Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33382e302f32342d3332203d3e20313431393935.roa
File: 3138352e3235302e33382e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: CuO5DfF2TuyVZj3u4SMDcLCTC+EH6mvH/2mjPn3M4cI=
Subject key identifier: 1D:6D:9A:E3:F9:75:FE:21:A6:C8:B6:18:EB:B8:BE:90:55:A0:4A:0B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F1348660E61DD4BBBBFDB7A5B96BD49C4480105
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33382e302f32342d3332203d3e20313431393935.roa
Signing time: Fri 20 Sep 2024 14:04:57 +0000
ROA not before: Fri 20 Sep 2024 13:59:57 +0000
ROA not after: Fri 19 Sep 2025 14:04:57 +0000
asID: 141995
IP address blocks: 185.250.38.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:13:48:66:0e:61:dd:4b:bb:bf:db:7a:5b:96:bd:49:c4:48:01:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:57 2024 GMT
Not After : Sep 19 14:04:57 2025 GMT
Subject: CN=1D6D9AE3F975FE21A6C8B618EBB8BE9055A04A0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1c:b9:de:b7:d0:cf:23:bf:1c:d6:d0:7c:f4:
fe:7c:df:f8:99:c5:e4:c2:ab:11:d3:be:dc:45:ca:
4a:70:77:30:1a:ca:e1:d0:95:12:e7:eb:f6:4b:87:
bc:40:bc:2b:3f:22:54:38:f1:89:b1:0f:89:c0:85:
e8:a5:8a:5c:26:57:1e:8b:a9:3c:65:3e:1d:b1:e0:
99:12:c7:35:b2:95:d4:ce:8c:64:c8:ca:41:35:2f:
ab:40:9d:c8:9a:cd:c5:95:7f:e3:a1:ab:18:01:83:
5a:29:46:b7:50:10:cf:5c:05:5a:51:1d:98:f1:da:
e9:8e:d8:8d:64:75:31:54:71:14:8c:7b:3d:54:6e:
ee:ea:7b:c7:52:d3:af:0f:94:af:89:a9:e3:21:ac:
55:68:df:2b:f0:75:39:38:99:e1:a6:c3:80:2a:c1:
89:38:f1:28:b0:f7:1e:13:2b:13:85:5a:32:6f:07:
8b:29:3a:45:7c:6b:24:7d:bc:09:21:e3:bb:70:40:
82:9e:aa:04:36:9e:76:70:e8:38:a8:07:97:68:1b:
a5:fa:ca:2d:bc:70:b6:a7:53:7b:64:e0:3a:81:33:
ff:14:25:06:e6:5c:29:c1:2f:a7:0d:f0:48:1a:54:
7b:ad:ac:2d:a8:e2:f1:3e:29:47:b6:5b:42:42:ed:
09:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6D:9A:E3:F9:75:FE:21:A6:C8:B6:18:EB:B8:BE:90:55:A0:4A:0B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3235302e33382e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.38.0/24
Signature Algorithm: sha256WithRSAEncryption
46:df:a3:15:a8:99:c6:29:ac:bd:c8:8e:5d:51:7b:35:f1:69:
2f:07:e5:e9:4d:a0:89:b6:4a:d7:29:e8:f9:07:97:38:6f:bb:
08:91:1b:f6:72:20:5c:ad:95:c8:39:71:c7:bb:4e:f5:1c:dc:
d7:0c:9b:58:9d:66:bb:44:de:a2:e8:18:58:95:7e:b3:71:5e:
66:e2:f3:27:9e:fb:fc:74:93:74:d8:6a:3b:16:b0:1c:ec:97:
71:5a:b6:55:5d:79:04:49:cb:c3:9c:67:2b:ed:b8:eb:9d:07:
99:83:44:57:2d:d3:ee:27:ac:1c:aa:93:df:b6:93:59:f3:2d:
b3:e3:04:63:8b:b4:9c:1b:ec:72:e3:f8:e9:56:58:31:63:01:
09:ef:17:00:63:03:52:c5:25:16:f6:69:59:60:d6:5f:b7:91:
a7:fd:04:aa:24:14:e0:64:ea:1a:a5:15:fd:56:b5:56:dc:d5:
dc:80:19:16:2b:44:81:bd:8a:c8:60:3d:ac:94:e0:9e:c0:05:
42:12:f8:a9:2c:64:c9:a4:37:8a:fe:45:a4:33:31:5a:13:7d:
fe:c8:21:1c:2b:74:2b:39:10:60:fa:74:15:30:d0:ee:db:26:
5b:b1:e7:07:57:61:c5:55:4b:11:ef:76:32:6f:d5:f0:74:97:
a0:b2:82:d4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHxNIZg5h3Uu7v9t6W5a9ScRIAQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTdaFw0yNTA5MTkxNDA0NTdaMDMxMTAvBgNV
BAMTKDFENkQ5QUUzRjk3NUZFMjFBNkM4QjYxOEVCQjhCRTkwNTVBMDRBMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiHLnet9DPI78c1tB89P583/iZ
xeTCqxHTvtxFykpwdzAayuHQlRLn6/ZLh7xAvCs/IlQ48YmxD4nAheililwmVx6L
qTxlPh2x4JkSxzWyldTOjGTIykE1L6tAnciazcWVf+OhqxgBg1opRrdQEM9cBVpR
HZjx2umO2I1kdTFUcRSMez1Ubu7qe8dS068PlK+JqeMhrFVo3yvwdTk4meGmw4Aq
wYk48Siw9x4TKxOFWjJvB4spOkV8ayR9vAkh47twQIKeqgQ2nnZw6DioB5doG6X6
yi28cLanU3tk4DqBM/8UJQbmXCnBL6cN8EgaVHutrC2o4vE+KUe2W0JC7QntAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHW2a4/l1/iGmyLYY67i+kFWgSgswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM1MzAyZTMz
MzgyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5+iYwDQYJKoZIhvcNAQELBQADggEBAEbfoxWomcYprL3Ijl1RezXxaS8H5elN
oIm2Stcp6PkHlzhvuwiRG/ZyIFytlcg5cce7TvUc3NcMm1idZrtE3qLoGFiVfrNx
Xmbi8yee+/x0k3TYajsWsBzsl3FatlVdeQRJy8OcZyvtuOudB5mDRFct0+4nrByq
k9+2k1nzLbPjBGOLtJwb7HLj+OlWWDFjAQnvFwBjA1LFJRb2aVlg1l+3kaf9BKok
FOBk6hqlFf1WtVbc1dyAGRYrRIG9ishgPayU4J7ABUIS+KksZMmkN4r+RaQzMVoT
ff7IIRwrdCs5EGD6dBUw0O7bJlux5wdXYcVVSxHvdjJv1fB0l6CygtQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:13 2025 by rpki-client