Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
File: 3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa (raw, json)
Hash identifier: iK+XrdWqmLYQp8/9rG2hgi/Ymce4GtuFxR2S+2rwA2A=
Subject key identifier: CA:BB:BE:13:01:BE:48:70:C6:93:10:28:1F:08:B4:05:7B:C6:5D:48
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 087062390875839E70C51F0895B5FE8248D7D3E5
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:22:07 +0000
ROA not before: Mon 02 Oct 2023 05:17:07 +0000
ROA not after: Mon 30 Sep 2024 05:22:07 +0000
asID: 22363
IP address blocks: 178.208.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:70:62:39:08:75:83:9e:70:c5:1f:08:95:b5:fe:82:48:d7:d3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:17:07 2023 GMT
Not After : Sep 30 05:22:07 2024 GMT
Subject: CN=CABBBE1301BE4870C69310281F08B4057BC65D48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c9:2e:d1:03:0f:fd:7f:26:89:07:84:5c:e7:
0f:98:59:d3:61:5f:04:c9:33:1e:8e:11:b0:56:01:
78:44:01:0f:5c:bd:a4:03:06:1a:17:df:71:5f:ca:
b4:ae:07:88:d8:b3:29:9d:54:ba:da:79:0d:8e:b9:
47:8c:4d:cf:fd:75:d3:c7:b4:81:bd:39:04:40:7c:
53:3c:0c:42:59:4a:42:6d:7e:73:47:20:54:2d:c7:
b0:fb:bf:29:95:8e:77:02:21:bb:48:8d:d3:95:35:
fa:5b:90:d6:75:94:aa:65:34:52:53:d0:7d:ef:b9:
7d:d6:e1:73:67:1a:d2:8b:be:fa:24:15:d5:96:90:
4c:b1:75:20:e4:55:99:32:82:5b:7d:0e:cc:e1:c7:
96:8e:81:a6:32:61:0c:8e:ee:f2:74:7b:55:c5:0a:
d3:89:6a:2f:b9:c7:0a:54:c7:11:fe:ee:61:1c:bf:
3f:0f:0d:90:1b:66:d9:be:3a:11:30:0a:0d:43:a7:
77:f2:0e:06:56:3f:f4:37:3d:a8:2c:33:a3:22:5b:
c5:5b:0a:66:19:f7:b4:91:76:bf:fa:84:a4:ae:be:
7c:91:1f:85:fc:08:24:9d:3f:03:61:39:1d:67:b7:
07:ca:91:c5:b2:d6:0f:de:4d:c2:9b:31:60:00:71:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BB:BE:13:01:BE:48:70:C6:93:10:28:1F:08:B4:05:7B:C6:5D:48
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.168.0/22
Signature Algorithm: sha256WithRSAEncryption
65:d0:03:0e:23:2e:1f:02:f0:28:12:77:4e:3a:b0:4a:24:6c:
6c:b4:32:d5:ea:c2:f8:35:e4:f3:40:2f:e3:e8:82:58:0c:8b:
48:18:2a:02:12:49:6e:1e:30:90:36:9b:cf:f3:91:f5:86:1c:
1c:01:bb:3d:35:11:fe:9b:e3:4e:46:85:aa:b4:6e:c2:9f:8d:
b7:d1:6d:b0:92:7b:fe:ee:4d:0f:82:f9:d1:26:85:bc:94:53:
39:6c:a1:1e:75:92:d2:78:d3:dc:8b:5f:1f:90:cc:c8:20:4c:
82:49:87:63:23:e2:6a:4f:cf:a4:18:e1:fa:c6:67:64:85:62:
b3:ac:f9:d0:7a:ea:97:68:5b:30:e4:19:60:32:f0:5f:fa:0a:
34:c3:d3:75:4f:75:96:f9:0a:d4:82:35:d8:a1:b8:84:a5:8f:
2c:c7:28:11:4f:96:85:cc:ce:d6:5f:c2:20:9b:fa:af:88:fc:
93:49:cf:09:4c:67:1f:e3:66:1a:f2:7e:5e:1d:13:32:f7:12:
97:36:6e:ef:44:0d:3d:08:65:55:38:77:c7:d3:5f:8a:46:bb:
bb:58:05:d3:d9:0b:6a:eb:4a:b7:53:9d:47:03:65:10:95:94:
bf:e5:f9:9c:2a:3f:2d:2e:e4:2b:1d:e6:42:cc:47:b0:d4:3d:
ed:5d:24:6f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCHBiOQh1g55wxR8IlbX+gkjX0+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE3MDdaFw0yNDA5MzAwNTIyMDdaMDMxMTAvBgNV
BAMTKENBQkJCRTEzMDFCRTQ4NzBDNjkzMTAyODFGMDhCNDA1N0JDNjVENDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+yS7RAw/9fyaJB4Rc5w+YWdNh
XwTJMx6OEbBWAXhEAQ9cvaQDBhoX33FfyrSuB4jYsymdVLraeQ2OuUeMTc/9ddPH
tIG9OQRAfFM8DEJZSkJtfnNHIFQtx7D7vymVjncCIbtIjdOVNfpbkNZ1lKplNFJT
0H3vuX3W4XNnGtKLvvokFdWWkEyxdSDkVZkyglt9Dszhx5aOgaYyYQyO7vJ0e1XF
CtOJai+5xwpUxxH+7mEcvz8PDZAbZtm+OhEwCg1Dp3fyDgZWP/Q3PagsM6MiW8Vb
CmYZ97SRdr/6hKSuvnyRH4X8CCSdPwNhOR1ntwfKkcWy1g/eTcKbMWAAcRePAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyru+EwG+SHDGkxAoHwi0BXvGXUgwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzIzMzM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy0KgwDQYJKoZIhvcNAQELBQADggEBAGXQAw4jLh8C8CgSd046sEokbGy0MtXq
wvg15PNAL+PoglgMi0gYKgISSW4eMJA2m8/zkfWGHBwBuz01Ef6b405Ghaq0bsKf
jbfRbbCSe/7uTQ+C+dEmhbyUUzlsoR51ktJ409yLXx+QzMggTIJJh2Mj4mpPz6QY
4frGZ2SFYrOs+dB66pdoWzDkGWAy8F/6CjTD03VPdZb5CtSCNdihuISljyzHKBFP
loXMztZfwiCb+q+I/JNJzwlMZx/jZhryfl4dEzL3Epc2bu9EDT0IZVU4d8fTX4pG
u7tYBdPZC2rrSrdTnUcDZRCVlL/l+ZwqPy0u5Csd5kLMR7DUPe1dJG8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:49:43 2024 by rpki-client on console-ams.rpki-client.org