Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134362e302f32342d3332203d3e20313336373837.roa
File: 3138352e3232362e3134362e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: a/likbUFM4jtuPYn39svfFKQJYlcKvv8U2OaqlUT2m0=
Subject key identifier: B3:AC:13:87:12:4B:79:F7:A3:30:F2:08:EC:CD:B7:C5:06:CF:6E:63
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E4AE175EBC5087A3FC5D4791ADD1B82CD6C53CA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134362e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:04 +0000
ROA not before: Mon 26 Feb 2024 08:48:04 +0000
ROA not after: Mon 24 Feb 2025 08:53:04 +0000
asID: 136787
IP address blocks: 185.226.146.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:4a:e1:75:eb:c5:08:7a:3f:c5:d4:79:1a:dd:1b:82:cd:6c:53:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:04 2024 GMT
Not After : Feb 24 08:53:04 2025 GMT
Subject: CN=B3AC1387124B79F7A330F208ECCDB7C506CF6E63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:14:f9:f0:90:8a:d5:0c:db:69:0b:84:a5:d5:
e0:46:a0:ae:28:cc:a3:ef:1b:6b:3f:ee:a2:e6:68:
f3:2a:cd:ab:2f:7f:40:f8:6b:9a:d6:b4:35:6b:57:
f2:0b:ff:4f:c5:dd:b2:07:d5:a4:78:67:8d:b9:ed:
3d:14:76:ed:19:40:16:c3:ec:30:d4:73:3b:40:2d:
5e:7b:9c:3e:c5:b2:f8:76:39:cf:28:41:8d:fa:4f:
b4:98:23:0f:c1:1e:f7:80:18:00:09:fb:79:22:17:
72:e9:77:36:67:44:30:13:c7:25:74:d0:ff:7f:e7:
f8:40:6c:72:5e:2f:73:5b:f8:47:6d:f0:14:27:4a:
0e:ae:3c:f2:af:1c:28:e9:1e:ce:0b:2c:dd:1b:05:
f6:a6:d7:0d:6e:08:63:ac:dc:77:28:b9:ff:c0:a8:
8e:37:2b:b6:61:57:1e:61:60:68:20:e2:02:42:a1:
0b:ba:1e:b5:bc:03:ab:91:b4:a3:da:b7:e1:be:b9:
33:f9:64:ab:b1:0b:35:4c:58:03:90:6f:3c:0d:e7:
ca:d3:df:72:35:9f:6c:0f:88:5e:89:2d:f9:61:b2:
fe:c9:71:02:37:1b:49:d4:b3:2b:8a:0c:5f:5d:09:
2a:ba:d5:68:f2:67:4c:94:fd:ee:0a:54:0b:62:78:
a4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AC:13:87:12:4B:79:F7:A3:30:F2:08:EC:CD:B7:C5:06:CF:6E:63
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134362e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.146.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e8:c4:f6:c7:50:b4:7c:9b:38:38:40:df:0c:3d:ba:47:b6:
39:c3:f6:b9:2d:6d:f5:05:74:e8:6c:f0:26:c3:6f:d9:15:61:
ed:62:7a:2f:b9:35:22:f6:7e:96:c7:5b:7f:b5:b7:f3:98:e1:
af:41:0a:1b:e7:8f:a9:09:ca:35:f2:f3:30:ae:ed:1a:ea:2b:
52:48:25:15:71:82:bd:c0:ad:56:6e:85:64:c4:c0:34:a6:28:
97:49:8e:66:4a:33:5d:03:06:ac:24:01:9e:c8:5c:82:07:69:
27:c7:4e:70:2a:79:a6:b2:92:92:58:ea:92:16:f5:d6:17:6e:
7d:22:b5:41:f8:8c:b8:08:f4:e0:6c:df:4e:7f:3d:e9:26:ae:
74:02:28:64:d6:0d:12:3d:b7:4a:fc:d8:8d:7a:5a:f1:dc:9a:
54:8e:1a:ca:e2:ba:46:45:81:72:e0:fb:42:5d:fa:2c:07:fb:
8e:7b:35:e7:0c:00:e7:47:1c:36:67:f5:d0:91:58:b3:18:67:
22:84:e9:10:24:02:e6:9f:71:a7:18:15:37:51:5e:b9:fd:b3:
6f:0f:97:00:45:56:76:a4:ad:bc:6f:f8:67:b6:e4:56:d2:0f:
a6:aa:4a:39:9a:1b:f7:a0:75:d0:6e:63:e3:e3:ff:58:d5:53:
39:e6:fd:82
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHkrhdevFCHo/xdR5Gt0bgs1sU8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDRaFw0yNTAyMjQwODUzMDRaMDMxMTAvBgNV
BAMTKEIzQUMxMzg3MTI0Qjc5RjdBMzMwRjIwOEVDQ0RCN0M1MDZDRjZFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuFPnwkIrVDNtpC4Sl1eBGoK4o
zKPvG2s/7qLmaPMqzasvf0D4a5rWtDVrV/IL/0/F3bIH1aR4Z4257T0Udu0ZQBbD
7DDUcztALV57nD7Fsvh2Oc8oQY36T7SYIw/BHveAGAAJ+3kiF3LpdzZnRDATxyV0
0P9/5/hAbHJeL3Nb+Edt8BQnSg6uPPKvHCjpHs4LLN0bBfam1w1uCGOs3Hcouf/A
qI43K7ZhVx5hYGgg4gJCoQu6HrW8A6uRtKPat+G+uTP5ZKuxCzVMWAOQbzwN58rT
33I1n2wPiF6JLflhsv7JcQI3G0nUsyuKDF9dCSq61WjyZ0yU/e4KVAtieKTXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUs6wThxJLefejMPII7M23xQbPbmMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikjANBgkqhkiG9w0BAQsFAAOCAQEANejE9sdQtHybODhA3ww9uke2OcP2
uS1t9QV06GzwJsNv2RVh7WJ6L7k1IvZ+lsdbf7W385jhr0EKG+ePqQnKNfLzMK7t
GuorUkglFXGCvcCtVm6FZMTANKYol0mOZkozXQMGrCQBnshcggdpJ8dOcCp5prKS
kljqkhb11hdufSK1QfiMuAj04GzfTn896SaudAIoZNYNEj23SvzYjXpa8dyaVI4a
yuK6RkWBcuD7Ql36LAf7jns15wwA50ccNmf10JFYsxhnIoTpECQC5p9xpxgVN1Fe
uf2zbw+XAEVWdqStvG/4Z7bkVtIPpqpKOZob96B10G5j4+P/WNVTOeb9gg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org