fgc
bUztO1X0akxRsTZ88KzwqYCZszr4+KdHtkliVMKMxCzHQbzV6rU9ot6LYi+vRuUG
6w/iG6BDywCLCC8OG+av2rjLEQBFK/K/86gnDcgnEy/eYtrPtEm9qHN0nQyy1vMA
lH1f/hQh91p8Es15obshw6zgPgyxEJq+WSCp6vq6MgwtnEtA7ZfP6zXESfu7aLqu
m44j3cx6TGI6xHNyIfxJHQWg4ZR0R/vtPfYJK9mNSGoBB1mQf4jeg6omDNYW0kL1
sfLz2YyKwpMCofzdeA/ng/+1fo/Su90R8bFEtWSKsJg75CYgbK/r2cq0Xw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org