Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
File: 3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: 9A4giIX+ffD8Lc5jWifCkul5YxD5KtzvuWWrsOL48P4=
Subject key identifier: 2E:1C:4C:D4:32:EF:E0:38:FB:A2:63:48:8A:29:DA:45:84:C8:69:BA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11C883AE1E4647B6F61AFDBB7A500B0D3C99D562
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
Signing time: Fri 20 Sep 2024 14:04:55 +0000
ROA not before: Fri 20 Sep 2024 13:59:55 +0000
ROA not after: Fri 19 Sep 2025 14:04:55 +0000
asID: 47583
IP address blocks: 185.239.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c8:83:ae:1e:46:47:b6:f6:1a:fd:bb:7a:50:0b:0d:3c:99:d5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:55 2024 GMT
Not After : Sep 19 14:04:55 2025 GMT
Subject: CN=2E1C4CD432EFE038FBA263488A29DA4584C869BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:f7:73:17:a1:c4:3e:5e:35:30:30:1f:1a:
13:f7:e8:d4:77:7b:18:5d:2c:a6:0d:11:db:2a:00:
d7:77:50:09:00:c0:8b:ef:aa:f3:53:0f:10:9a:d8:
34:2b:5d:1a:11:bd:29:b4:61:2a:1d:ef:33:f4:3b:
97:63:39:26:a2:ea:cc:82:30:45:5a:2b:ec:e6:66:
3d:c6:22:91:03:ef:8f:8b:06:d2:1d:7a:ed:20:4a:
31:23:7a:ce:8a:08:15:a1:bb:42:48:54:3e:f4:f3:
75:1a:e8:06:fa:f6:b3:63:0b:28:f7:56:80:d0:3d:
76:49:37:d1:55:c1:d8:7c:6d:ab:bc:20:f9:3a:b8:
63:1e:80:ca:9d:18:1c:2b:60:1a:a5:91:91:ac:a0:
a9:fe:d3:fb:cd:ed:fd:88:32:69:4a:7a:4d:27:c8:
71:00:90:6b:26:80:b7:2e:73:60:ae:0c:52:90:e1:
55:dd:9c:d3:b4:ce:6a:ce:72:16:10:d7:be:6e:cf:
cf:32:d7:00:c3:a3:11:ce:9a:97:fe:83:ca:d8:57:
62:32:a6:12:2d:f9:ac:72:11:e0:cc:fc:82:d5:02:
14:a8:b6:c1:73:db:06:f0:05:14:21:f0:54:fd:a3:
b0:51:11:2a:9c:c8:e6:d0:d1:41:6a:05:40:64:62:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1C:4C:D4:32:EF:E0:38:FB:A2:63:48:8A:29:DA:45:84:C8:69:BA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231302e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.210.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b9:f3:a1:37:a3:1e:31:48:3c:bb:39:13:93:a5:d8:cb:81:
01:a1:8e:07:8b:ff:84:42:35:fe:9a:66:47:4e:c1:6f:ea:78:
93:77:1c:b1:cb:12:48:34:be:4c:04:03:9e:31:02:dc:9a:fa:
62:16:42:16:c6:5e:c5:d8:04:17:34:87:57:87:94:ac:80:fd:
5f:f1:4e:3b:5c:93:19:be:ad:3e:61:19:c9:9f:6e:33:64:d1:
10:c1:54:ac:b3:cb:3d:f2:de:2f:80:16:2d:fe:40:f9:97:44:
83:c0:5e:92:fe:ce:67:91:ad:60:d4:75:b4:85:95:ec:34:2c:
12:4f:d3:d3:3e:36:fd:c7:1a:a5:a1:0d:de:48:9f:2d:de:76:
a4:7d:70:ba:c8:c5:fe:73:86:38:79:1e:86:50:7b:32:68:bc:
4d:d3:90:75:cf:ee:5a:e2:e0:cb:0f:d6:b6:c4:2d:83:68:a9:
0a:e9:0f:98:34:4f:50:17:ef:b6:7f:04:3a:92:b9:63:da:2c:
e9:5d:63:40:94:a8:b0:ad:7f:7a:1e:54:d1:e8:6c:30:b6:c2:
7f:54:ee:4e:35:31:26:ca:62:be:3f:f5:f3:dd:54:02:f8:7c:
e1:de:3d:09:33:80:eb:90:2e:88:38:ec:3f:fe:6b:c0:59:5d:
9a:95:6e:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEciDrh5GR7b2Gv27elALDTyZ1WIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTVaFw0yNTA5MTkxNDA0NTVaMDMxMTAvBgNV
BAMTKDJFMUM0Q0Q0MzJFRkUwMzhGQkEyNjM0ODhBMjlEQTQ1ODRDODY5QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3DPdzF6HEPl41MDAfGhP36NR3
exhdLKYNEdsqANd3UAkAwIvvqvNTDxCa2DQrXRoRvSm0YSod7zP0O5djOSai6syC
MEVaK+zmZj3GIpED74+LBtIdeu0gSjEjes6KCBWhu0JIVD7083Ua6Ab69rNjCyj3
VoDQPXZJN9FVwdh8bau8IPk6uGMegMqdGBwrYBqlkZGsoKn+0/vN7f2IMmlKek0n
yHEAkGsmgLcuc2CuDFKQ4VXdnNO0zmrOchYQ175uz88y1wDDoxHOmpf+g8rYV2Iy
phIt+axyEeDM/ILVAhSotsFz2wbwBRQh8FT9o7BRESqcyObQ0UFqBUBkYnXpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULhxM1DLv4Dj7omNIiinaRYTIabowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC579IwDQYJKoZIhvcNAQELBQADggEBAEm586E3ox4xSDy7OROTpdjLgQGhjgeL
/4RCNf6aZkdOwW/qeJN3HLHLEkg0vkwEA54xAtya+mIWQhbGXsXYBBc0h1eHlKyA
/V/xTjtckxm+rT5hGcmfbjNk0RDBVKyzyz3y3i+AFi3+QPmXRIPAXpL+zmeRrWDU
dbSFlew0LBJP09M+Nv3HGqWhDd5Iny3edqR9cLrIxf5zhjh5HoZQezJovE3TkHXP
7lri4MsP1rbELYNoqQrpD5g0T1AX77Z/BDqSuWPaLOldY0CUqLCtf3oeVNHobDC2
wn9U7k41MSbKYr4/9fPdVAL4fOHePQkzgOuQLog47D/+a8BZXZqVbkw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org