Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135302e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233392e3135302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: hG6KSV+02I24hl73CJzkDRjp98h/bnJvtUacpslNfAY=
Subject key identifier: A2:7A:43:9E:29:11:01:43:25:D0:62:CF:17:98:2D:88:24:70:68:FB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 08D6BD8C59DB27820AEB310422AEE276CFA1D4C2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:39 +0000
ROA not before: Fri 27 Dec 2024 19:39:39 +0000
ROA not after: Fri 26 Dec 2025 19:44:39 +0000
asID: 136787
IP address blocks: 185.239.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:d6:bd:8c:59:db:27:82:0a:eb:31:04:22:ae:e2:76:cf:a1:d4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:39 2024 GMT
Not After : Dec 26 19:44:39 2025 GMT
Subject: CN=A27A439E2911014325D062CF17982D88247068FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:61:67:ca:52:01:3a:d1:b7:3b:56:ea:42:d0:
c9:69:32:af:75:a9:71:2c:b2:5b:9f:43:14:04:b8:
e9:a7:27:2b:72:6c:9e:30:2c:20:78:6c:e4:85:d3:
d1:f5:53:dc:eb:7d:88:23:45:f3:91:77:d4:31:9b:
38:4a:57:1a:d3:14:25:45:8d:2f:00:e3:64:ba:a1:
09:43:8e:13:c1:1b:cd:b2:22:a9:c0:a9:e9:70:be:
a6:d3:4b:18:2b:17:fd:e8:d3:e6:18:05:31:12:51:
95:f2:01:f2:ce:f9:8d:ee:7d:be:0f:ac:ca:00:bb:
a0:e7:89:0e:07:58:98:09:01:5d:21:f1:02:05:4b:
19:a2:8e:eb:00:6e:a4:f3:c5:43:03:d2:4b:5d:e4:
19:f5:6c:70:61:25:f8:99:d6:bc:d6:d5:ec:4d:23:
79:cb:b2:58:9e:f9:37:18:99:13:6b:cc:52:d6:2c:
e5:3e:08:89:d1:c8:1e:2c:5a:96:71:bc:d2:aa:07:
4f:56:f4:5f:f9:aa:02:cb:49:65:ac:0a:e0:9b:3a:
c7:d3:a3:90:cf:ee:2a:8b:14:e2:22:9b:c5:2d:6d:
cb:8b:8d:32:c9:3d:4d:b3:73:6c:92:d4:30:ea:ab:
54:35:a0:e0:65:68:f7:2b:35:bb:49:40:16:a5:59:
5f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7A:43:9E:29:11:01:43:25:D0:62:CF:17:98:2D:88:24:70:68:FB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:94:71:a8:a7:41:df:85:fd:09:7a:0d:d6:9c:1b:09:38:b9:
5d:47:29:75:3b:2b:a5:14:29:d7:40:65:18:1c:8d:29:c3:9e:
72:fc:4d:e6:80:b2:eb:b6:b8:42:95:0c:3f:9a:93:de:e5:0c:
ca:25:9e:e9:e6:bb:66:65:84:9e:52:97:29:26:eb:b7:f8:8f:
74:c7:f2:fc:9d:14:18:40:7f:55:59:09:dc:14:fb:62:5c:b8:
85:a9:53:17:4a:f6:a9:92:14:42:05:b5:23:81:2a:31:1e:0c:
b9:51:c8:fa:e4:28:c1:6c:91:0f:23:f3:bf:ef:9d:4c:34:b2:
f5:c1:5c:5d:b1:47:27:29:20:bc:11:02:c4:ea:ef:89:f1:0e:
95:15:22:9d:1d:c9:c3:fd:47:a0:fe:d4:0d:29:05:11:86:ea:
92:a5:79:94:2c:e8:09:90:ca:22:45:0e:fe:1c:0c:6f:be:dc:
1e:38:22:88:52:4b:22:d0:ad:b9:4a:a7:a8:d9:58:31:87:9b:
c2:eb:ce:37:a3:3a:dd:a0:37:ca:e4:17:eb:6d:77:f8:5c:4e:
a6:ce:8d:e3:b4:90:af:26:12:ea:88:e5:d5:e9:b6:f6:8d:1d:
e2:2c:6f:67:e1:da:a0:52:9b:33:e7:6f:23:a7:9f:76:d5:ff:
2e:71:e0:1b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCNa9jFnbJ4IK6zEEIq7ids+h1MIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5MzlaFw0yNTEyMjYxOTQ0MzlaMDMxMTAvBgNV
BAMTKEEyN0E0MzlFMjkxMTAxNDMyNUQwNjJDRjE3OTgyRDg4MjQ3MDY4RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHYWfKUgE60bc7VupC0MlpMq91
qXEsslufQxQEuOmnJytybJ4wLCB4bOSF09H1U9zrfYgjRfORd9QxmzhKVxrTFCVF
jS8A42S6oQlDjhPBG82yIqnAqelwvqbTSxgrF/3o0+YYBTESUZXyAfLO+Y3ufb4P
rMoAu6DniQ4HWJgJAV0h8QIFSxmijusAbqTzxUMD0ktd5Bn1bHBhJfiZ1rzW1exN
I3nLslie+TcYmRNrzFLWLOU+CInRyB4sWpZxvNKqB09W9F/5qgLLSWWsCuCbOsfT
o5DP7iqLFOIim8UtbcuLjTLJPU2zc2yS1DDqq1Q1oOBlaPcrNbtJQBalWV9FAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUonpDnikRAUMl0GLPF5gtiCRwaPswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMx
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnvljANBgkqhkiG9w0BAQsFAAOCAQEAC5RxqKdB34X9CXoN1pwbCTi5XUcp
dTsrpRQp10BlGByNKcOecvxN5oCy67a4QpUMP5qT3uUMyiWe6ea7ZmWEnlKXKSbr
t/iPdMfy/J0UGEB/VVkJ3BT7Yly4halTF0r2qZIUQgW1I4EqMR4MuVHI+uQowWyR
DyPzv++dTDSy9cFcXbFHJykgvBECxOrvifEOlRUinR3Jw/1HoP7UDSkFEYbqkqV5
lCzoCZDKIkUO/hwMb77cHjgiiFJLItCtuUqnqNlYMYebwuvON6M63aA3yuQX6213
+FxOps6N47SQryYS6ojl1em29o0d4ixvZ+HaoFKbM+dvI6efdtX/LnHgGw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:17:23 2025 by rpki-client