Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: boaOHCB0lpCdVaWNfSe1WytlgV1o443bFH6SQBJ3JBc=
Subject key identifier: 6D:24:86:66:EA:0B:7B:D9:86:1F:55:95:E6:E7:AD:25:AB:07:97:A9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 798DF010FA568FBC2CB396A62C7E76E6A2EB788A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:48 +0000
ROA not before: Thu 12 Sep 2024 21:59:48 +0000
ROA not after: Thu 11 Sep 2025 22:04:48 +0000
asID: 136787
IP address blocks: 185.226.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:8d:f0:10:fa:56:8f:bc:2c:b3:96:a6:2c:7e:76:e6:a2:eb:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 12 21:59:48 2024 GMT
Not After : Sep 11 22:04:48 2025 GMT
Subject: CN=6D248666EA0B7BD9861F5595E6E7AD25AB0797A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:ac:81:c2:f6:77:5e:e6:0c:bb:d7:b6:9e:
1c:9d:4a:c9:76:fe:fa:50:8e:a3:75:5c:2d:b7:07:
bf:74:32:20:ea:59:02:47:60:06:de:35:4f:ab:cc:
ba:05:51:f8:b8:e5:f3:ea:a9:52:03:5d:9f:92:a5:
7f:7e:f4:87:72:b9:f9:04:41:51:49:90:cb:24:b5:
82:27:2e:ee:2a:93:8f:3c:3e:c7:ec:3b:fe:ab:8a:
a5:4f:c5:b9:43:cc:33:01:ed:8c:e9:e8:47:0e:15:
09:30:ba:d5:51:e5:19:38:8b:95:f5:41:66:1b:63:
c3:ad:4c:b3:25:1c:f2:7d:f3:80:b0:05:02:97:24:
e7:b6:68:95:a1:49:86:d4:95:ea:ac:9e:6d:cf:0a:
4c:27:e7:24:d1:99:cc:ab:2d:76:22:f2:18:e3:48:
d1:56:12:2b:bc:59:bf:03:7e:9a:b1:e6:b8:88:fe:
03:de:8e:f5:86:c8:39:25:d0:94:db:5d:68:ea:0d:
27:fd:30:46:37:ec:5b:ee:14:4a:e7:e1:2b:4a:52:
1d:4b:79:53:2f:56:ec:7b:80:33:a5:58:ce:3e:d3:
02:07:f6:f8:1b:58:ec:ad:d1:07:8e:26:32:ea:77:
aa:d8:3c:20:7c:a9:8d:72:88:90:21:2e:84:d7:9e:
af:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:24:86:66:EA:0B:7B:D9:86:1F:55:95:E6:E7:AD:25:AB:07:97:A9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.144.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:61:ed:54:1c:93:22:90:d3:d2:08:ec:4b:1a:f5:51:f5:2a:
47:31:a3:cf:eb:46:5e:6c:65:a9:64:5e:b0:07:70:66:21:5a:
e9:df:7f:95:55:7c:bf:14:92:8f:f7:9f:bc:32:b7:4a:0e:73:
09:e2:21:40:cf:4c:c8:39:e9:73:5e:3e:3f:74:f6:44:4e:87:
41:cb:f2:b0:bc:02:99:0b:d9:8d:7e:d9:4f:54:d8:69:26:6e:
e5:a9:4a:5f:37:16:4b:db:d7:40:bf:82:98:87:e3:e4:18:1c:
ec:cd:3e:44:61:22:43:5f:1e:c3:50:e1:d7:77:47:26:58:88:
f2:fa:05:9b:4a:68:7c:d8:b1:2a:98:e5:d0:75:33:97:df:53:
ec:88:b3:7e:45:79:81:fa:e9:30:72:8d:ec:5b:a6:97:c3:c1:
30:2d:93:0c:c7:e5:41:f6:19:e5:ab:a5:85:5e:1a:2d:3f:14:
0d:ab:d1:ea:89:5e:54:e9:f3:12:5b:e1:bd:0e:7c:12:68:f9:
6c:ae:52:72:a2:f9:4d:7b:5e:f4:3a:63:31:02:8f:a6:ed:51:
d9:2e:b3:e2:de:b7:1e:a8:57:34:b8:eb:eb:3b:d9:bc:f1:42:
bb:41:97:ff:10:79:00:8f:be:fb:53:8d:72:ad:29:51:bf:b2:
4b:1d:e8:7b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeY3wEPpWj7wss5amLH525qLreIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTIyMTU5NDhaFw0yNTA5MTEyMjA0NDhaMDMxMTAvBgNV
BAMTKDZEMjQ4NjY2RUEwQjdCRDk4NjFGNTU5NUU2RTdBRDI1QUIwNzk3QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjZKyBwvZ3XuYMu9e2nhydSsl2
/vpQjqN1XC23B790MiDqWQJHYAbeNU+rzLoFUfi45fPqqVIDXZ+SpX9+9IdyufkE
QVFJkMsktYInLu4qk488PsfsO/6riqVPxblDzDMB7Yzp6EcOFQkwutVR5Rk4i5X1
QWYbY8OtTLMlHPJ984CwBQKXJOe2aJWhSYbUleqsnm3PCkwn5yTRmcyrLXYi8hjj
SNFWEiu8Wb8Dfpqx5riI/gPejvWGyDkl0JTbXWjqDSf9MEY37FvuFErn4StKUh1L
eVMvVux7gDOlWM4+0wIH9vgbWOyt0QeOJjLqd6rYPCB8qY1yiJAhLoTXnq99AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbSSGZuoLe9mGH1WV5uetJasHl6kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikDANBgkqhkiG9w0BAQsFAAOCAQEAjWHtVByTIpDT0gjsSxr1UfUqRzGj
z+tGXmxlqWResAdwZiFa6d9/lVV8vxSSj/efvDK3Sg5zCeIhQM9MyDnpc14+P3T2
RE6HQcvysLwCmQvZjX7ZT1TYaSZu5alKXzcWS9vXQL+CmIfj5Bgc7M0+RGEiQ18e
w1Dh13dHJliI8voFm0pofNixKpjl0HUzl99T7IizfkV5gfrpMHKN7Fuml8PBMC2T
DMflQfYZ5aulhV4aLT8UDavR6oleVOnzElvhvQ58Emj5bK5ScqL5TXte9DpjMQKP
pu1R2S6z4t63HqhXNLjr6zvZvPFCu0GX/xB5AI+++1ONcq0pUb+ySx3oew==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org