Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: KFxYBVSPrG59KcygYB4X4sbsfGE6kLF5ZyaIktMJXvA=
Subject key identifier: 00:5B:AA:EB:F5:33:02:DD:1E:4C:AC:B5:D0:21:0E:2B:E9:DE:C8:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30D878EC4E3C4457956CA11BD01F7568856A3D11
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 20 Sep 2024 14:04:55 +0000
ROA not before: Fri 20 Sep 2024 13:59:55 +0000
ROA not after: Fri 19 Sep 2025 14:04:55 +0000
asID: 141039
IP address blocks: 185.202.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d8:78:ec:4e:3c:44:57:95:6c:a1:1b:d0:1f:75:68:85:6a:3d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:55 2024 GMT
Not After : Sep 19 14:04:55 2025 GMT
Subject: CN=005BAAEBF53302DD1E4CACB5D0210E2BE9DEC8C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:50:1b:bb:c9:31:69:4c:fe:04:d9:09:77:ac:
df:ce:bc:43:00:82:5b:68:e2:e5:10:70:53:2e:e1:
f2:43:e5:dc:d1:4d:db:b0:e0:83:f4:77:0f:15:fb:
0b:6a:08:66:b8:61:15:7b:12:f8:54:70:81:73:3b:
9a:72:4d:f6:bd:c0:68:f3:ef:2a:eb:55:be:67:00:
32:ae:9e:c4:8e:e8:01:ab:6d:39:9a:53:54:cf:ff:
f3:03:da:14:5f:49:b9:e2:95:25:79:22:5e:0b:80:
f2:0b:9c:c4:41:96:3f:35:80:a4:cf:1d:8a:f6:9e:
8a:f6:ba:d6:91:53:93:16:ab:16:f7:8b:0b:dc:a6:
9e:5c:0a:af:54:60:83:5e:00:c5:ed:f2:6b:9c:ba:
a2:39:94:0f:c5:6d:bc:e8:db:a1:52:fb:1c:43:b4:
08:83:08:5d:53:77:7b:e9:da:0b:90:db:30:c6:a1:
8e:ee:0f:0a:27:7f:67:b6:b6:d2:c3:6d:3c:a1:0f:
2a:92:81:b2:e6:02:34:4d:9f:c0:16:84:76:99:b9:
4e:3b:24:58:c5:2d:f3:50:47:02:6b:14:fc:8b:14:
db:34:97:4c:42:ff:86:c8:d3:a9:bf:da:8c:2e:93:
dd:d1:36:70:1e:dc:f5:16:b1:17:44:a0:98:4b:98:
6a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5B:AA:EB:F5:33:02:DD:1E:4C:AC:B5:D0:21:0E:2B:E9:DE:C8:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.220.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ad:b8:10:92:19:1d:05:b9:1a:fd:1b:6c:6d:a6:3f:2f:21:
43:10:83:66:1e:e4:8e:6a:67:98:a6:c7:9f:b4:0a:b2:a6:1e:
c6:f3:07:a0:0e:df:3e:56:72:4e:25:4f:eb:bb:96:bd:59:68:
cd:79:fa:4d:ed:52:9d:ac:00:71:43:4f:09:95:8d:50:33:68:
f9:ce:85:53:88:9e:a7:e0:18:e3:69:78:ad:61:4c:e7:ee:94:
f1:57:af:3e:94:dc:ab:8a:99:8b:8d:4a:ce:bd:92:72:0b:9c:
6a:31:60:b6:10:f2:52:77:9e:be:1a:97:a8:56:9b:cd:d0:37:
b1:1a:4b:f5:35:ec:be:65:dd:4a:ab:e9:2f:f7:8a:08:c6:b5:
47:a0:8c:63:6e:aa:ad:53:a3:ca:11:42:b8:7f:7a:c5:67:07:
68:99:6a:b8:ee:79:45:e9:82:ed:c5:a6:9d:bc:76:67:24:52:
1d:e3:90:a9:ad:38:e3:76:5d:7f:bb:fa:42:f6:0d:54:d9:ec:
dd:73:b9:1c:12:16:47:f9:a9:df:c0:05:b0:bc:3b:84:f2:d1:
8a:7f:bc:71:c2:70:3c:69:e8:65:d0:0c:2c:08:da:12:a8:8a:
8f:e4:7e:57:f2:ae:1f:7e:6f:0d:07:82:2b:22:a7:85:52:9f:
ad:10:11:3c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMNh47E48RFeVbKEb0B91aIVqPREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTVaFw0yNTA5MTkxNDA0NTVaMDMxMTAvBgNV
BAMTKDAwNUJBQUVCRjUzMzAyREQxRTRDQUNCNUQwMjEwRTJCRTlERUM4QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGUBu7yTFpTP4E2Ql3rN/OvEMA
glto4uUQcFMu4fJD5dzRTduw4IP0dw8V+wtqCGa4YRV7EvhUcIFzO5pyTfa9wGjz
7yrrVb5nADKunsSO6AGrbTmaU1TP//MD2hRfSbnilSV5Il4LgPILnMRBlj81gKTP
HYr2nor2utaRU5MWqxb3iwvcpp5cCq9UYINeAMXt8mucuqI5lA/Fbbzo26FS+xxD
tAiDCF1Td3vp2guQ2zDGoY7uDwonf2e2ttLDbTyhDyqSgbLmAjRNn8AWhHaZuU47
JFjFLfNQRwJrFPyLFNs0l0xC/4bI06m/2owuk93RNnAe3PUWsRdEoJhLmGoFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAFuq6/UzAt0eTKy10CEOK+neyMQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnK3DANBgkqhkiG9w0BAQsFAAOCAQEAl624EJIZHQW5Gv0bbG2mPy8hQxCD
Zh7kjmpnmKbHn7QKsqYexvMHoA7fPlZyTiVP67uWvVlozXn6Te1SnawAcUNPCZWN
UDNo+c6FU4iep+AY42l4rWFM5+6U8VevPpTcq4qZi41Kzr2ScgucajFgthDyUnee
vhqXqFabzdA3sRpL9TXsvmXdSqvpL/eKCMa1R6CMY26qrVOjyhFCuH96xWcHaJlq
uO55RemC7cWmnbx2ZyRSHeOQqa0443Zdf7v6QvYNVNns3XO5HBIWR/mp38AFsLw7
hPLRin+8ccJwPGnoZdAMLAjaEqiKj+R+V/KuH35vDQeCKyKnhVKfrRARPA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org