Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3130382e3135362e302f32322d3234203d3e20323034313730.roa
File: 3138352e3130382e3135362e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: i6jYqHrZPeXsH2mE0uG8TDksD1oGZ/+iIEN/TxiTtnI=
Subject key identifier: 22:8B:60:51:82:99:4B:44:EA:1A:C8:A7:EF:F2:71:D0:45:FB:86:5C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30F68647851D40BE0DF7F652CDE19DDFAA632268
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3130382e3135362e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:12 +0000
ROA not before: Mon 26 Feb 2024 08:48:12 +0000
ROA not after: Mon 24 Feb 2025 08:53:12 +0000
asID: 204170
IP address blocks: 185.108.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:f6:86:47:85:1d:40:be:0d:f7:f6:52:cd:e1:9d:df:aa:63:22:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:12 2024 GMT
Not After : Feb 24 08:53:12 2025 GMT
Subject: CN=228B605182994B44EA1AC8A7EFF271D045FB865C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6a:44:fb:7c:73:25:60:6b:ed:ba:09:65:80:
29:d1:90:30:2e:50:aa:b9:f3:15:ca:51:06:f1:4f:
2e:96:0a:d7:e4:6c:df:9f:71:48:2f:fb:8e:b5:d0:
6c:de:cc:0d:38:e7:85:00:5e:3b:19:b3:38:e9:5e:
df:e6:df:a8:ff:4f:d8:42:8f:75:7f:f6:a3:df:93:
af:1e:4b:46:1c:1c:80:d7:28:e3:b9:af:1f:f5:b4:
50:76:4d:96:62:6f:c4:24:04:b8:5f:ab:45:b5:f5:
21:ca:f8:1c:03:2c:ca:b8:58:fb:cb:34:ba:63:ab:
e0:eb:c3:68:0a:08:35:9a:f6:d3:43:e3:d9:dd:28:
f0:49:30:7e:65:bd:1f:34:ec:ce:c0:cc:7b:d6:07:
9b:04:d4:f1:4f:d9:c0:6d:87:ed:68:fb:29:8c:6f:
da:a0:c1:b9:33:0e:3a:6e:e0:c2:d1:71:46:ea:63:
dc:e8:26:eb:f3:7a:2b:e2:95:d5:94:f4:35:34:51:
ee:06:4f:e6:37:a6:04:8f:45:e6:43:65:50:9e:8b:
b4:e0:93:2a:97:96:a3:35:db:dd:e4:cd:e0:f7:b6:
82:94:3d:df:ad:93:e2:a9:19:70:de:c2:75:ad:ae:
39:3f:22:1d:8a:62:76:81:06:af:1d:14:cd:3a:41:
50:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8B:60:51:82:99:4B:44:EA:1A:C8:A7:EF:F2:71:D0:45:FB:86:5C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3130382e3135362e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.156.0/22
Signature Algorithm: sha256WithRSAEncryption
97:af:9a:be:f5:34:d1:b4:4d:84:d7:ef:bf:b3:8a:e0:4c:8f:
e0:a5:52:31:af:d7:c0:06:07:50:e3:ad:d4:6a:82:13:b7:0e:
22:fe:bd:2e:11:d7:6e:b3:9b:e7:61:19:e5:a1:df:fe:2c:b1:
ed:89:e6:7b:0c:85:24:c2:11:3d:44:e9:8e:23:4a:84:a4:97:
db:3f:fd:41:51:72:91:51:33:d7:79:b3:11:4b:51:e1:ba:30:
d7:1b:e8:8d:ff:40:7a:40:98:1a:ce:4d:83:b4:ec:bf:2a:76:
9f:b0:30:b3:f3:42:f8:bc:a6:73:f9:76:bd:04:69:8a:42:40:
9d:8a:b7:cd:96:d3:9b:80:b5:8e:8b:03:71:c1:bd:8d:55:1a:
2d:d4:fd:1d:1f:bb:4b:ba:72:05:ad:eb:94:34:0f:bc:19:ea:
55:9c:fd:00:c2:72:c9:95:8f:d9:74:a0:ba:88:db:a9:00:15:
85:5c:8b:ad:91:a2:48:3c:7b:f6:94:e7:ce:0b:f8:bc:84:88:
a6:fa:de:72:69:c3:cc:d5:61:30:94:06:06:4a:29:2d:cd:2e:
4e:2f:e2:d8:d5:f5:a9:79:6a:3a:ff:9d:84:f1:79:57:df:cc:
9a:52:61:63:5b:e1:b0:2b:2b:e3:bf:3b:d3:ab:80:92:55:93:
fa:84:bf:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMPaGR4UdQL4N9/ZSzeGd36pjImgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTJaFw0yNTAyMjQwODUzMTJaMDMxMTAvBgNV
BAMTKDIyOEI2MDUxODI5OTRCNDRFQTFBQzhBN0VGRjI3MUQwNDVGQjg2NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyakT7fHMlYGvtugllgCnRkDAu
UKq58xXKUQbxTy6WCtfkbN+fcUgv+4610GzezA0454UAXjsZszjpXt/m36j/T9hC
j3V/9qPfk68eS0YcHIDXKOO5rx/1tFB2TZZib8QkBLhfq0W19SHK+BwDLMq4WPvL
NLpjq+Drw2gKCDWa9tND49ndKPBJMH5lvR807M7AzHvWB5sE1PFP2cBth+1o+ymM
b9qgwbkzDjpu4MLRcUbqY9zoJuvzeivildWU9DU0Ue4GT+Y3pgSPReZDZVCei7Tg
kyqXlqM1293kzeD3toKUPd+tk+KpGXDewnWtrjk/Ih2KYnaBBq8dFM06QVCDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIotgUYKZS0TqGsin7/Jx0EX7hlwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMwMzgyZTMx
MzUzNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArlsnDANBgkqhkiG9w0BAQsFAAOCAQEAl6+avvU00bRNhNfvv7OK4EyP4KVS
Ma/XwAYHUOOt1GqCE7cOIv69LhHXbrOb52EZ5aHf/iyx7YnmewyFJMIRPUTpjiNK
hKSX2z/9QVFykVEz13mzEUtR4bow1xvojf9AekCYGs5Ng7Tsvyp2n7Aws/NC+Lym
c/l2vQRpikJAnYq3zZbTm4C1josDccG9jVUaLdT9HR+7S7pyBa3rlDQPvBnqVZz9
AMJyyZWP2XSguojbqQAVhVyLrZGiSDx79pTnzgv4vISIpvrecmnDzNVhMJQGBkop
Lc0uTi/i2NX1qXlqOv+dhPF5V9/MmlJhY1vhsCsr478706uAklWT+oS/Tg==
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:04 2024 by rpki-client on console-fra.rpki-client.org