Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GutaKZvJXc7GpnkNIKlNkqCs4JxUW8lV/R6nKTzY59w=
Subject key identifier: 4F:87:01:67:33:CE:08:F2:39:5B:4C:98:25:F1:13:F9:75:A2:36:D0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 07286A0C6F0E2EB1C11DEB38C7C348D08D8F015F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 23 Jul 2024 21:04:22 +0000
ROA not before: Tue 23 Jul 2024 20:59:22 +0000
ROA not after: Tue 22 Jul 2025 21:04:22 +0000
asID: 136787
IP address blocks: 185.228.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:28:6a:0c:6f:0e:2e:b1:c1:1d:eb:38:c7:c3:48:d0:8d:8f:01:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 20:59:22 2024 GMT
Not After : Jul 22 21:04:22 2025 GMT
Subject: CN=4F87016733CE08F2395B4C9825F113F975A236D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:74:39:ec:f2:5b:ca:1d:38:fd:a6:85:09:c7:
7c:bf:6e:02:1f:71:a6:ed:cb:9a:98:97:79:6c:88:
6a:4f:17:db:df:1d:f5:1c:6c:3a:a4:ed:0b:6a:59:
0d:f3:45:1d:79:1d:16:d4:61:e4:88:90:23:df:f4:
fe:50:61:61:6a:d0:9c:c0:9e:50:b2:38:06:fe:80:
80:3b:4d:e6:3a:84:5b:1c:ff:6d:62:93:30:2d:d5:
99:da:65:f5:d1:b4:ff:6d:de:ba:fd:f0:2f:c5:ea:
50:ce:f8:ba:72:fa:2c:1e:30:26:f8:b7:66:25:4d:
5a:3b:93:2b:56:97:0d:2a:1f:ef:a8:ff:3f:3d:6a:
77:e5:77:f4:35:6c:77:96:07:11:33:1b:33:5c:8d:
f0:f1:2b:db:05:68:60:a9:79:2b:6f:ae:ee:31:93:
c6:ad:81:2f:08:37:e5:58:1c:df:a2:f7:cf:12:b3:
48:a4:87:d0:15:89:26:22:aa:90:c0:05:5f:71:fc:
42:43:a2:21:f8:bb:61:b4:39:4f:c6:75:ec:af:16:
d3:14:05:00:51:1f:e3:de:b9:ee:83:46:93:0a:15:
d4:03:d6:7a:b2:a3:f2:51:b6:7a:f4:7a:9e:98:15:
57:03:cf:2c:83:bd:f9:11:2f:28:c5:03:48:3b:4b:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:87:01:67:33:CE:08:F2:39:5B:4C:98:25:F1:13:F9:75:A2:36:D0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.19.0/24
Signature Algorithm: sha256WithRSAEncryption
36:75:7d:0e:c2:65:77:55:81:23:d9:b2:4a:e6:dd:a9:9c:0e:
dd:9e:cb:b7:b2:f4:8c:26:3e:23:78:78:34:16:a0:e2:39:ea:
e7:99:04:23:82:9d:50:7e:df:6f:5f:93:84:e0:51:6d:84:55:
c4:10:a6:e5:4b:91:28:8b:cb:6f:1a:bf:d7:44:74:75:e3:9d:
27:0c:22:97:76:dd:f5:1d:6c:13:fb:55:d4:af:20:a4:de:a5:
56:3f:57:d0:71:33:e3:de:3f:ab:e8:5a:bb:8c:5e:07:38:c5:
12:e8:b2:95:d9:37:7e:5d:9b:fe:a3:c6:83:8e:75:31:6e:86:
26:ca:26:7d:4c:dc:4a:19:a2:8d:ce:73:78:90:19:30:b6:14:
92:c0:3b:bb:67:8c:fd:67:31:10:ba:a0:5f:94:b7:cb:e2:16:
f8:0b:1b:2e:31:bb:94:20:72:8e:5e:5f:15:d4:3d:9f:ba:f7:
24:cd:84:09:df:f3:c6:75:37:09:ee:b7:c6:b6:1c:87:d9:dc:
36:1a:6c:d3:38:a2:81:81:c7:23:eb:b7:53:a2:0a:30:6a:d2:
b1:f4:76:83:82:b8:ad:5a:42:48:df:12:6c:2a:97:d0:45:42:
cb:99:d8:a0:0e:a2:20:fb:07:0a:e3:ab:42:65:5f:1a:cb:5e:
cc:35:05:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUByhqDG8OLrHBHes4x8NI0I2PAV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MjMyMDU5MjJaFw0yNTA3MjIyMTA0MjJaMDMxMTAvBgNV
BAMTKDRGODcwMTY3MzNDRTA4RjIzOTVCNEM5ODI1RjExM0Y5NzVBMjM2RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBdDns8lvKHTj9poUJx3y/bgIf
cabty5qYl3lsiGpPF9vfHfUcbDqk7QtqWQ3zRR15HRbUYeSIkCPf9P5QYWFq0JzA
nlCyOAb+gIA7TeY6hFsc/21ikzAt1ZnaZfXRtP9t3rr98C/F6lDO+Lpy+iweMCb4
t2YlTVo7kytWlw0qH++o/z89anfld/Q1bHeWBxEzGzNcjfDxK9sFaGCpeStvru4x
k8atgS8IN+VYHN+i988Ss0ikh9AViSYiqpDABV9x/EJDoiH4u2G0OU/GdeyvFtMU
BQBRH+Peue6DRpMKFdQD1nqyo/JRtnr0ep6YFVcDzyyDvfkRLyjFA0g7SxelAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUT4cBZzPOCPI5W0yYJfET+XWiNtAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzgyZTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55BMwDQYJKoZIhvcNAQELBQADggEBADZ1fQ7CZXdVgSPZskrm3amcDt2ey7ey
9IwmPiN4eDQWoOI56ueZBCOCnVB+329fk4TgUW2EVcQQpuVLkSiLy28av9dEdHXj
nScMIpd23fUdbBP7VdSvIKTepVY/V9BxM+PeP6voWruMXgc4xRLospXZN35dm/6j
xoOOdTFuhibKJn1M3EoZoo3Oc3iQGTC2FJLAO7tnjP1nMRC6oF+Ut8viFvgLGy4x
u5Qgco5eXxXUPZ+69yTNhAnf88Z1Nwnut8a2HIfZ3DYabNM4ooGBxyPrt1OiCjBq
0rH0doOCuK1aQkjfEmwql9BFQsuZ2KAOoiD7Bwrjq0JlXxrLXsw1BbM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org