Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: xAkdAAdSvjxUd9kJOe/lnDB79WP9zyqupHWeQUVMpBQ=
Subject key identifier: A3:B1:9D:0F:E9:B8:D9:6C:2C:33:22:B1:86:EA:70:54:87:FA:A9:37
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1522DF5BF74609D3D2E2F94A94A8539108AAF8A5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:23 +0000
ROA not before: Tue 25 Jun 2024 21:42:23 +0000
ROA not after: Tue 24 Jun 2025 21:47:23 +0000
asID: 204170
IP address blocks: 185.245.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:22:df:5b:f7:46:09:d3:d2:e2:f9:4a:94:a8:53:91:08:aa:f8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 21:42:23 2024 GMT
Not After : Jun 24 21:47:23 2025 GMT
Subject: CN=A3B19D0FE9B8D96C2C3322B186EA705487FAA937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:62:d7:2e:cf:a5:f1:d5:b0:b6:92:6d:92:09:
de:c2:6a:cc:86:61:ec:61:32:6d:5c:b4:95:e7:ed:
00:58:ae:9a:2b:db:ef:9f:17:2d:63:bf:00:06:f0:
c8:72:8e:bd:33:0b:55:9d:6d:d8:46:42:c4:27:5c:
67:cd:d3:44:01:86:e0:f1:32:9b:db:fa:78:1a:51:
18:db:f9:c3:93:4e:b4:2d:26:51:c3:aa:cc:9a:44:
16:9b:c8:0f:5d:4d:22:68:69:0b:82:b8:c3:2b:dc:
81:7b:a0:23:ef:42:fc:a7:3f:1b:48:b9:33:59:4d:
c9:3f:8a:39:e8:9a:cd:b3:7b:97:b6:22:40:f8:f4:
5a:38:68:b1:9e:78:c6:2c:66:9f:78:c1:48:44:d2:
0e:64:48:70:a9:83:7f:71:3d:e1:76:79:5a:2a:ef:
55:09:64:39:d9:c7:af:d5:f8:cb:28:97:86:29:24:
d1:83:3a:79:40:8c:1e:25:8f:65:d7:3b:6b:e4:19:
20:02:c7:84:1e:4d:1d:85:dc:7d:c4:50:02:b1:01:
83:ed:ac:21:e9:0e:cc:02:0d:3e:92:52:e4:2e:ab:
e7:41:f8:12:b8:2c:8f:ab:a3:98:f7:b2:d1:61:03:
b6:b5:8c:ad:9e:e6:03:12:b6:2f:0a:04:ad:2f:02:
a8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B1:9D:0F:E9:B8:D9:6C:2C:33:22:B1:86:EA:70:54:87:FA:A9:37
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.181.0/24
Signature Algorithm: sha256WithRSAEncryption
83:30:3e:69:15:1d:4c:3b:aa:4e:8e:35:86:3e:6b:fa:51:72:
de:e6:fd:bc:03:79:97:da:4e:f2:3a:cb:2a:69:bb:79:8d:aa:
3d:e3:57:81:a9:5c:3b:9b:93:16:c3:d3:48:25:82:34:e6:b8:
d1:d6:4b:96:72:ce:e0:49:ab:5a:0d:f6:d6:14:2c:ea:6f:2e:
06:af:90:66:f0:e6:d7:9d:99:7f:b9:1b:88:b6:25:29:c5:99:
de:e4:7e:4a:91:77:7d:42:a6:f3:48:8a:b0:0b:d9:a0:dd:40:
10:1c:11:13:cf:c8:ea:ff:9a:0a:aa:2e:ee:33:12:21:72:71:
1d:e5:91:0a:1f:89:62:3c:fc:cc:4f:7c:5b:72:3e:a9:41:88:
42:1f:3b:c7:2c:b2:cf:76:a5:a7:88:16:61:20:98:3d:ab:42:
78:3a:b1:b9:a6:d8:d4:0c:0a:5b:40:bd:42:ce:c3:cf:cf:46:
4c:35:b7:b0:77:29:fb:e6:f8:a6:18:60:13:d0:05:18:98:ba:
bc:22:38:b4:a3:de:42:ab:ee:e6:01:a9:98:51:6e:2b:47:e7:
8b:cd:52:f5:f4:c2:a5:2f:7f:f6:86:07:d9:c4:79:ef:ab:d1:
70:f1:8a:02:59:10:a2:74:52:3a:9c:c7:c0:eb:98:88:72:32:
b1:a7:ad:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFSLfW/dGCdPS4vlKlKhTkQiq+KUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjUyMTQyMjNaFw0yNTA2MjQyMTQ3MjNaMDMxMTAvBgNV
BAMTKEEzQjE5RDBGRTlCOEQ5NkMyQzMzMjJCMTg2RUE3MDU0ODdGQUE5MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmYtcuz6Xx1bC2km2SCd7CasyG
YexhMm1ctJXn7QBYrpor2++fFy1jvwAG8Mhyjr0zC1WdbdhGQsQnXGfN00QBhuDx
Mpvb+ngaURjb+cOTTrQtJlHDqsyaRBabyA9dTSJoaQuCuMMr3IF7oCPvQvynPxtI
uTNZTck/ijnoms2ze5e2IkD49Fo4aLGeeMYsZp94wUhE0g5kSHCpg39xPeF2eVoq
71UJZDnZx6/V+Msol4YpJNGDOnlAjB4lj2XXO2vkGSACx4QeTR2F3H3EUAKxAYPt
rCHpDswCDT6SUuQuq+dB+BK4LI+ro5j3stFhA7a1jK2e5gMSti8KBK0vAqg7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUo7GdD+m42WwsMyKxhupwVIf6qTcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzUyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1tTANBgkqhkiG9w0BAQsFAAOCAQEAgzA+aRUdTDuqTo41hj5r+lFy3ub9
vAN5l9pO8jrLKmm7eY2qPeNXgalcO5uTFsPTSCWCNOa40dZLlnLO4EmrWg321hQs
6m8uBq+QZvDm152Zf7kbiLYlKcWZ3uR+SpF3fUKm80iKsAvZoN1AEBwRE8/I6v+a
Cqou7jMSIXJxHeWRCh+JYjz8zE98W3I+qUGIQh87xyyyz3alp4gWYSCYPatCeDqx
uabY1AwKW0C9Qs7Dz89GTDW3sHcp++b4phhgE9AFGJi6vCI4tKPeQqvu5gGpmFFu
K0fni81S9fTCpS9/9oYH2cR576vRcPGKAlkQonRSOpzHwOuYiHIysaetfw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org