Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Hq2wEQlY+cs0oCxak8l8Lzj5/fwON1JD01TqL4LrZdU=
Subject key identifier: 0E:8A:39:21:28:BC:B5:35:28:06:3F:66:97:B1:65:67:3F:E7:E2:61
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F97176733D7D27964B42BFB18E8225B69FDF651
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 136787
IP address blocks: 185.237.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:97:17:67:33:d7:d2:79:64:b4:2b:fb:18:e8:22:5b:69:fd:f6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=0E8A392128BCB53528063F6697B165673FE7E261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:8d:0c:f4:0c:d2:52:3e:cc:09:c8:61:d6:
f3:2e:58:25:d3:5c:ba:70:e5:0c:10:70:78:7b:cf:
27:65:c3:b0:37:e5:05:d3:1d:9e:ae:eb:ef:c6:ea:
21:47:7a:7f:64:d5:0f:00:36:22:0a:ac:ca:f3:60:
ea:cc:9a:a8:fc:9a:d3:7f:47:30:88:6e:56:c9:9b:
70:5a:14:20:67:1d:03:09:2d:dd:5d:8e:01:2b:3f:
c2:59:97:54:d4:e8:c2:4b:27:90:31:22:24:26:3a:
3d:7a:27:69:ef:55:6a:8e:0b:cf:94:9f:2f:4a:30:
0e:79:f9:42:57:d4:ee:87:54:3f:7d:92:db:54:41:
62:37:67:f6:63:43:04:bf:3e:be:ab:76:65:1e:02:
f9:6b:d1:6e:8a:3f:f4:7f:b0:55:8b:1d:58:6c:bd:
42:f8:41:aa:ea:ef:5d:aa:90:06:bc:1b:08:2c:b4:
12:58:7b:b5:a8:11:9c:82:a6:e5:5f:7a:ea:16:da:
fb:fa:b8:71:51:b9:8f:f5:69:c3:5a:e7:e6:23:97:
39:ec:9b:da:29:2d:94:4b:2e:d2:5a:16:6e:55:55:
2f:4b:0e:ee:bc:88:3b:f9:70:0d:95:b7:70:8d:84:
fa:5d:af:ab:a3:6a:5f:bc:9c:58:e6:84:9e:28:f6:
76:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8A:39:21:28:BC:B5:35:28:06:3F:66:97:B1:65:67:3F:E7:E2:61
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:30:15:a4:f7:2c:fe:93:a8:89:7f:81:34:e5:4b:99:be:c5:
0f:ba:c9:47:16:75:21:c7:03:6e:19:fb:83:91:23:2c:ba:73:
a2:1b:04:42:03:11:75:f9:49:57:ad:39:23:f2:cc:51:5c:67:
4e:72:71:aa:b9:9a:5a:75:f5:f1:0b:4a:ba:c5:f4:43:56:9c:
fe:9b:7d:40:15:fd:40:11:a7:c3:8f:40:6e:0c:cb:1e:be:6d:
3b:7c:46:f1:a7:86:40:55:9f:48:d7:2f:32:f7:9f:17:bd:10:
6b:22:ff:4a:1e:1a:f0:bb:05:40:ce:bb:65:f8:f1:fa:e9:ae:
56:cc:93:87:c5:e8:a5:fb:4f:9f:28:01:b6:72:38:ba:58:db:
df:21:c3:07:a3:4f:da:8d:b8:9f:71:9e:5a:04:b5:32:2e:30:
9c:4c:6b:9a:88:e5:a5:7c:5a:d6:33:dd:fc:41:8e:f8:bc:57:
b6:ac:46:db:22:c1:35:09:f3:68:4b:71:d8:78:f6:db:7d:e1:
36:36:a1:1d:f7:d4:f5:57:35:76:82:34:79:71:f8:6a:d6:8e:
9a:f4:fb:4d:42:b4:1e:c9:52:34:e9:16:3e:07:58:2d:3a:85:
a0:f1:78:ac:0f:88:bc:c4:e9:46:8f:a6:72:86:80:4d:64:25:
3f:e7:56:3a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUL5cXZzPX0nlktCv7GOgiW2n99lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKDBFOEEzOTIxMjhCQ0I1MzUyODA2M0Y2Njk3QjE2NTY3M0ZFN0UyNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7SY0M9AzSUj7MCchh1vMuWCXT
XLpw5QwQcHh7zydlw7A35QXTHZ6u6+/G6iFHen9k1Q8ANiIKrMrzYOrMmqj8mtN/
RzCIblbJm3BaFCBnHQMJLd1djgErP8JZl1TU6MJLJ5AxIiQmOj16J2nvVWqOC8+U
ny9KMA55+UJX1O6HVD99kttUQWI3Z/ZjQwS/Pr6rdmUeAvlr0W6KP/R/sFWLHVhs
vUL4Qarq712qkAa8GwgstBJYe7WoEZyCpuVfeuoW2vv6uHFRuY/1acNa5+Yjlzns
m9opLZRLLtJaFm5VVS9LDu68iDv5cA2Vt3CNhPpdr6ujal+8nFjmhJ4o9nanAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDoo5ISi8tTUoBj9ml7FlZz/n4mEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzcyZTMy
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnt/jANBgkqhkiG9w0BAQsFAAOCAQEAojAVpPcs/pOoiX+BNOVLmb7FD7rJ
RxZ1IccDbhn7g5EjLLpzohsEQgMRdflJV605I/LMUVxnTnJxqrmaWnX18QtKusX0
Q1ac/pt9QBX9QBGnw49AbgzLHr5tO3xG8aeGQFWfSNcvMvefF70QayL/Sh4a8LsF
QM67Zfjx+umuVsyTh8XopftPnygBtnI4uljb3yHDB6NP2o24n3GeWgS1Mi4wnExr
mojlpXxa1jPd/EGO+LxXtqxG2yLBNQnzaEtx2Hj2233hNjahHffU9Vc1doI0eXH4
ataOmvT7TUK0HslSNOkWPgdYLTqFoPF4rA+IvMTpRo+mcoaATWQlP+dWOg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org