Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
File: 3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: z4Y7w0J+pgWXtmJ8bAfbV8o5tLm3qVjhpo4weounrsI=
Subject key identifier: D8:48:B6:A5:A5:A3:CC:95:AB:28:6E:39:59:34:0D:90:20:B9:3A:61
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2543274116F8BD395641632757ECCE0F973785C8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Sep 2024 14:04:52 +0000
ROA not before: Fri 20 Sep 2024 13:59:52 +0000
ROA not after: Fri 19 Sep 2025 14:04:52 +0000
asID: 51167
IP address blocks: 185.202.223.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:43:27:41:16:f8:bd:39:56:41:63:27:57:ec:ce:0f:97:37:85:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:52 2024 GMT
Not After : Sep 19 14:04:52 2025 GMT
Subject: CN=D848B6A5A5A3CC95AB286E3959340D9020B93A61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:59:d9:b0:72:af:77:da:ab:9d:6c:e0:4c:
d4:7d:b6:c8:8a:89:6d:4e:1e:9e:c4:ad:21:cb:74:
fc:be:c6:dc:1f:ea:e5:36:69:e5:7f:8c:05:db:e5:
e9:7f:79:fd:56:00:62:22:2f:85:72:a4:28:5d:bd:
9a:13:f7:c3:a1:a7:d9:91:94:e8:59:78:62:cf:01:
68:af:9f:b3:46:33:93:30:3c:bf:70:c1:f3:9f:ef:
01:20:fa:69:4b:e2:84:5f:0a:8c:0b:63:ac:72:ad:
3a:c6:51:a3:e7:3a:7f:52:02:be:44:fa:28:dd:91:
9e:82:39:ce:be:d2:5c:b7:9c:d9:88:04:bc:d1:a2:
dc:5a:ad:82:23:4d:b3:3a:42:7e:3f:ed:8d:10:c6:
68:8f:b0:f2:e0:a7:99:30:dd:ed:3f:68:17:49:06:
f2:53:ea:4b:f8:60:b9:7f:58:08:3d:d0:66:f5:62:
e6:5e:8f:e0:a9:fe:ea:b8:7e:2c:5c:63:45:7c:a6:
0b:aa:a3:b4:e0:22:b0:6f:03:31:f5:17:8a:7d:72:
ad:8e:23:c5:16:6a:ea:c1:bf:2c:4a:5f:98:ae:85:
bf:a6:f9:06:9d:b8:44:df:9e:91:cd:2c:38:8e:a3:
87:51:44:7b:60:c5:07:73:8d:2a:87:0b:2e:bf:89:
48:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:48:B6:A5:A5:A3:CC:95:AB:28:6E:39:59:34:0D:90:20:B9:3A:61
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.223.0/24
Signature Algorithm: sha256WithRSAEncryption
15:80:c5:e4:d1:20:48:a2:00:a3:87:f8:62:fb:4d:17:57:6e:
6c:fe:25:e1:88:8d:eb:bd:69:31:85:71:3d:e6:03:9c:d9:4c:
ed:a4:b5:18:b1:dc:69:8f:99:94:fa:69:14:38:6a:53:9f:60:
c0:a4:62:fc:23:32:3d:b3:8d:0f:4a:1c:9d:f5:84:ca:c3:b2:
36:04:71:05:3a:81:84:b9:b2:56:3e:d1:24:cb:c6:59:00:0f:
43:b5:8c:19:df:c5:be:ae:1d:27:a7:ef:55:94:52:9f:ed:63:
79:a8:27:d0:7a:54:b7:76:71:d3:df:a8:ff:e1:cc:ba:c0:74:
1a:1f:9c:2d:53:84:68:17:97:90:7e:d2:4f:1d:c8:27:b8:a2:
1f:88:b0:54:1e:d3:b2:af:92:6e:a1:a1:2b:46:ab:2f:77:02:
c4:b1:4b:43:57:a5:1b:51:5c:a3:10:fe:17:cd:f1:d3:b7:11:
46:cc:ba:99:4d:46:6c:38:a8:ed:b9:78:41:ba:2e:a6:67:5f:
bc:60:0f:55:96:db:01:6d:9d:f4:8d:46:70:80:70:7c:9f:51:
93:5e:bd:2c:01:4e:27:27:a4:78:6e:57:79:11:ae:f2:ed:0e:
be:24:c1:63:cd:4d:6d:21:af:e7:5d:ab:fa:19:84:8b:a9:94:
b3:cf:40:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJUMnQRb4vTlWQWMnV+zOD5c3hcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTJaFw0yNTA5MTkxNDA0NTJaMDMxMTAvBgNV
BAMTKEQ4NDhCNkE1QTVBM0NDOTVBQjI4NkUzOTU5MzQwRDkwMjBCOTNBNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirlnZsHKvd9qrnWzgTNR9tsiK
iW1OHp7ErSHLdPy+xtwf6uU2aeV/jAXb5el/ef1WAGIiL4VypChdvZoT98Ohp9mR
lOhZeGLPAWivn7NGM5MwPL9wwfOf7wEg+mlL4oRfCowLY6xyrTrGUaPnOn9SAr5E
+ijdkZ6COc6+0ly3nNmIBLzRotxarYIjTbM6Qn4/7Y0QxmiPsPLgp5kw3e0/aBdJ
BvJT6kv4YLl/WAg90Gb1YuZej+Cp/uq4fixcY0V8pguqo7TgIrBvAzH1F4p9cq2O
I8UWaurBvyxKX5iuhb+m+QaduETfnpHNLDiOo4dRRHtgxQdzjSqHCy6/iUjPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2Ei2paWjzJWrKG45WTQNkCC5OmEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzIzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yt8wDQYJKoZIhvcNAQELBQADggEBABWAxeTRIEiiAKOH+GL7TRdXbmz+JeGI
jeu9aTGFcT3mA5zZTO2ktRix3GmPmZT6aRQ4alOfYMCkYvwjMj2zjQ9KHJ31hMrD
sjYEcQU6gYS5slY+0STLxlkAD0O1jBnfxb6uHSen71WUUp/tY3moJ9B6VLd2cdPf
qP/hzLrAdBofnC1ThGgXl5B+0k8dyCe4oh+IsFQe07Kvkm6hoStGqy93AsSxS0NX
pRtRXKMQ/hfN8dO3EUbMuplNRmw4qO25eEG6LqZnX7xgD1WW2wFtnfSNRnCAcHyf
UZNevSwBTicnpHhuV3kRrvLtDr4kwWPNTW0hr+ddq/oZhIuplLPPQDU=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:21:20 2025 by rpki-client