Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
File: 3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: RiBvGK6NcZoHvWdFkiuU6UBnyMIGsduZ7CkbRlvWN+s=
Subject key identifier: CE:DC:61:F5:07:17:D0:77:22:77:53:3E:0F:06:4B:CC:99:FD:42:A7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7375A4A946349FAE2388213B322D9F43702CEFAF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
Signing time: Thu 27 Jun 2024 12:04:31 +0000
ROA not before: Thu 27 Jun 2024 11:59:31 +0000
ROA not after: Thu 26 Jun 2025 12:04:31 +0000
asID: 203380
IP address blocks: 185.175.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:75:a4:a9:46:34:9f:ae:23:88:21:3b:32:2d:9f:43:70:2c:ef:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 27 11:59:31 2024 GMT
Not After : Jun 26 12:04:31 2025 GMT
Subject: CN=CEDC61F50717D0772277533E0F064BCC99FD42A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:56:0f:f9:51:85:0b:b8:a9:3e:17:15:1b:55:
44:52:12:6f:5b:bd:ba:08:bf:17:2b:d0:2b:d6:20:
59:16:d9:70:da:29:80:fd:44:4f:68:58:9a:a6:95:
73:65:68:37:3d:fa:7c:46:c7:57:0e:23:59:e4:bd:
be:8d:1b:c9:ec:fa:e6:97:e4:49:a9:ab:b8:d2:51:
04:64:8a:e0:74:c8:97:dd:c2:d4:9b:99:5b:bb:54:
24:79:6b:0e:27:a3:ea:2b:86:0e:dd:89:d2:81:be:
28:61:2c:44:47:9e:f5:d3:ef:0d:30:87:92:fc:a9:
8c:5c:07:1c:16:38:96:e1:1e:f1:ec:c2:c4:93:23:
d3:37:33:f3:5f:e7:66:b3:80:b1:4a:46:31:08:be:
36:23:d5:fe:60:05:0f:83:d8:0a:41:77:0a:7b:9a:
7b:e1:7d:d6:8c:1f:0a:4f:b1:51:78:73:e1:c8:71:
af:38:ec:b8:c4:b1:57:f5:da:2a:26:4a:c0:b1:4b:
0b:d6:cc:41:0f:e9:89:1d:80:d1:c3:13:d1:79:52:
6b:38:e5:c4:10:00:a1:d1:ea:5f:2e:fa:31:85:58:
b5:85:b3:75:9c:6e:04:b3:dd:25:5a:2e:e2:18:fa:
d3:83:5c:0d:37:b8:31:cb:a7:75:27:a2:75:21:c5:
11:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DC:61:F5:07:17:D0:77:22:77:53:3E:0F:06:4B:CC:99:FD:42:A7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.208.0/24
Signature Algorithm: sha256WithRSAEncryption
87:41:da:61:5c:5a:21:9f:dc:03:69:d9:6d:58:0b:e9:68:2f:
cf:d9:ee:c3:f7:d7:59:fd:98:1f:64:88:88:af:a8:9c:16:92:
77:02:6f:c8:50:40:ed:8a:77:66:e5:d8:c1:65:19:57:23:0c:
52:93:1d:3e:b8:83:4c:d9:5a:14:84:6c:29:d2:82:88:ae:c4:
a9:13:1b:24:ba:f4:a4:31:64:74:21:ef:70:28:1b:05:99:87:
39:52:81:74:96:e2:69:44:62:00:cd:1f:1d:71:5a:b1:76:e9:
e9:6d:d5:27:2a:bc:2b:af:a3:06:15:b3:52:e8:fc:cd:82:5f:
f0:78:c9:8b:ea:5d:74:b4:b2:64:71:73:c4:13:8e:e8:b9:09:
9b:c4:71:90:20:2a:82:e7:ec:70:89:d9:fe:10:ff:22:29:54:
a3:4b:b7:ea:98:17:15:85:97:50:59:d6:de:37:69:87:a0:05:
52:59:8e:44:05:37:3d:64:f5:3a:f3:2c:8d:41:ca:4f:af:c0:
b1:d3:65:b2:6b:ab:64:e8:3d:62:99:28:bb:6e:f0:4d:ea:4e:
a4:ac:5f:59:d4:33:3c:6a:a8:3a:b1:f4:f4:81:a5:42:b5:2f:
de:79:e9:89:8b:86:6a:ff:44:ed:fd:2e:21:d4:3d:66:25:0e:
92:52:f6:b7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc3WkqUY0n64jiCE7Mi2fQ3As768wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjcxMTU5MzFaFw0yNTA2MjYxMjA0MzFaMDMxMTAvBgNV
BAMTKENFREM2MUY1MDcxN0QwNzcyMjc3NTMzRTBGMDY0QkNDOTlGRDQyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwVg/5UYULuKk+FxUbVURSEm9b
vboIvxcr0CvWIFkW2XDaKYD9RE9oWJqmlXNlaDc9+nxGx1cOI1nkvb6NG8ns+uaX
5Empq7jSUQRkiuB0yJfdwtSbmVu7VCR5aw4no+orhg7didKBvihhLERHnvXT7w0w
h5L8qYxcBxwWOJbhHvHswsSTI9M3M/Nf52azgLFKRjEIvjYj1f5gBQ+D2ApBdwp7
mnvhfdaMHwpPsVF4c+HIca847LjEsVf12iomSsCxSwvWzEEP6YkdgNHDE9F5Ums4
5cQQAKHR6l8u+jGFWLWFs3WcbgSz3SVaLuIY+tODXA03uDHLp3UnonUhxRHJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUztxh9QcX0Hcid1M+DwZLzJn9QqcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzUyZTMy
MzAzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmv0DANBgkqhkiG9w0BAQsFAAOCAQEAh0HaYVxaIZ/cA2nZbVgL6Wgvz9nu
w/fXWf2YH2SIiK+onBaSdwJvyFBA7Yp3ZuXYwWUZVyMMUpMdPriDTNlaFIRsKdKC
iK7EqRMbJLr0pDFkdCHvcCgbBZmHOVKBdJbiaURiAM0fHXFasXbp6W3VJyq8K6+j
BhWzUuj8zYJf8HjJi+pddLSyZHFzxBOO6LkJm8RxkCAqgufscInZ/hD/IilUo0u3
6pgXFYWXUFnW3jdph6AFUlmORAU3PWT1OvMsjUHKT6/AsdNlsmurZOg9Ypkou27w
TepOpKxfWdQzPGqoOrH09IGlQrUv3nnpiYuGav9E7f0uIdQ9ZiUOklL2tw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org