Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
File: 3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: fb++dsowmXqisFQs7RAQbK7gjYPxG34kiFmpcQMENsU=
Subject key identifier: 66:49:D4:71:BE:96:10:41:BA:A2:D0:BC:1D:FF:48:12:91:C7:2C:AF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7F645A1B2F483548C25660E42826E53773319329
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 20 Sep 2024 14:04:54 +0000
ROA not before: Fri 20 Sep 2024 13:59:54 +0000
ROA not after: Fri 19 Sep 2025 14:04:54 +0000
asID: 207137
IP address blocks: 185.234.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:64:5a:1b:2f:48:35:48:c2:56:60:e4:28:26:e5:37:73:31:93:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:54 2024 GMT
Not After : Sep 19 14:04:54 2025 GMT
Subject: CN=6649D471BE961041BAA2D0BC1DFF481291C72CAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6c:ae:8b:4c:e3:d9:a7:ef:d8:3f:ed:97:95:
8a:e6:20:62:95:cf:4b:ea:b9:a1:ef:12:06:bd:a6:
36:17:80:8e:f8:f3:0e:50:15:27:a5:ca:54:90:54:
4e:92:8a:9a:64:30:95:76:b1:8e:28:6e:31:9d:8b:
ce:10:f2:9d:e8:63:c0:b2:d4:cc:f0:2f:03:7b:7b:
eb:cc:7a:3d:17:11:11:17:ce:7c:04:4f:40:e0:94:
0a:09:f8:37:73:b9:42:ee:f4:e0:52:86:71:10:01:
35:7e:32:1c:6a:40:2d:c6:33:59:a4:47:b6:c4:7a:
d3:e4:a6:2c:fc:11:5f:01:ed:11:38:3f:22:dd:dd:
8b:43:b0:a7:5d:ff:67:67:2f:e6:95:d2:e8:af:97:
b3:6e:c6:71:da:96:d4:71:f4:ce:f8:2b:07:e3:f9:
ee:48:41:68:15:08:a1:55:c3:25:6c:fa:4c:c9:0c:
4f:32:1a:02:ba:b6:36:5c:c1:ae:e8:39:b0:37:20:
63:a0:d0:94:97:34:9c:67:8b:a4:d8:1a:b8:47:76:
ca:bd:3c:d6:b5:0b:32:77:b7:34:3a:b0:9b:9e:4a:
78:e0:97:af:c5:34:58:e9:4a:ea:b3:db:58:ef:0a:
75:07:c1:b8:09:4c:70:61:80:2f:ee:6e:f9:8b:e4:
c2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:49:D4:71:BE:96:10:41:BA:A2:D0:BC:1D:FF:48:12:91:C7:2C:AF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e36382e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.68.0/24
Signature Algorithm: sha256WithRSAEncryption
74:6e:c5:72:84:53:81:70:cd:3e:e8:09:94:07:72:20:9d:09:
f3:c7:64:f2:aa:f6:2a:ad:ab:db:a1:d7:09:87:8d:d6:0f:23:
b3:30:eb:25:f5:54:9f:0c:49:82:ee:fb:ef:64:aa:17:9b:c2:
53:d2:e2:f9:9f:1f:09:7c:d4:10:32:c0:3e:1b:57:11:46:6c:
e3:5d:b7:3a:bb:14:bf:cb:ac:0d:fb:c3:39:e3:85:62:4e:11:
c2:f8:75:65:ca:c4:3a:6e:04:83:6a:95:2d:e7:d1:86:db:3f:
c3:1d:fe:7f:e0:86:73:1d:e5:42:cd:72:c5:21:e4:39:5d:b7:
a2:6c:86:db:54:b6:f1:a7:3c:0d:de:94:66:85:bd:a6:4a:96:
11:23:97:d4:58:7b:f5:98:80:6e:6a:15:05:de:16:9d:6e:7b:
5d:89:c7:5d:87:b4:f6:33:38:7e:38:82:31:4e:0e:38:dc:e7:
ae:7a:0d:9f:64:cd:a7:4f:c1:00:4b:08:9f:92:a6:22:3e:b8:
90:f5:dd:1b:54:0e:d6:b7:2e:ee:87:d8:e3:37:55:c0:d6:10:
7a:4c:c0:3a:f9:90:d2:e2:c7:b8:bb:d2:ad:da:ca:f6:f9:9a:
7c:f3:b1:e5:c6:c6:40:84:1d:31:c1:38:7e:ec:7a:d5:a2:06:
b1:45:02:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf2RaGy9INUjCVmDkKCblN3MxkykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTRaFw0yNTA5MTkxNDA0NTRaMDMxMTAvBgNV
BAMTKDY2NDlENDcxQkU5NjEwNDFCQUEyRDBCQzFERkY0ODEyOTFDNzJDQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfbK6LTOPZp+/YP+2XlYrmIGKV
z0vquaHvEga9pjYXgI748w5QFSelylSQVE6SippkMJV2sY4objGdi84Q8p3oY8Cy
1MzwLwN7e+vMej0XEREXznwET0DglAoJ+DdzuULu9OBShnEQATV+MhxqQC3GM1mk
R7bEetPkpiz8EV8B7RE4PyLd3YtDsKdd/2dnL+aV0uivl7NuxnHaltRx9M74Kwfj
+e5IQWgVCKFVwyVs+kzJDE8yGgK6tjZcwa7oObA3IGOg0JSXNJxni6TYGrhHdsq9
PNa1CzJ3tzQ6sJueSnjgl6/FNFjpSuqz21jvCnUHwbgJTHBhgC/ubvmL5MKJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZknUcb6WEEG6otC8Hf9IEpHHLK8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kQwDQYJKoZIhvcNAQELBQADggEBAHRuxXKEU4FwzT7oCZQHciCdCfPHZPKq
9iqtq9uh1wmHjdYPI7Mw6yX1VJ8MSYLu++9kqhebwlPS4vmfHwl81BAywD4bVxFG
bONdtzq7FL/LrA37wznjhWJOEcL4dWXKxDpuBINqlS3n0YbbP8Md/n/ghnMd5ULN
csUh5Dldt6JshttUtvGnPA3elGaFvaZKlhEjl9RYe/WYgG5qFQXeFp1ue12Jx12H
tPYzOH44gjFODjjc5656DZ9kzadPwQBLCJ+SpiI+uJD13RtUDta3Lu6H2OM3VcDW
EHpMwDr5kNLix7i70q3ayvb5mnzzseXGxkCEHTHBOH7setWiBrFFAnI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:39 2025 by rpki-client