Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e38312e3132362e302f32342d3234203d3e20313336373837.roa
File: 3138352e38312e3132362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wQacZtAJ/GmO+vcIr27duB7BIks2oZSZBGUy5OTtXE8=
Subject key identifier: A0:A9:60:80:C5:FE:0C:B2:E2:0F:89:63:71:62:E2:F2:CD:FA:29:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 343C194E61A145D917F7CD96E446E7E7EA64892E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e38312e3132362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 28 Oct 2024 09:27:44 +0000
ROA not before: Mon 28 Oct 2024 09:22:44 +0000
ROA not after: Mon 27 Oct 2025 09:27:44 +0000
asID: 136787
IP address blocks: 185.81.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3c:19:4e:61:a1:45:d9:17:f7:cd:96:e4:46:e7:e7:ea:64:89:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 28 09:22:44 2024 GMT
Not After : Oct 27 09:27:44 2025 GMT
Subject: CN=A0A96080C5FE0CB2E20F89637162E2F2CDFA29C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6d:91:ed:1d:22:7f:7f:fa:58:b3:e5:74:66:
8c:48:ea:b4:83:5f:8e:3f:a8:9e:b4:a4:3c:04:b9:
1a:7b:9b:7d:a3:b0:21:b9:9a:23:9c:27:b7:95:e9:
d7:e1:ad:4f:03:95:64:7b:cd:e0:1c:3d:00:f1:83:
e3:c9:01:d3:62:a2:08:b9:d2:a7:5b:1f:4a:b0:dd:
32:88:e1:14:a5:6b:e9:78:6a:ff:96:9a:11:52:c1:
c1:cc:f1:cf:39:f0:79:09:cd:fc:eb:73:1c:30:35:
fe:06:20:9a:2a:a6:a2:1b:d5:45:7d:76:96:89:b3:
d4:14:b0:db:cc:61:ed:76:e3:42:60:95:cb:e5:0b:
fa:bd:9b:f2:e1:6d:62:a4:3a:a6:c8:a9:14:02:dd:
37:4d:8e:08:fa:ec:8e:95:05:45:0f:22:d5:e4:17:
94:42:a1:f0:e8:76:34:3c:e7:f2:5b:8e:44:de:2b:
ba:4c:aa:0d:4e:e3:9c:fa:f9:7b:50:da:1d:6f:9f:
19:15:5d:e0:c5:68:3c:71:64:1c:49:99:65:a8:12:
bf:e9:e9:b2:78:cd:4e:99:41:6c:7c:d3:52:2c:94:
e4:9b:d4:51:cc:1b:f9:f3:f2:fe:a2:a4:75:26:91:
00:02:5a:6d:4f:ec:cf:a2:a1:50:b9:6d:17:54:28:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A9:60:80:C5:FE:0C:B2:E2:0F:89:63:71:62:E2:F2:CD:FA:29:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e38312e3132362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a8:ff:55:07:36:81:5e:ac:ed:6a:56:1d:11:d8:f3:21:f8:
62:f9:82:c9:67:91:c4:84:0f:67:5e:c6:9d:18:7e:ea:fa:3f:
af:99:64:de:d1:52:1f:ca:b6:f0:08:7f:65:9b:64:70:de:00:
0c:5d:51:f9:8e:68:61:fb:8c:3d:28:30:88:ce:19:70:85:6f:
b5:44:3f:9d:21:b5:1c:f3:56:93:12:ad:0b:f0:1d:bc:b8:f6:
f6:e4:8a:e9:e7:74:b1:9d:12:ff:dd:c4:e3:5f:e8:e6:18:78:
2f:d0:c6:2b:a0:67:45:6f:dc:23:b7:b0:41:ed:77:2e:c9:b8:
a7:10:c1:fd:8d:6c:ce:3e:4f:30:34:1c:5e:07:ad:a8:0d:cd:
0c:04:af:e0:62:95:43:c5:80:30:94:2a:64:6b:61:d8:01:42:
d0:a8:68:52:af:0f:7e:2b:5a:13:76:82:b6:48:c1:f0:1a:56:
79:74:fc:a3:fd:57:ad:d9:23:36:71:52:6b:cf:be:1d:8b:f4:
7c:25:bf:8f:71:76:ef:cb:72:66:ab:ba:f5:42:ae:0c:68:72:
05:b2:ed:85:82:8c:77:5b:18:bb:f8:78:cc:29:a8:67:e4:56:
f5:20:f4:e3:e4:4d:0b:ba:35:b7:bc:3f:03:b3:c5:97:04:ef:
e5:5b:ee:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNDwZTmGhRdkX982W5Ebn5+pkiS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjgwOTIyNDRaFw0yNTEwMjcwOTI3NDRaMDMxMTAvBgNV
BAMTKEEwQTk2MDgwQzVGRTBDQjJFMjBGODk2MzcxNjJFMkYyQ0RGQTI5QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwbZHtHSJ/f/pYs+V0ZoxI6rSD
X44/qJ60pDwEuRp7m32jsCG5miOcJ7eV6dfhrU8DlWR7zeAcPQDxg+PJAdNiogi5
0qdbH0qw3TKI4RSla+l4av+WmhFSwcHM8c858HkJzfzrcxwwNf4GIJoqpqIb1UV9
dpaJs9QUsNvMYe1240JglcvlC/q9m/LhbWKkOqbIqRQC3TdNjgj67I6VBUUPItXk
F5RCofDodjQ85/JbjkTeK7pMqg1O45z6+XtQ2h1vnxkVXeDFaDxxZBxJmWWoEr/p
6bJ4zU6ZQWx801IslOSb1FHMG/nz8v6ipHUmkQACWm1P7M+ioVC5bRdUKNkDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoKlggMX+DLLiD4ljcWLi8s36KcEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzODMxMmUzMTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5UX4wDQYJKoZIhvcNAQELBQADggEBAHqo/1UHNoFerO1qVh0R2PMh+GL5gsln
kcSED2dexp0Yfur6P6+ZZN7RUh/KtvAIf2WbZHDeAAxdUfmOaGH7jD0oMIjOGXCF
b7VEP50htRzzVpMSrQvwHby49vbkiunndLGdEv/dxONf6OYYeC/QxiugZ0Vv3CO3
sEHtdy7JuKcQwf2NbM4+TzA0HF4HragNzQwEr+BilUPFgDCUKmRrYdgBQtCoaFKv
D34rWhN2grZIwfAaVnl0/KP9V63ZIzZxUmvPvh2L9Hwlv49xdu/LcmaruvVCrgxo
cgWy7YWCjHdbGLv4eMwpqGfkVvUg9OPkTQu6Nbe8PwOzxZcE7+Vb7pQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org