Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 8S1qrtSggIUxUiW/kDxSZP/pp8jb0x9YgVxvXo7X4Yg=
Subject key identifier: 66:72:19:A8:B8:04:FC:D2:C8:73:F1:99:BF:77:18:F4:FD:49:38:49
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0C265CF64B395FFF7DAF436E04DB11E90B93EB92
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Sep 2024 22:04:47 +0000
ROA not before: Thu 12 Sep 2024 21:59:47 +0000
ROA not after: Thu 11 Sep 2025 22:04:47 +0000
asID: 136787
IP address blocks: 185.226.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:26:5c:f6:4b:39:5f:ff:7d:af:43:6e:04:db:11:e9:0b:93:eb:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 12 21:59:47 2024 GMT
Not After : Sep 11 22:04:47 2025 GMT
Subject: CN=667219A8B804FCD2C873F199BF7718F4FD493849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d9:b1:3c:e9:c8:01:c3:7d:27:d8:c1:6e:bb:
c6:9d:e5:a6:3c:a8:d1:2b:a4:7b:5b:2f:13:13:c3:
a3:51:e4:40:42:83:f3:9d:3d:46:8b:9f:05:00:6d:
ac:64:fe:e3:1f:63:19:68:28:b2:ca:38:57:1e:05:
b1:ca:b2:10:2a:f7:78:60:d0:d8:aa:33:12:c2:0d:
cb:7c:d1:e6:7b:70:31:d1:44:80:6f:8f:9a:7c:be:
e1:0e:6c:08:df:b4:57:4b:50:3f:69:a1:89:04:da:
4b:0c:92:1d:be:7a:d9:25:b3:8d:00:11:36:39:70:
9d:df:20:00:83:55:63:bf:1a:72:16:7d:1e:96:e7:
24:6a:2f:97:a7:83:6f:bf:a5:67:7e:ee:95:70:9b:
ae:4b:16:ff:c7:19:c8:d8:a6:0b:2f:97:1a:4d:2c:
70:d6:ba:4d:ac:ea:ff:a4:ca:27:fc:d6:1d:4b:17:
df:ac:6f:8f:d8:80:63:a7:c1:88:89:33:e2:b0:a7:
03:b0:d5:3e:a9:db:3d:c0:39:a7:15:35:7b:5b:d1:
6a:dd:4b:c1:a0:f0:2c:75:ed:9d:6f:21:82:84:44:
4b:ef:8c:57:0b:7c:22:9f:01:65:ae:ff:c9:b9:a1:
5c:f8:b6:cb:63:58:b7:92:46:d6:89:c1:f3:27:e1:
8b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:72:19:A8:B8:04:FC:D2:C8:73:F1:99:BF:77:18:F4:FD:49:38:49
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:7e:3d:48:08:90:a5:90:d5:a8:53:ad:a5:48:73:4c:16:b2:
11:f5:28:b0:ea:92:2e:1a:f9:7e:1f:41:38:9e:14:29:c5:d2:
b8:2d:ed:35:d8:09:c6:3d:f4:59:7e:52:c6:a1:c9:a3:11:6b:
31:11:97:82:bb:50:b4:6c:e5:a8:7d:5a:19:f6:ec:63:16:12:
0a:ad:46:5e:01:eb:74:2d:75:4c:51:8d:39:a6:6d:04:fb:1c:
df:4f:1a:12:29:c6:50:b1:09:8e:48:ca:66:26:4b:3a:e5:f3:
74:71:b2:e6:9c:fd:35:91:9c:4b:55:b5:f7:8f:ef:df:35:cb:
7c:d8:62:10:ff:6c:7e:91:00:83:bd:6e:25:2f:c8:f0:e7:46:
3e:c4:5c:94:e8:d8:2f:25:51:cc:e8:0f:5e:61:a8:1d:e7:a6:
89:a9:d1:d6:b2:e8:fc:0d:d4:5e:cb:a0:8a:8b:98:3a:dd:3e:
49:d9:ff:3c:4e:46:78:6b:35:4b:ad:d0:f8:58:5f:e7:ee:de:
6c:f1:29:f7:ba:1f:90:14:7d:48:2d:57:13:4b:4a:bd:9c:c3:
ea:e3:4a:54:39:39:ed:7e:d9:af:1c:90:b7:0f:48:ea:58:ec:
da:e2:31:af:a2:17:3c:05:d9:81:9b:0c:53:25:ab:dc:44:c5:
42:18:f1:14
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDCZc9ks5X/99r0NuBNsR6QuT65IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MTIyMTU5NDdaFw0yNTA5MTEyMjA0NDdaMDMxMTAvBgNV
BAMTKDY2NzIxOUE4QjgwNEZDRDJDODczRjE5OUJGNzcxOEY0RkQ0OTM4NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc2bE86cgBw30n2MFuu8ad5aY8
qNErpHtbLxMTw6NR5EBCg/OdPUaLnwUAbaxk/uMfYxloKLLKOFceBbHKshAq93hg
0NiqMxLCDct80eZ7cDHRRIBvj5p8vuEObAjftFdLUD9poYkE2ksMkh2+etkls40A
ETY5cJ3fIACDVWO/GnIWfR6W5yRqL5eng2+/pWd+7pVwm65LFv/HGcjYpgsvlxpN
LHDWuk2s6v+kyif81h1LF9+sb4/YgGOnwYiJM+KwpwOw1T6p2z3AOacVNXtb0Wrd
S8Gg8Cx17Z1vIYKEREvvjFcLfCKfAWWu/8m5oVz4tstjWLeSRtaJwfMn4YsXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUZnIZqLgE/NLIc/GZv3cY9P1JOEkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikzANBgkqhkiG9w0BAQsFAAOCAQEAbn49SAiQpZDVqFOtpUhzTBayEfUo
sOqSLhr5fh9BOJ4UKcXSuC3tNdgJxj30WX5SxqHJoxFrMRGXgrtQtGzlqH1aGfbs
YxYSCq1GXgHrdC11TFGNOaZtBPsc308aEinGULEJjkjKZiZLOuXzdHGy5pz9NZGc
S1W194/v3zXLfNhiEP9sfpEAg71uJS/I8OdGPsRclOjYLyVRzOgPXmGoHeemianR
1rLo/A3UXsugiouYOt0+Sdn/PE5GeGs1S63Q+Fhf5+7ebPEp97ofkBR9SC1XE0tK
vZzD6uNKVDk57X7ZrxyQtw9I6ljs2uIxr6IXPAXZgZsMUyWr3ETFQhjxFA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:37 2025 by rpki-client