Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20383334.roa
File: 3138352e3234312e3134382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: P809fH58zXJTDwCvFPb8/Uu7GYco8pitG6nvTm1RF8A=
Subject key identifier: 1D:80:60:2C:D1:F5:0C:D7:7B:DC:D6:E6:59:68:88:53:A8:DB:1B:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 46D3B0E5DFA02E23647C9B3DC8B5E737A1C087E4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20383334.roa
Signing time: Fri 15 Mar 2024 09:08:32 +0000
ROA not before: Fri 15 Mar 2024 09:03:32 +0000
ROA not after: Fri 14 Mar 2025 09:08:32 +0000
asID: 834
IP address blocks: 185.241.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:d3:b0:e5:df:a0:2e:23:64:7c:9b:3d:c8:b5:e7:37:a1:c0:87:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 09:03:32 2024 GMT
Not After : Mar 14 09:08:32 2025 GMT
Subject: CN=1D80602CD1F50CD77BDCD6E659688853A8DB1BB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:24:59:4f:47:b1:74:e4:9e:d8:78:53:df:59:
15:1a:0d:80:08:d3:a6:3f:ac:f3:e5:a3:13:6f:c7:
cd:71:00:b4:40:b1:e1:4c:50:2f:c1:c6:23:8c:e8:
8f:3c:5b:47:21:8f:84:77:a4:ca:de:1f:46:5f:9f:
d9:c1:18:6d:b1:18:fe:9f:5d:0b:a4:93:b9:1b:f9:
e5:5f:ca:62:04:88:c1:f9:a7:fb:86:30:25:14:a1:
7a:67:16:63:85:51:8e:6b:e9:37:b6:f9:bb:15:b7:
1c:94:ca:ca:81:51:0f:e9:09:99:75:f1:77:86:38:
4b:7b:ba:8c:32:f8:b4:1d:a5:d9:3e:14:1c:09:66:
e3:db:0e:f8:a5:c4:ca:2a:29:a6:42:48:90:5a:7f:
fa:84:3f:7a:0c:39:cc:ea:9d:f3:ac:ce:cc:d1:bd:
a1:66:00:57:6e:f0:dc:00:ed:87:7e:6d:39:ae:1e:
02:32:ed:5a:da:04:94:f2:00:df:a1:f9:2d:65:43:
47:52:b0:b0:d3:28:36:d9:9b:bc:d5:8a:ba:88:eb:
57:ac:11:af:92:3b:63:d4:2d:32:18:58:8b:8a:e3:
27:27:78:e7:82:d5:22:04:36:9a:51:58:eb:b9:f7:
41:c0:a3:14:4c:78:e8:6d:43:53:a8:6a:86:ad:ef:
59:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:80:60:2C:D1:F5:0C:D7:7B:DC:D6:E6:59:68:88:53:A8:DB:1B:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.148.0/24
Signature Algorithm: sha256WithRSAEncryption
56:97:a6:7e:40:48:c1:b2:23:ec:27:61:ea:5e:1c:fa:14:38:
ac:bf:43:4a:f5:76:d2:98:82:57:d4:84:5c:a3:be:bf:13:9c:
d9:4d:6c:04:8a:a5:cb:32:61:85:d9:5b:a2:e1:4d:45:36:1b:
d2:30:53:b9:ef:c3:78:b6:7c:e7:10:68:9f:7a:9c:5d:df:4d:
fc:44:0a:5e:eb:7f:ee:98:1e:19:53:47:b8:83:63:63:02:9c:
bd:6e:c2:13:68:66:5a:b7:5c:a3:f0:18:30:0d:2c:5a:df:7d:
7f:77:48:a5:bd:de:68:d0:d2:70:4b:3e:f4:4c:49:7d:39:59:
a9:13:4e:e8:6e:f9:7c:64:cb:3e:49:93:73:79:e2:4a:39:dd:
c2:80:76:fc:a8:cd:b6:e7:30:27:ba:4c:40:4a:2c:66:f5:9d:
ed:d6:a5:6f:34:2f:4b:d9:70:eb:bf:ec:3b:b9:1a:a2:4a:6e:
e5:68:bd:4f:85:8c:32:8a:53:86:0e:2c:ce:66:45:ac:50:34:
12:a5:4c:df:aa:32:25:42:ed:d1:03:e0:3f:74:1c:02:b6:bb:
61:35:4f:bc:7e:b0:a1:04:8d:b9:03:4a:40:e6:e1:a4:17:c7:
b0:f2:2d:eb:41:35:f1:92:99:75:77:88:e5:ca:a9:12:6e:89:
7c:5f:12:c5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURtOw5d+gLiNkfJs9yLXnN6HAh+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMTUwOTAzMzJaFw0yNTAzMTQwOTA4MzJaMDMxMTAvBgNV
BAMTKDFEODA2MDJDRDFGNTBDRDc3QkRDRDZFNjU5Njg4ODUzQThEQjFCQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2JFlPR7F05J7YeFPfWRUaDYAI
06Y/rPPloxNvx81xALRAseFMUC/BxiOM6I88W0chj4R3pMreH0Zfn9nBGG2xGP6f
XQukk7kb+eVfymIEiMH5p/uGMCUUoXpnFmOFUY5r6Te2+bsVtxyUysqBUQ/pCZl1
8XeGOEt7uowy+LQdpdk+FBwJZuPbDvilxMoqKaZCSJBaf/qEP3oMOczqnfOszszR
vaFmAFdu8NwA7Yd+bTmuHgIy7VraBJTyAN+h+S1lQ0dSsLDTKDbZm7zVirqI61es
Ea+SO2PULTIYWIuK4ycneOeC1SIENppRWOu590HAoxRMeOhtQ1Ooaoat71kXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUHYBgLNH1DNd73NbmWWiIU6jbG7YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnx
lDANBgkqhkiG9w0BAQsFAAOCAQEAVpemfkBIwbIj7Cdh6l4c+hQ4rL9DSvV20piC
V9SEXKO+vxOc2U1sBIqlyzJhhdlbouFNRTYb0jBTue/DeLZ85xBon3qcXd9N/EQK
Xut/7pgeGVNHuINjYwKcvW7CE2hmWrdco/AYMA0sWt99f3dIpb3eaNDScEs+9ExJ
fTlZqRNO6G75fGTLPkmTc3niSjndwoB2/KjNtucwJ7pMQEosZvWd7dalbzQvS9lw
67/sO7kaokpu5Wi9T4WMMopThg4szmZFrFA0EqVM36oyJULt0QPgP3QcAra7YTVP
vH6woQSNuQNKQObhpBfHsPIt60E18ZKZdXeI5cqpEm6JfF8SxQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org