Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
File: 3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa (raw, json)
Hash identifier: VSu930t/JO/BLk8EEqQ/pIoeDRB2YdhooS3BoLgfe1E=
Subject key identifier: 2C:AD:58:DB:19:2E:6F:16:18:BA:ED:24:14:98:BD:51:B1:E8:09:30
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 252CDE81CD4AB50D97EE4B4036B7BD03F1CD8131
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
Signing time: Mon 02 Sep 2024 06:05:19 +0000
ROA not before: Mon 02 Sep 2024 06:00:19 +0000
ROA not after: Mon 01 Sep 2025 06:05:19 +0000
asID: 22363
IP address blocks: 178.208.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:2c:de:81:cd:4a:b5:0d:97:ee:4b:40:36:b7:bd:03:f1:cd:81:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Sep 2 06:00:19 2024 GMT
Not After : Sep 1 06:05:19 2025 GMT
Subject: CN=2CAD58DB192E6F1618BAED241498BD51B1E80930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:01:d7:fc:bc:06:30:f1:0c:cf:02:e6:fb:42:
26:66:f7:0e:16:53:a4:34:76:16:75:ac:92:06:b4:
5e:4c:41:36:7c:ef:17:f8:66:8c:0c:ff:fc:c9:d9:
9c:12:fa:03:69:c9:ed:fe:e0:33:c8:5a:e4:16:cf:
0f:a1:d7:3e:bf:dd:a0:08:dd:23:ff:df:01:1e:d0:
f5:de:e6:28:19:14:a9:01:aa:0e:1c:e4:66:3f:fa:
a8:56:43:67:f2:f0:ec:d3:95:d7:af:49:87:b4:ef:
54:46:a1:b6:b8:0f:97:29:d0:1e:61:84:ac:c6:5d:
07:d1:5c:ce:f0:ed:f2:c9:4b:64:76:6e:19:c7:d0:
f8:c6:ce:3c:35:34:17:eb:0e:c0:6b:87:6e:4b:53:
fc:85:53:7c:9f:89:d6:3c:df:20:e6:a8:fe:29:49:
97:1f:56:25:8f:38:35:4a:6b:07:6a:c6:9c:fe:0d:
d8:ec:c9:89:f5:5f:8b:34:82:c7:60:67:18:44:c6:
6e:4e:41:29:54:db:c2:b9:e3:0f:98:86:ed:b6:ad:
48:46:f3:f6:c9:6c:05:8c:4b:0c:68:e4:d4:6a:22:
ce:67:d8:fa:c1:2d:8b:94:97:4f:4e:ec:93:03:8e:
99:77:76:80:ea:87:98:ad:d4:e0:b4:89:76:5e:9a:
5e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AD:58:DB:19:2E:6F:16:18:BA:ED:24:14:98:BD:51:B1:E8:09:30
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3136382e302f32322d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.168.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:82:ac:ba:89:ee:e1:45:cf:77:33:e8:5d:ca:88:13:31:63:
88:3d:aa:4e:98:d7:ba:67:84:f6:d0:34:fc:7d:dd:7e:a0:88:
18:30:17:9d:7f:54:c4:53:a3:c0:33:18:4b:41:34:61:8d:e1:
c9:06:54:21:04:d4:05:97:82:ca:0a:84:6c:11:a5:6f:96:d3:
f2:0b:3b:22:c6:5a:af:c8:34:87:d9:ef:8b:c5:1e:66:de:6d:
31:49:f1:8b:1e:3f:e4:4b:88:b2:f0:cf:1a:f7:b1:30:f7:94:
91:5c:9b:23:c1:6b:8d:9b:9e:99:70:e6:2a:83:7e:4c:1d:5e:
47:e2:18:c9:e7:b5:7d:2c:c3:df:a5:e2:72:ca:69:70:6e:6c:
a1:14:98:7e:0c:61:da:37:f1:55:9d:fe:0b:27:ae:17:13:1f:
c5:5e:eb:59:e4:3c:00:c1:ca:46:ce:ea:16:b2:b1:00:e9:63:
07:f6:20:32:3b:f9:2b:e2:11:0a:4c:c8:69:04:48:bd:1d:83:
9b:8b:bf:99:fc:8e:f2:f2:f8:37:d8:2c:57:95:83:ee:10:47:
be:67:03:a1:8a:ad:21:26:ba:6d:e3:a8:ce:af:0b:a1:c5:ac:
bc:18:ed:0f:01:00:64:5f:ab:3b:f6:8a:47:78:0d:03:fb:f2:
10:c8:c5:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJSzegc1KtQ2X7ktANre9A/HNgTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDA5MDIwNjAwMTlaFw0yNTA5MDEwNjA1MTlaMDMxMTAvBgNV
BAMTKDJDQUQ1OERCMTkyRTZGMTYxOEJBRUQyNDE0OThCRDUxQjFFODA5MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgAdf8vAYw8QzPAub7QiZm9w4W
U6Q0dhZ1rJIGtF5MQTZ87xf4ZowM//zJ2ZwS+gNpye3+4DPIWuQWzw+h1z6/3aAI
3SP/3wEe0PXe5igZFKkBqg4c5GY/+qhWQ2fy8OzTldevSYe071RGoba4D5cp0B5h
hKzGXQfRXM7w7fLJS2R2bhnH0PjGzjw1NBfrDsBrh25LU/yFU3yfidY83yDmqP4p
SZcfViWPODVKawdqxpz+DdjsyYn1X4s0gsdgZxhExm5OQSlU28K54w+Yhu22rUhG
8/bJbAWMSwxo5NRqIs5n2PrBLYuUl09O7JMDjpl3doDqh5it1OC0iXZeml6JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULK1Y2xkubxYYuu0kFJi9UbHoCTAwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzIzMzM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy0KgwDQYJKoZIhvcNAQELBQADggEBAIyCrLqJ7uFFz3cz6F3KiBMxY4g9qk6Y
17pnhPbQNPx93X6giBgwF51/VMRTo8AzGEtBNGGN4ckGVCEE1AWXgsoKhGwRpW+W
0/ILOyLGWq/INIfZ74vFHmbebTFJ8YseP+RLiLLwzxr3sTD3lJFcmyPBa42bnplw
5iqDfkwdXkfiGMnntX0sw9+l4nLKaXBubKEUmH4MYdo38VWd/gsnrhcTH8Ve61nk
PADBykbO6haysQDpYwf2IDI7+SviEQpMyGkESL0dg5uLv5n8jvLy+DfYLFeVg+4Q
R75nA6GKrSEmum3jqM6vC6HFrLwY7Q8BAGRfqzv2ikd4DQP78hDIxeE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:26 2024 by rpki-client on console-ams.rpki-client.org