Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233392e3135312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: AGwrriJomhyKvQw8XhEFGKd8T6PoUKZ2A3WwPFDj5bA=
Subject key identifier: 20:C4:A5:93:6D:0A:6D:50:D9:7D:62:17:DC:AE:B7:94:4E:11:7F:14
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 014FF0595E86AFBA1473CA4D6A7F84642E76B474
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:52 +0000
ROA not before: Fri 26 Jan 2024 18:57:52 +0000
ROA not after: Fri 24 Jan 2025 19:02:52 +0000
asID: 136787
IP address blocks: 185.239.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4f:f0:59:5e:86:af:ba:14:73:ca:4d:6a:7f:84:64:2e:76:b4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:52 2024 GMT
Not After : Jan 24 19:02:52 2025 GMT
Subject: CN=20C4A5936D0A6D50D97D6217DCAEB7944E117F14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:93:cf:b4:35:d5:0d:0e:a2:26:7e:03:70:
7b:40:32:b4:e0:5a:b7:ec:04:91:c6:7e:16:67:a1:
df:a3:0c:81:6c:f5:82:7b:a2:28:c0:9e:48:43:54:
0f:64:d6:ad:c6:34:f8:7e:ec:4e:05:6b:16:05:61:
17:0d:6c:d2:6c:40:af:79:3c:8b:d0:7b:5f:22:14:
3f:74:28:c6:0b:b7:5c:25:1d:bb:7d:49:11:7b:4c:
80:16:24:ca:0d:7a:5a:4a:7e:0b:d7:ad:bb:af:05:
8d:d1:af:3c:94:ea:84:d1:ed:4a:a2:03:3d:bd:3a:
79:c9:c8:2d:29:54:6d:09:00:4b:b5:b3:83:a0:11:
90:57:3a:d2:ac:dd:25:bf:26:80:c3:47:52:82:30:
83:dc:9a:f2:41:30:27:12:6a:8c:67:f1:b6:c7:09:
3b:6c:c3:e4:a5:16:32:99:9c:00:eb:94:83:fc:0e:
07:0a:8c:44:36:ef:be:01:bd:4d:ef:3f:ee:38:d3:
0c:f9:df:6b:a4:3c:bd:89:05:c1:72:22:4f:7c:ce:
67:cd:7a:bf:3c:6e:d5:da:48:72:94:58:02:52:71:
d1:c9:30:1e:78:fb:36:ef:57:c3:79:cf:fe:90:29:
ee:54:00:6c:9a:8f:ca:37:78:34:02:9a:4e:04:5f:
5a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C4:A5:93:6D:0A:6D:50:D9:7D:62:17:DC:AE:B7:94:4E:11:7F:14
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3135312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b5:15:57:5b:8b:1b:56:ae:ac:72:90:38:d6:a0:c2:c5:83:
2c:1a:c8:65:f3:93:87:a4:6d:54:e3:0b:8e:9f:64:e0:51:dd:
66:b8:cb:31:a5:11:e2:48:4e:83:cb:1a:74:f0:6a:84:bd:2a:
82:cf:e3:fa:5c:f0:c9:2f:f8:08:d0:92:86:9b:47:b9:ed:fb:
12:98:14:ec:63:51:56:07:0f:92:81:4e:b1:06:6a:80:37:a2:
72:29:de:ca:7f:5c:7e:02:b3:29:92:ff:2c:b9:8c:8a:90:0b:
b9:d5:8e:ce:40:a9:f2:64:63:32:2b:1b:8b:1a:90:70:d7:1b:
e7:6b:c8:82:bc:8f:e0:3f:1b:16:ea:2c:ae:fa:2a:5f:c0:6e:
6a:64:71:f7:ca:99:e9:92:87:07:27:b8:8c:be:0d:f1:6c:1f:
aa:55:a2:60:06:65:78:99:eb:87:6c:2d:05:11:11:d0:28:62:
84:83:1f:a8:80:9b:bb:d6:48:6f:49:98:f2:8a:12:6c:40:8a:
ec:fa:d7:7c:77:b6:3f:b5:46:e3:f6:7b:a5:0d:ec:43:b3:89:
55:01:56:7d:77:d2:5f:47:50:25:67:c9:6e:89:8c:bb:78:98:
d8:57:1f:a7:2c:0e:12:06:96:8f:52:13:ab:36:a5:a4:aa:a6:
24:ce:4c:5c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAU/wWV6Gr7oUc8pNan+EZC52tHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3NTJaFw0yNTAxMjQxOTAyNTJaMDMxMTAvBgNV
BAMTKDIwQzRBNTkzNkQwQTZENTBEOTdENjIxN0RDQUVCNzk0NEUxMTdGMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RpPPtDXVDQ6iJn4DcHtAMrTg
WrfsBJHGfhZnod+jDIFs9YJ7oijAnkhDVA9k1q3GNPh+7E4FaxYFYRcNbNJsQK95
PIvQe18iFD90KMYLt1wlHbt9SRF7TIAWJMoNelpKfgvXrbuvBY3RrzyU6oTR7Uqi
Az29OnnJyC0pVG0JAEu1s4OgEZBXOtKs3SW/JoDDR1KCMIPcmvJBMCcSaoxn8bbH
CTtsw+SlFjKZnADrlIP8DgcKjEQ2774BvU3vP+440wz532ukPL2JBcFyIk98zmfN
er88btXaSHKUWAJScdHJMB54+zbvV8N5z/6QKe5UAGyaj8o3eDQCmk4EX1rpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIMSlk20KbVDZfWIX3K63lE4RfxQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMx
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnvlzANBgkqhkiG9w0BAQsFAAOCAQEAVLUVV1uLG1aurHKQONagwsWDLBrI
ZfOTh6RtVOMLjp9k4FHdZrjLMaUR4khOg8sadPBqhL0qgs/j+lzwyS/4CNCShptH
ue37EpgU7GNRVgcPkoFOsQZqgDeicineyn9cfgKzKZL/LLmMipALudWOzkCp8mRj
MisbixqQcNcb52vIgryP4D8bFuosrvoqX8BuamRx98qZ6ZKHBye4jL4N8WwfqlWi
YAZleJnrh2wtBRER0ChihIMfqICbu9ZIb0mY8ooSbECK7PrXfHe2P7VG4/Z7pQ3s
Q7OJVQFWfXfSX0dQJWfJbomMu3iY2FcfpywOEgaWj1ITqzalpKqmJM5MXA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org