Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
File: 3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa (raw, json)
Hash identifier: zE5NBGJF5woKuzvohhsYIOLjrVcy2yYDLtfugRoEwE4=
Subject key identifier: C1:50:3C:C5:5E:3D:EC:D1:21:99:FB:DF:06:EF:41:08:80:22:74:D7
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 1621450706ACB2BC39EF4CE3A5A01C75948CEA20
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
Signing time: Mon 02 Sep 2024 06:05:19 +0000
ROA not before: Mon 02 Sep 2024 06:00:19 +0000
ROA not after: Mon 01 Sep 2025 06:05:19 +0000
asID: 22363
IP address blocks: 178.208.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:21:45:07:06:ac:b2:bc:39:ef:4c:e3:a5:a0:1c:75:94:8c:ea:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Sep 2 06:00:19 2024 GMT
Not After : Sep 1 06:05:19 2025 GMT
Subject: CN=C1503CC55E3DECD12199FBDF06EF4108802274D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fb:44:1d:60:b3:ca:38:0f:b1:9b:c5:01:7b:
69:4b:8c:46:37:e2:63:f2:15:9f:d4:1e:66:19:d0:
4b:ac:f6:c0:73:59:34:df:1b:46:4e:b5:e9:6d:a7:
b0:2d:f6:59:30:f0:3e:f6:82:94:34:95:93:e9:96:
4d:72:e7:4c:12:db:9f:b8:d8:a6:76:47:5e:cc:05:
fc:7f:34:34:95:75:45:f7:a6:34:b1:eb:bf:7c:53:
a4:6c:11:66:3b:2e:ad:48:e0:b3:07:3a:0a:e0:44:
d8:1c:6c:3c:01:64:08:fb:03:19:8d:d4:e6:e0:e2:
22:30:c2:64:a3:c6:8c:14:bb:d1:8f:ad:3f:62:4f:
88:17:30:f8:9a:32:72:51:c4:de:fc:f8:44:aa:a6:
74:20:24:fe:56:da:49:50:d4:3e:77:6b:74:a5:cb:
ad:a1:a9:c7:ed:b7:1d:de:76:ac:41:c9:11:81:80:
e2:a7:26:a1:e1:13:fe:f6:f8:e2:1d:b5:7d:2a:4f:
ae:e8:60:40:ba:f1:38:a2:5f:21:16:33:39:09:b5:
3e:18:ce:54:70:1f:9d:1c:3d:47:71:bd:56:37:fc:
c8:38:18:87:51:95:ce:2b:c0:67:49:74:d8:39:57:
b8:ca:49:dd:e5:33:fa:9f:81:84:ae:db:85:74:fd:
aa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:50:3C:C5:5E:3D:EC:D1:21:99:FB:DF:06:EF:41:08:80:22:74:D7
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.172.0/22
Signature Algorithm: sha256WithRSAEncryption
36:79:83:3c:1a:8f:11:bc:91:5d:b8:2f:92:84:26:b1:56:6e:
2d:ec:0e:a7:05:eb:8b:b5:dc:ec:dc:19:d0:32:1a:c4:86:e9:
23:44:92:df:af:e9:f0:8e:78:42:51:67:59:ab:80:2c:75:8a:
34:7e:fe:00:da:7f:e7:c2:9c:43:54:ef:ac:6c:8d:99:64:59:
dd:4d:f3:52:4d:b6:a1:46:22:8e:05:0a:fa:cf:a3:bd:a0:88:
bd:65:3c:4f:44:99:27:51:94:f3:6d:31:c7:ab:eb:9a:5f:30:
48:36:87:77:65:48:32:70:25:d3:9c:13:49:4b:cd:4f:09:63:
d4:38:79:5e:30:58:55:57:be:90:d0:8b:00:c3:93:46:e6:25:
66:cf:40:93:02:f3:a3:7c:97:d5:65:67:af:a0:1b:73:1f:a3:
38:05:64:d8:89:bf:df:e9:1c:73:65:3a:fe:ea:56:fe:dd:69:
ca:3a:ec:39:9c:6d:a6:8f:93:06:ad:a9:12:bd:33:12:5b:fc:
a3:d7:09:8f:5d:b0:88:aa:e6:15:0c:c3:89:b4:57:67:32:f5:
28:a4:72:bf:1c:b7:55:41:5d:ca:43:9e:dc:a2:43:30:ec:b9:
24:8b:02:a5:ff:9d:0a:f7:bc:0f:69:33:c1:9c:3c:84:a3:48:
70:bd:1f:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFiFFBwassrw570zjpaAcdZSM6iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDA5MDIwNjAwMTlaFw0yNTA5MDEwNjA1MTlaMDMxMTAvBgNV
BAMTKEMxNTAzQ0M1NUUzREVDRDEyMTk5RkJERjA2RUY0MTA4ODAyMjc0RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV+0QdYLPKOA+xm8UBe2lLjEY3
4mPyFZ/UHmYZ0Eus9sBzWTTfG0ZOteltp7At9lkw8D72gpQ0lZPplk1y50wS25+4
2KZ2R17MBfx/NDSVdUX3pjSx6798U6RsEWY7Lq1I4LMHOgrgRNgcbDwBZAj7AxmN
1Obg4iIwwmSjxowUu9GPrT9iT4gXMPiaMnJRxN78+ESqpnQgJP5W2klQ1D53a3Sl
y62hqcfttx3edqxByRGBgOKnJqHhE/72+OIdtX0qT67oYEC68TiiXyEWMzkJtT4Y
zlRwH50cPUdxvVY3/Mg4GIdRlc4rwGdJdNg5V7jKSd3lM/qfgYSu24V0/apPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwVA8xV497NEhmfvfBu9BCIAidNcwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzIzMzM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy0KwwDQYJKoZIhvcNAQELBQADggEBADZ5gzwajxG8kV24L5KEJrFWbi3sDqcF
64u13OzcGdAyGsSG6SNEkt+v6fCOeEJRZ1mrgCx1ijR+/gDaf+fCnENU76xsjZlk
Wd1N81JNtqFGIo4FCvrPo72giL1lPE9EmSdRlPNtMcer65pfMEg2h3dlSDJwJdOc
E0lLzU8JY9Q4eV4wWFVXvpDQiwDDk0bmJWbPQJMC86N8l9VlZ6+gG3MfozgFZNiJ
v9/pHHNlOv7qVv7daco67DmcbaaPkwatqRK9MxJb/KPXCY9dsIiq5hUMw4m0V2cy
9Sikcr8ct1VBXcpDntyiQzDsuSSLAqX/nQr3vA9pM8GcPISjSHC9H0Q=
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:54:59 2024 by rpki-client on console-ams.rpki-client.org