Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3135302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3234312e3135302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 43WlKs6x9Kve3KtQeN3fVMoF53D3Jy7PdN5BeQZOoUI=
Subject key identifier: F9:F0:4B:89:A8:62:85:2B:3B:A6:1B:F1:D2:D8:95:B9:85:A3:CA:2B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0ABB6D497CAE0D43BD709BDE2E0021A4EDC540A1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3135302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 31 Jan 2025 16:45:34 +0000
ROA not before: Fri 31 Jan 2025 16:40:34 +0000
ROA not after: Fri 30 Jan 2026 16:45:34 +0000
asID: 212238
IP address blocks: 185.241.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:bb:6d:49:7c:ae:0d:43:bd:70:9b:de:2e:00:21:a4:ed:c5:40:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 31 16:40:34 2025 GMT
Not After : Jan 30 16:45:34 2026 GMT
Subject: CN=F9F04B89A862852B3BA61BF1D2D895B985A3CA2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:79:87:d0:15:83:d8:28:ed:c8:56:ce:00:a2:
3c:d6:43:f5:ad:ee:ab:0a:23:67:e3:0c:a0:c9:bf:
03:0d:9c:b3:a8:39:82:8b:6c:4c:ae:bf:d3:42:6e:
fe:5e:43:6e:54:3d:a2:65:41:e4:d4:d1:bf:d9:90:
a5:f1:b9:0e:56:13:2e:58:96:14:79:42:79:45:a5:
c9:28:3a:09:36:ac:3a:75:6c:b5:b2:8f:c3:6e:25:
b3:bf:30:de:68:8e:01:00:88:f4:fc:25:ce:6e:63:
d0:2f:5a:a4:9f:63:d3:0d:55:ad:d5:ce:67:87:32:
78:a1:9c:66:ff:17:57:70:44:64:5e:8a:0a:3c:ec:
07:4d:41:9c:97:89:f1:4f:11:ad:34:be:5e:4a:cb:
be:7f:a8:24:e9:f6:f1:73:8c:cc:3c:cb:33:ce:5c:
59:16:51:2c:bb:a6:ee:9c:41:eb:b6:56:89:12:ec:
59:46:0a:c4:54:74:57:fc:70:a2:4b:e9:69:c3:90:
4b:03:cc:5f:c8:b3:a0:84:36:ca:95:a2:0f:90:af:
58:b6:25:7a:05:d1:fb:29:52:7e:e8:bd:e3:9c:c1:
bd:c2:74:60:15:f1:5f:89:02:58:34:73:f0:f2:19:
23:2f:4e:b8:3e:78:cb:98:02:b9:ac:64:76:8d:f3:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F0:4B:89:A8:62:85:2B:3B:A6:1B:F1:D2:D8:95:B9:85:A3:CA:2B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3135302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.150.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6a:36:63:f9:cb:91:98:b4:0e:d3:16:47:96:1f:5c:61:06:
42:cb:09:83:04:15:78:b1:03:88:ea:df:6e:56:03:52:61:02:
ca:5b:13:29:2d:1e:5c:78:a9:4a:16:8e:ff:cf:34:4a:c6:50:
d4:8d:06:ac:94:9a:2e:b9:58:02:6e:2e:c1:97:a6:e0:b8:cd:
59:4d:fe:b5:11:fe:62:97:5c:d1:97:6d:42:f5:64:54:fe:8d:
81:24:1a:63:a5:fd:a5:2d:c6:b9:fa:5b:7b:93:69:63:4f:e6:
ed:8d:2c:3f:c3:20:04:66:e4:79:ee:09:05:dd:de:56:85:ab:
fc:69:a1:5c:3e:8d:0a:4a:da:1a:82:71:92:19:50:71:a7:7d:
a2:51:60:6f:f1:cc:8a:90:4d:8b:29:ad:8d:2a:d7:f9:0b:78:
1b:aa:c2:fc:9c:99:50:b9:7f:3a:cc:29:6b:57:3e:7c:03:6f:
cb:ea:cd:3a:ae:37:46:f0:8e:33:83:c0:1c:95:24:ad:22:44:
aa:47:53:6c:a3:45:38:eb:9c:45:ae:27:8d:82:16:ac:1e:3a:
c7:89:d4:cf:81:8b:95:43:5d:05:4a:1f:3a:2e:92:cf:0a:48:
e7:52:50:92:36:c9:cb:bc:54:e1:72:c6:b7:98:2b:91:62:17:
9e:27:34:c9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCrttSXyuDUO9cJveLgAhpO3FQKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMzExNjQwMzRaFw0yNjAxMzAxNjQ1MzRaMDMxMTAvBgNV
BAMTKEY5RjA0Qjg5QTg2Mjg1MkIzQkE2MUJGMUQyRDg5NUI5ODVBM0NBMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOeYfQFYPYKO3IVs4AojzWQ/Wt
7qsKI2fjDKDJvwMNnLOoOYKLbEyuv9NCbv5eQ25UPaJlQeTU0b/ZkKXxuQ5WEy5Y
lhR5QnlFpckoOgk2rDp1bLWyj8NuJbO/MN5ojgEAiPT8Jc5uY9AvWqSfY9MNVa3V
zmeHMnihnGb/F1dwRGReigo87AdNQZyXifFPEa00vl5Ky75/qCTp9vFzjMw8yzPO
XFkWUSy7pu6cQeu2VokS7FlGCsRUdFf8cKJL6WnDkEsDzF/Is6CENsqVog+Qr1i2
JXoF0fspUn7oveOcwb3CdGAV8V+JAlg0c/DyGSMvTrg+eMuYArmsZHaN8wWHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU+fBLiahihSs7phvx0tiVuYWjyiswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnxljANBgkqhkiG9w0BAQsFAAOCAQEAhGo2Y/nLkZi0DtMWR5YfXGEGQssJ
gwQVeLEDiOrfblYDUmECylsTKS0eXHipShaO/880SsZQ1I0GrJSaLrlYAm4uwZem
4LjNWU3+tRH+Ypdc0ZdtQvVkVP6NgSQaY6X9pS3Gufpbe5NpY0/m7Y0sP8MgBGbk
ee4JBd3eVoWr/GmhXD6NCkraGoJxkhlQcad9olFgb/HMipBNiymtjSrX+Qt4G6rC
/JyZULl/Oswpa1c+fANvy+rNOq43RvCOM4PAHJUkrSJEqkdTbKNFOOucRa4njYIW
rB46x4nUz4GLlUNdBUofOi6SzwpI51JQkjbJy7xU4XLGt5grkWIXnic0yQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:08:03 2025 by rpki-client