Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: VfsSMOyeBpVtiT4xgBR0AdxnJAbs2m5zVfka8FSwXWA=
Subject key identifier: 22:0C:2B:8F:7F:EC:EF:9C:A1:76:26:DF:F2:3F:BE:53:D4:FF:18:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 310C1BF37CA45CD74F012E98316F5BED9C360E6E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:42 +0000
ROA not before: Fri 27 Dec 2024 19:39:42 +0000
ROA not after: Fri 26 Dec 2025 19:44:42 +0000
asID: 136787
IP address blocks: 185.227.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:0c:1b:f3:7c:a4:5c:d7:4f:01:2e:98:31:6f:5b:ed:9c:36:0e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:42 2024 GMT
Not After : Dec 26 19:44:42 2025 GMT
Subject: CN=220C2B8F7FECEF9CA17626DFF23FBE53D4FF18F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:4e:99:2c:64:79:2f:20:7f:93:0d:91:26:
d5:42:2c:74:c7:af:42:d2:5a:9a:b5:89:e8:c3:5e:
7f:3e:4b:e9:ba:53:96:dc:a1:ac:47:41:09:ce:f2:
5c:8d:d9:ff:cd:b9:b4:35:09:2e:8c:9f:e9:49:ce:
aa:6a:04:bf:6a:4c:15:dd:a6:25:a9:4c:8c:fe:a7:
c7:75:a0:d6:4a:83:7e:a3:70:c4:18:bb:2a:51:81:
3c:d6:f3:58:c3:e9:74:6a:7d:ee:41:cb:b4:bd:b3:
af:9b:3b:ee:09:c2:99:55:9d:53:23:ce:df:3f:4e:
dc:31:b0:e7:b7:bb:13:0b:24:07:17:c2:ab:ea:56:
1e:41:24:86:98:af:b0:bf:30:7f:4e:b3:b4:0e:43:
92:01:49:c8:cc:8f:a0:f6:dd:34:9b:4b:8b:58:ff:
d9:9c:f5:04:8a:3c:f8:c6:e2:3b:d4:04:87:58:c2:
50:45:28:92:2b:25:60:f1:f6:59:a4:42:99:b0:50:
f5:4a:fc:d9:4c:d0:40:1c:6f:44:dc:14:69:8e:b8:
16:61:b7:d9:c5:1e:fb:e7:56:df:f3:5d:1e:54:2d:
e9:d0:b2:e1:fe:e5:f6:56:50:3d:4e:d3:bd:5d:9d:
ca:54:85:5c:e7:94:76:3d:93:ae:30:f7:7e:e2:cf:
db:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0C:2B:8F:7F:EC:EF:9C:A1:76:26:DF:F2:3F:BE:53:D4:FF:18:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.132.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b9:23:c3:d7:29:0d:b6:32:c0:c5:99:65:31:bc:50:a9:e7:
70:ac:24:50:98:9a:7e:ed:07:1d:02:f1:97:91:25:62:04:c9:
65:de:4c:d3:69:e7:a6:bd:af:da:70:90:68:01:b5:1d:b8:80:
44:49:9f:3f:a0:0b:b2:cc:ad:bd:a5:d0:ae:64:ad:60:cc:95:
74:12:da:3f:1c:57:3e:d4:fd:e6:02:62:f5:b4:29:d4:23:70:
70:53:52:43:8b:08:70:f4:11:ba:51:18:b4:38:50:57:75:af:
7c:7a:11:8e:da:49:fe:49:d6:9f:fc:dd:47:e7:22:5c:ec:af:
cf:28:ea:99:21:c4:e3:29:ec:78:75:a7:2a:4b:62:d1:c3:92:
f7:53:ea:7d:5f:79:1a:56:ab:40:c2:05:02:51:5e:d9:f6:b2:
ab:82:52:94:ca:ee:1e:78:90:c8:84:25:ce:57:18:90:e4:f1:
4f:19:ec:8f:4d:53:0c:cc:11:9c:d3:ff:b7:c6:e1:7d:d6:77:
97:75:9f:f5:51:74:e4:66:e9:59:da:b6:db:8d:4f:d7:56:3a:
48:10:6f:ca:a7:0e:36:b4:5d:b5:4c:18:53:43:73:ae:3b:57:
28:69:09:03:1e:0d:54:c6:42:31:3d:8c:60:5e:77:66:9e:84:
29:ca:e6:c0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMQwb83ykXNdPAS6YMW9b7Zw2Dm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5NDJaFw0yNTEyMjYxOTQ0NDJaMDMxMTAvBgNV
BAMTKDIyMEMyQjhGN0ZFQ0VGOUNBMTc2MjZERkYyM0ZCRTUzRDRGRjE4RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0G06ZLGR5LyB/kw2RJtVCLHTH
r0LSWpq1iejDXn8+S+m6U5bcoaxHQQnO8lyN2f/NubQ1CS6Mn+lJzqpqBL9qTBXd
piWpTIz+p8d1oNZKg36jcMQYuypRgTzW81jD6XRqfe5By7S9s6+bO+4JwplVnVMj
zt8/TtwxsOe3uxMLJAcXwqvqVh5BJIaYr7C/MH9Os7QOQ5IBScjMj6D23TSbS4tY
/9mc9QSKPPjG4jvUBIdYwlBFKJIrJWDx9lmkQpmwUPVK/NlM0EAcb0TcFGmOuBZh
t9nFHvvnVt/zXR5ULenQsuH+5fZWUD1O071dncpUhVznlHY9k64w937iz9sTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIgwrj3/s75yhdibf8j++U9T/GPYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzcyZTMx
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnjhDANBgkqhkiG9w0BAQsFAAOCAQEAALkjw9cpDbYywMWZZTG8UKnncKwk
UJiafu0HHQLxl5ElYgTJZd5M02nnpr2v2nCQaAG1HbiAREmfP6ALssytvaXQrmSt
YMyVdBLaPxxXPtT95gJi9bQp1CNwcFNSQ4sIcPQRulEYtDhQV3WvfHoRjtpJ/knW
n/zdR+ciXOyvzyjqmSHE4ynseHWnKkti0cOS91PqfV95GlarQMIFAlFe2fayq4JS
lMruHniQyIQlzlcYkOTxTxnsj01TDMwRnNP/t8bhfdZ3l3Wf9VF05GbpWdq2241P
11Y6SBBvyqcONrRdtUwYU0NzrjtXKGkJAx4NVMZCMT2MYF53Zp6EKcrmwA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:43 2025 by rpki-client