Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
File: 3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: Qwa1tqg1ze2GfKr7J19mCDb4p11LQmZNJwbYHQyOo7w=
Subject key identifier: 9C:56:09:2E:C8:CC:9A:20:1C:EB:DE:75:1F:F6:BB:8C:2D:BC:8A:04
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0B54083CDC44EC6049768D953C8DD1D2566A025E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
Signing time: Fri 20 Sep 2024 14:04:57 +0000
ROA not before: Fri 20 Sep 2024 13:59:57 +0000
ROA not after: Fri 19 Sep 2025 14:04:57 +0000
asID: 397423
IP address blocks: 185.241.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:54:08:3c:dc:44:ec:60:49:76:8d:95:3c:8d:d1:d2:56:6a:02:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:57 2024 GMT
Not After : Sep 19 14:04:57 2025 GMT
Subject: CN=9C56092EC8CC9A201CEBDE751FF6BB8C2DBC8A04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:08:d2:2e:35:23:1e:11:5b:6b:7f:cb:df:
79:92:d2:0f:0d:09:7f:ef:1e:d9:57:74:21:78:89:
23:60:66:56:e2:38:b5:18:ce:94:f6:c7:73:ec:84:
fe:28:24:82:2f:37:e8:39:d8:d4:37:b8:6c:ab:fa:
be:c7:88:86:f9:85:72:23:9b:d2:32:9b:a4:17:8b:
ae:22:3a:88:49:ce:d4:e6:35:e5:30:61:2e:fc:f2:
66:11:5a:69:5f:44:c4:e3:3f:e3:14:13:f5:50:e9:
2b:5a:87:f5:38:9e:86:29:25:ce:fb:ec:0b:f0:ff:
36:dd:dd:33:1a:9e:92:ef:82:b9:b3:11:af:b4:6e:
44:09:25:d0:fe:b3:a6:86:9a:18:1a:47:5b:a6:77:
80:e3:e5:f8:3c:15:22:ae:1c:93:79:68:ec:6e:17:
2a:ae:b5:4c:af:0b:04:a5:75:61:cf:fd:c6:91:5d:
22:fe:a5:ae:f4:fe:44:6a:9b:72:2e:55:76:5b:f6:
ee:23:2b:7f:91:96:c4:a8:ae:4b:1a:b3:4e:c1:e8:
29:b9:dd:2f:91:22:dd:d5:cb:7e:2c:da:fa:96:c1:
91:77:df:e6:4a:25:cd:10:e0:3f:8e:b1:e2:d2:bd:
b9:1d:27:2e:68:b0:a0:95:59:d4:89:a1:f2:92:38:
e4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:56:09:2E:C8:CC:9A:20:1C:EB:DE:75:1F:F6:BB:8C:2D:BC:8A:04
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.149.0/24
Signature Algorithm: sha256WithRSAEncryption
03:47:c6:66:0a:71:dd:8b:a8:04:57:31:a8:be:2c:8c:2d:ca:
cf:24:c6:a3:db:22:b2:7b:9d:8d:b6:2c:7b:71:c2:c3:e2:bf:
2f:21:e4:f4:ac:69:9c:62:53:fd:ab:df:cc:ef:8c:57:ec:22:
70:71:83:1e:a4:5e:f9:9d:96:eb:0b:78:0c:94:41:d4:8a:40:
13:47:a2:bb:33:8f:9a:09:39:d8:31:77:1e:15:c4:d8:bd:83:
7c:cd:f7:2a:a2:e7:e5:f2:ce:61:8a:6e:b3:8f:fc:8c:7a:74:
39:b2:f9:af:70:32:3e:1d:e2:9f:e7:ed:59:e0:61:b9:66:9a:
0a:e0:ee:e3:cb:21:c4:28:22:31:fd:d9:7e:b4:a6:1e:a7:f0:
a6:3b:01:ab:bc:a7:62:e0:22:22:b2:34:65:f9:d6:d9:dc:24:
d0:2d:0d:52:ce:3c:7f:f2:36:a5:b7:0c:c3:30:ff:be:a0:08:
c4:80:81:b1:42:53:ec:6a:f3:11:c6:71:7a:c0:a7:58:39:87:
46:df:39:31:5f:6a:ec:81:9b:53:1c:07:f0:cb:33:97:6d:2e:
2c:33:0c:03:ae:69:2e:80:6c:1f:9b:5c:54:13:3e:f2:11:b1:
90:39:4b:68:dd:6d:79:59:40:31:b5:c0:be:17:2c:56:b8:d1:
ae:31:61:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUC1QIPNxE7GBJdo2VPI3R0lZqAl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTdaFw0yNTA5MTkxNDA0NTdaMDMxMTAvBgNV
BAMTKDlDNTYwOTJFQzhDQzlBMjAxQ0VCREU3NTFGRjZCQjhDMkRCQzhBMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFsAjSLjUjHhFba3/L33mS0g8N
CX/vHtlXdCF4iSNgZlbiOLUYzpT2x3PshP4oJIIvN+g52NQ3uGyr+r7HiIb5hXIj
m9Iym6QXi64iOohJztTmNeUwYS788mYRWmlfRMTjP+MUE/VQ6Stah/U4noYpJc77
7Avw/zbd3TManpLvgrmzEa+0bkQJJdD+s6aGmhgaR1umd4Dj5fg8FSKuHJN5aOxu
FyqutUyvCwSldWHP/caRXSL+pa70/kRqm3IuVXZb9u4jK3+RlsSorksas07B6Cm5
3S+RIt3Vy34s2vqWwZF33+ZKJc0Q4D+OseLSvbkdJy5osKCVWdSJofKSOOSbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnFYJLsjMmiAc6951H/a7jC28igQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM0MzIzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnxlTANBgkqhkiG9w0BAQsFAAOCAQEAA0fGZgpx3YuoBFcxqL4sjC3KzyTG
o9sisnudjbYse3HCw+K/LyHk9KxpnGJT/avfzO+MV+wicHGDHqRe+Z2W6wt4DJRB
1IpAE0eiuzOPmgk52DF3HhXE2L2DfM33KqLn5fLOYYpus4/8jHp0ObL5r3AyPh3i
n+ftWeBhuWaaCuDu48shxCgiMf3ZfrSmHqfwpjsBq7ynYuAiIrI0ZfnW2dwk0C0N
Us48f/I2pbcMwzD/vqAIxICBsUJT7GrzEcZxesCnWDmHRt85MV9q7IGbUxwH8Msz
l20uLDMMA65pLoBsH5tcVBM+8hGxkDlLaN1teVlAMbXAvhcsVrjRrjFhJA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org