Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jB2IBsQsAlsxf5iKfHDlqKmpwn0bJieu6lbgQgHHfzY=
Subject key identifier: 18:4F:F0:C1:FE:FF:33:B9:D3:91:FC:F1:E2:87:A6:1B:3B:CF:09:DC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3680558BE8CBB484F07EA0F093A71D67B72E0B58
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:39 +0000
ROA not before: Fri 27 Dec 2024 19:39:39 +0000
ROA not after: Fri 26 Dec 2025 19:44:39 +0000
asID: 136787
IP address blocks: 185.239.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:80:55:8b:e8:cb:b4:84:f0:7e:a0:f0:93:a7:1d:67:b7:2e:0b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:39 2024 GMT
Not After : Dec 26 19:44:39 2025 GMT
Subject: CN=184FF0C1FEFF33B9D391FCF1E287A61B3BCF09DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5f:2b:f7:e2:76:61:22:33:4a:1f:5b:d3:1f:
0d:be:9a:72:6b:d1:2b:ab:12:b0:cc:70:a2:e1:c9:
c3:bb:8c:a1:eb:a5:59:b1:91:ae:47:8b:cb:16:09:
a2:e5:1d:43:dd:e0:e9:cc:21:12:9b:0d:80:0c:0a:
42:e6:bc:ae:dc:55:e7:54:0c:7c:b1:5c:f2:ed:42:
ef:7b:65:6e:03:dc:d9:5f:41:00:97:f1:89:1a:5f:
a2:bc:07:35:6e:c4:c6:9a:3c:c1:a4:91:aa:c2:65:
0f:1c:cb:ec:ea:e2:66:27:a4:12:0c:aa:cb:49:4a:
e1:60:47:34:84:c8:c7:9b:54:78:5b:74:e5:72:bb:
45:2b:e6:8f:9c:4b:35:b2:de:a4:4a:8e:c3:a4:f7:
c5:e7:60:b5:c4:0b:db:87:e3:7e:42:67:d5:f9:31:
60:79:00:3d:8e:e5:df:b3:31:99:0f:d6:45:44:0b:
b0:76:bb:88:55:13:5b:ef:90:67:23:e8:12:78:51:
a2:1c:47:92:bb:56:61:b3:a6:99:ca:52:f1:e4:4c:
cb:c5:d9:b5:86:bb:ae:b3:3c:22:d4:7d:ce:4d:6c:
28:6a:0e:13:d1:f4:66:18:33:e8:46:91:5e:54:b6:
69:2f:63:b6:b7:17:43:f8:ad:f1:4c:bc:cc:88:75:
3e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4F:F0:C1:FE:FF:33:B9:D3:91:FC:F1:E2:87:A6:1B:3B:CF:09:DC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.148.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8f:43:24:b8:15:91:76:7b:de:41:43:bd:b9:48:4b:eb:3b:
ad:75:4b:0c:4b:5f:31:92:89:10:b6:8f:96:65:30:b9:ca:e0:
34:e7:a8:61:16:3b:1e:a6:75:a3:17:b5:c3:4f:04:1e:b5:aa:
dd:8e:06:8f:f1:41:93:09:b5:46:6a:9c:7a:59:97:a1:08:89:
66:0e:b9:0b:25:5e:1b:51:71:eb:a1:0a:bd:25:71:26:2e:86:
d5:c8:33:02:f1:66:9f:0b:35:4d:57:36:5d:72:50:e7:02:e3:
6a:0a:d0:54:47:8d:f2:0c:87:ff:7b:29:83:ab:13:09:50:18:
4e:f2:97:58:77:8f:b1:58:86:b5:c3:4f:90:a7:d1:bb:25:f8:
28:b8:7b:8e:ce:31:03:15:15:46:5a:6d:3a:0d:c9:1d:18:ce:
05:ca:6a:86:84:d9:b6:15:f4:36:f6:9b:0f:45:f1:91:a5:de:
c1:b5:9f:20:7c:aa:36:94:b3:97:41:b4:f7:e9:69:0e:30:af:
67:c1:3b:4b:a5:ec:32:1f:b9:a4:14:69:c4:08:f2:d1:00:c1:
56:bd:30:07:35:cc:fa:7e:7d:7b:17:b7:c6:ee:39:ee:52:9f:
9f:50:c0:73:c5:94:90:28:2e:8c:c3:d4:d7:bb:c5:a7:7c:c1:
7b:21:a6:58
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNoBVi+jLtITwfqDwk6cdZ7cuC1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzlaFw0yNTEyMjYxOTQ0MzlaMDMxMTAvBgNV
BAMTKDE4NEZGMEMxRkVGRjMzQjlEMzkxRkNGMUUyODdBNjFCM0JDRjA5REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbXyv34nZhIjNKH1vTHw2+mnJr
0SurErDMcKLhycO7jKHrpVmxka5Hi8sWCaLlHUPd4OnMIRKbDYAMCkLmvK7cVedU
DHyxXPLtQu97ZW4D3NlfQQCX8YkaX6K8BzVuxMaaPMGkkarCZQ8cy+zq4mYnpBIM
qstJSuFgRzSEyMebVHhbdOVyu0Ur5o+cSzWy3qRKjsOk98XnYLXEC9uH435CZ9X5
MWB5AD2O5d+zMZkP1kVEC7B2u4hVE1vvkGcj6BJ4UaIcR5K7VmGzppnKUvHkTMvF
2bWGu66zPCLUfc5NbChqDhPR9GYYM+hGkV5UtmkvY7a3F0P4rfFMvMyIdT7RAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGE/wwf7/M7nTkfzx4oemGzvPCdwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnvlDANBgkqhkiG9w0BAQsFAAOCAQEABY9DJLgVkXZ73kFDvblIS+s7rXVL
DEtfMZKJELaPlmUwucrgNOeoYRY7HqZ1oxe1w08EHrWq3Y4Gj/FBkwm1RmqcelmX
oQiJZg65CyVeG1Fx66EKvSVxJi6G1cgzAvFmnws1TVc2XXJQ5wLjagrQVEeN8gyH
/3spg6sTCVAYTvKXWHePsViGtcNPkKfRuyX4KLh7js4xAxUVRlptOg3JHRjOBcpq
hoTZthX0NvabD0XxkaXewbWfIHyqNpSzl0G09+lpDjCvZ8E7S6XsMh+5pBRpxAjy
0QDBVr0wBzXM+n59exe3xu457lKfn1DAc8WUkCgujMPU17vFp3zBeyGmWA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:19:55 2025 by rpki-client