Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131392e302f32342d3332203d3e203531313637.roa
File: 3138352e3232392e3131392e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: l7g+Go+Io/JhNumiOT1trWVwyw9aOw8wVJk7Qe6w1YM=
Subject key identifier: 24:80:44:68:56:E1:0A:8C:E2:DE:69:61:DB:64:E6:5F:41:38:52:F4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7EAB385C8BBCDEA736E20D2E0FEC9B5FE5A40B47
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131392e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:49 +0000
ROA not before: Fri 20 Sep 2024 13:59:49 +0000
ROA not after: Fri 19 Sep 2025 14:04:49 +0000
asID: 51167
IP address blocks: 185.229.119.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ab:38:5c:8b:bc:de:a7:36:e2:0d:2e:0f:ec:9b:5f:e5:a4:0b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:49 2024 GMT
Not After : Sep 19 14:04:49 2025 GMT
Subject: CN=2480446856E10A8CE2DE6961DB64E65F413852F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:22:20:52:7b:50:4a:66:69:e4:b8:0b:04:
ab:0c:70:55:1d:66:1b:37:db:42:b6:1c:a6:af:af:
9e:49:a3:48:02:31:e1:48:a8:5e:85:dd:28:7e:18:
46:32:65:6b:3b:18:16:3b:d6:b8:53:ad:49:ea:4c:
c2:74:52:2d:ea:c7:a3:70:86:c1:f1:ea:1e:b9:c9:
7a:f4:e9:11:66:12:a8:67:e4:b2:d4:dd:25:2d:6c:
b3:f0:02:06:5b:21:ab:0f:2d:53:21:d6:c9:a4:2f:
5f:09:a7:77:fa:56:d8:58:5e:8e:35:85:41:37:7a:
83:14:a9:15:d2:b3:3d:3a:51:4a:5c:7c:a5:3e:52:
46:e1:48:1d:03:1f:5e:2b:c7:ea:87:74:e5:22:a3:
fd:c0:f4:70:a0:b9:ce:0c:f4:6b:38:0f:a6:a0:fc:
ee:8e:aa:ba:51:55:09:c7:5f:2a:e1:49:cb:40:8c:
d8:06:7c:90:0a:2f:a1:a7:b2:c5:00:1a:9f:bd:65:
75:4e:61:dd:2c:fd:05:fd:37:97:f5:84:2b:c6:3e:
7b:f3:58:75:c5:ad:32:43:ba:31:64:ed:dd:4d:e4:
b3:9d:14:71:b9:b5:32:36:ac:62:90:59:7d:7e:63:
8f:37:85:a7:04:33:50:6b:f9:a1:a9:30:90:09:2f:
89:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:80:44:68:56:E1:0A:8C:E2:DE:69:61:DB:64:E6:5F:41:38:52:F4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131392e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8c:57:f7:73:b4:b9:c4:a0:d0:62:1e:e0:a0:8d:7f:d1:d9:
95:c6:38:c8:13:e5:4a:f5:d5:dc:a3:eb:a9:3f:2e:02:6b:a8:
cf:60:7b:fd:e1:54:14:63:76:33:74:5d:0b:43:74:cc:fa:4c:
b2:00:fc:2e:9e:3d:08:05:30:75:76:fd:3e:04:68:f8:fe:31:
d0:5b:f1:b6:39:01:08:48:4e:02:52:85:59:b3:15:30:e2:cf:
2d:c0:a5:e2:30:47:fd:22:0b:45:52:a4:4c:77:ab:81:d7:d7:
1e:59:3a:77:88:f1:c8:67:96:1b:78:7d:46:4f:2a:53:14:a5:
d4:69:bd:8b:ef:2f:87:60:9d:1d:9a:4c:51:cb:f5:f4:ca:e4:
2d:9e:63:ea:a8:37:4a:c7:2d:ab:0c:f8:41:5f:ae:ab:0e:28:
e3:45:c6:74:ac:4a:da:e2:f0:b6:a7:3f:f3:f6:d3:8d:df:c8:
5d:90:66:55:c7:c2:5d:a1:c9:19:56:01:8c:5e:4a:eb:2d:2e:
6f:92:46:92:2b:0e:d4:a6:1c:85:c6:f8:66:79:e4:9c:89:06:
45:63:fb:90:45:b8:03:25:6c:62:0b:04:c4:a3:58:c3:e0:75:
5a:d3:54:17:ba:5f:4d:3e:c7:3d:1d:ac:76:23:84:07:cd:89:
44:4f:13:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfqs4XIu83qc24g0uD+ybX+WkC0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NDlaFw0yNTA5MTkxNDA0NDlaMDMxMTAvBgNV
BAMTKDI0ODA0NDY4NTZFMTBBOENFMkRFNjk2MURCNjRFNjVGNDEzODUyRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLciIgUntQSmZp5LgLBKsMcFUd
Zhs320K2HKavr55Jo0gCMeFIqF6F3Sh+GEYyZWs7GBY71rhTrUnqTMJ0Ui3qx6Nw
hsHx6h65yXr06RFmEqhn5LLU3SUtbLPwAgZbIasPLVMh1smkL18Jp3f6VthYXo41
hUE3eoMUqRXSsz06UUpcfKU+UkbhSB0DH14rx+qHdOUio/3A9HCguc4M9Gs4D6ag
/O6OqrpRVQnHXyrhSctAjNgGfJAKL6GnssUAGp+9ZXVOYd0s/QX9N5f1hCvGPnvz
WHXFrTJDujFk7d1N5LOdFHG5tTI2rGKQWX1+Y483hacEM1Br+aGpMJAJL4nPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJIBEaFbhCozi3mlh22TmX0E4UvQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzkyZTMx
MzEzOTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55XcwDQYJKoZIhvcNAQELBQADggEBAEuMV/dztLnEoNBiHuCgjX/R2ZXGOMgT
5Ur11dyj66k/LgJrqM9ge/3hVBRjdjN0XQtDdMz6TLIA/C6ePQgFMHV2/T4EaPj+
MdBb8bY5AQhITgJShVmzFTDizy3ApeIwR/0iC0VSpEx3q4HX1x5ZOneI8chnlht4
fUZPKlMUpdRpvYvvL4dgnR2aTFHL9fTK5C2eY+qoN0rHLasM+EFfrqsOKONFxnSs
Stri8LanP/P2043fyF2QZlXHwl2hyRlWAYxeSustLm+SRpIrDtSmHIXG+GZ55JyJ
BkVj+5BFuAMlbGILBMSjWMPgdVrTVBe6X00+xz0drHYjhAfNiURPEyQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org