Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20323034313730.roa
File: 3138352e3232352e3233352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 144OOXvl+oEBMOVAsqqWt5cEm8RQJWK5rVoa5CHUUiw=
Subject key identifier: 74:46:CD:CE:5C:5D:2F:71:18:4B:68:25:20:9C:98:D8:91:EB:78:DD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 78F6B54AF0FF1CD6FDCEFE0104E91E59F6FD6837
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:17 +0000
ROA not before: Tue 25 Jun 2024 21:42:17 +0000
ROA not after: Tue 24 Jun 2025 21:47:17 +0000
asID: 204170
IP address blocks: 185.225.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:f6:b5:4a:f0:ff:1c:d6:fd:ce:fe:01:04:e9:1e:59:f6:fd:68:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:17 2024 GMT
Not After : Jun 24 21:47:17 2025 GMT
Subject: CN=7446CDCE5C5D2F71184B6825209C98D891EB78DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:17:b1:b7:b7:71:f5:79:c8:1a:aa:a5:75:
c7:25:b2:24:4a:b6:99:65:80:a7:18:0a:72:f6:99:
fb:72:1a:64:df:e7:e6:c7:b9:4a:ec:7d:1b:06:64:
9c:5a:39:5d:7d:ac:64:31:28:ab:2e:eb:a2:63:a3:
63:9e:f6:42:0a:78:b1:48:ce:d5:e4:e3:1b:ed:92:
bf:11:fc:85:17:27:8f:d5:7c:39:e8:0e:45:47:d4:
1c:de:eb:58:dd:80:62:4c:22:78:f2:2c:68:06:63:
43:31:a5:46:54:dc:b6:83:a6:fb:35:e8:57:31:9c:
23:fd:43:b0:5c:26:9a:5c:35:51:39:69:3a:0d:e0:
c1:43:ef:d6:cc:15:de:d8:35:9b:61:6e:34:2f:9d:
a5:c7:cd:7f:5c:40:19:09:cd:37:10:4c:11:1b:b6:
c1:91:ad:06:3c:2a:38:88:2d:0f:0a:b1:89:06:6a:
05:40:0e:74:6c:8f:11:6a:1b:f1:71:6c:75:6f:90:
a7:a4:fc:d2:0f:4c:60:e7:e9:ec:f4:08:0d:30:11:
08:6d:0c:13:f3:29:cd:11:8b:14:f6:a5:82:00:f0:
f3:d1:f9:da:b7:12:ee:58:b9:84:ec:72:71:10:67:
32:90:75:b1:e5:87:62:f1:54:87:e0:84:59:dc:00:
f7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:46:CD:CE:5C:5D:2F:71:18:4B:68:25:20:9C:98:D8:91:EB:78:DD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3233352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.235.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:c5:af:13:ee:3c:19:ee:ca:81:81:a6:f0:9e:3c:ce:ca:d4:
a9:3a:7b:fd:19:2a:4c:eb:f7:7b:7c:78:26:8c:79:6d:ee:69:
fc:c6:2d:00:d8:23:83:81:a3:1c:5f:e6:16:ec:79:c4:e0:5d:
3d:6e:65:9a:19:6e:3f:ba:03:b7:d4:83:70:e0:c2:33:e1:79:
37:90:e5:c7:c0:d1:c2:c5:7c:4c:87:20:ce:ff:e2:6d:7c:fc:
cd:d7:55:e4:69:44:79:d1:7c:bb:8c:76:26:a3:3e:77:c8:16:
9a:ac:ae:2c:bd:6f:e8:03:65:5d:57:6e:65:3e:66:f5:5f:41:
5a:8a:39:81:cd:f4:c4:6d:bb:15:5b:37:b9:0c:fb:0e:23:12:
c3:f1:b7:2a:a0:2e:47:31:2c:f0:35:e9:f1:52:74:c2:9f:c3:
fa:92:fc:5c:84:b8:d3:95:a3:f4:41:50:61:d0:92:13:db:0c:
00:86:b6:ee:45:43:b3:1b:f3:6f:d6:d1:8a:b1:6d:1e:a0:14:
7b:04:47:ba:b4:1b:84:09:59:0a:31:21:45:41:30:ec:59:aa:
68:e8:63:b2:dd:77:99:de:aa:3b:5a:3e:19:f2:0e:9c:23:2a:
7b:ff:a8:b0:b2:03:c2:8b:d1:70:c3:2e:3c:4b:bb:1c:49:8e:
a7:ee:cd:9d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUePa1SvD/HNb9zv4BBOkeWfb9aDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMTdaFw0yNTA2MjQyMTQ3MTdaMDMxMTAvBgNV
BAMTKDc0NDZDRENFNUM1RDJGNzExODRCNjgyNTIwOUM5OEQ4OTFFQjc4REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR6xext7dx9XnIGqqldcclsiRK
tpllgKcYCnL2mftyGmTf5+bHuUrsfRsGZJxaOV19rGQxKKsu66Jjo2Oe9kIKeLFI
ztXk4xvtkr8R/IUXJ4/VfDnoDkVH1Bze61jdgGJMInjyLGgGY0MxpUZU3LaDpvs1
6FcxnCP9Q7BcJppcNVE5aToN4MFD79bMFd7YNZthbjQvnaXHzX9cQBkJzTcQTBEb
tsGRrQY8KjiILQ8KsYkGagVADnRsjxFqG/FxbHVvkKek/NIPTGDn6ez0CA0wEQht
DBPzKc0RixT2pYIA8PPR+dq3Eu5YuYTscnEQZzKQdbHlh2LxVIfghFncAPcPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdEbNzlxdL3EYS2glIJyY2JHreN0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMy
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnh6zANBgkqhkiG9w0BAQsFAAOCAQEAK8WvE+48Ge7KgYGm8J48zsrUqTp7
/RkqTOv3e3x4Jox5be5p/MYtANgjg4GjHF/mFux5xOBdPW5lmhluP7oDt9SDcODC
M+F5N5Dlx8DRwsV8TIcgzv/ibXz8zddV5GlEedF8u4x2JqM+d8gWmqyuLL1v6ANl
XVduZT5m9V9BWoo5gc30xG27FVs3uQz7DiMSw/G3KqAuRzEs8DXp8VJ0wp/D+pL8
XIS405Wj9EFQYdCSE9sMAIa27kVDsxvzb9bRirFtHqAUewRHurQbhAlZCjEhRUEw
7FmqaOhjst13md6qO1o+GfIOnCMqe/+osLIDwovRcMMuPEu7HEmOp+7NnQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org