Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
File: 3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: rZxRWlPbZQK36kd9FTFbTQt9fm5EYUXQP6Xizba/Xs8=
Subject key identifier: DE:19:34:7D:5F:08:EF:6B:46:5D:D0:DB:22:7E:BA:7E:04:FA:EB:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 229B675528FDC8F17AC44DF82CD595B156369218
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:48 +0000
ROA not before: Fri 20 Oct 2023 13:36:48 +0000
ROA not after: Fri 18 Oct 2024 13:41:48 +0000
asID: 51167
IP address blocks: 185.202.223.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:9b:67:55:28:fd:c8:f1:7a:c4:4d:f8:2c:d5:95:b1:56:36:92:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:48 2023 GMT
Not After : Oct 18 13:41:48 2024 GMT
Subject: CN=DE19347D5F08EF6B465DD0DB227EBA7E04FAEBAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f1:e0:85:7e:61:9e:7e:08:da:86:16:0e:ca:
d5:70:dc:04:9b:82:79:e2:c5:c9:68:1d:fe:1e:6b:
91:1f:71:65:f8:9c:9e:d1:99:ed:6a:59:f1:dd:47:
1f:12:60:60:c9:a8:ff:05:fd:2c:06:56:99:3b:33:
a7:09:a3:2b:a8:2f:e0:11:5a:2f:cc:ae:19:4e:ba:
2c:a8:db:6e:b3:b5:02:ee:42:29:b9:bf:f5:9b:86:
4f:dd:83:04:4b:d3:91:6b:fe:3c:1e:1d:69:34:1e:
50:2c:cd:9c:16:a3:ca:a9:42:7b:91:6e:dc:5a:22:
f5:a6:14:ae:b5:39:46:df:5a:99:93:f6:49:91:71:
b8:b6:f9:51:31:82:9f:33:5d:a7:b3:fc:4a:10:58:
17:97:d2:4c:94:88:c1:a7:12:88:05:7a:02:d0:68:
08:61:f5:dc:2a:59:35:b7:1a:c9:3e:60:57:5f:e5:
a6:8a:1b:91:f1:92:cf:4c:e5:e5:99:9e:63:9f:c6:
08:d8:9b:ea:62:bc:25:e5:bc:8a:d4:32:3f:ad:fd:
49:6c:3a:45:33:4f:b4:a6:e3:94:06:b2:87:37:21:
2b:d7:90:f0:6c:08:e7:c7:39:f6:eb:6c:8a:bc:37:
a0:96:f9:58:67:86:2b:4c:03:ba:42:5c:0a:34:a4:
da:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:19:34:7D:5F:08:EF:6B:46:5D:D0:DB:22:7E:BA:7E:04:FA:EB:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.223.0/24
Signature Algorithm: sha256WithRSAEncryption
21:dd:06:1c:2d:5d:d2:87:10:c0:c9:8c:aa:10:d3:1d:89:be:
26:11:4f:5b:85:e9:65:25:87:6a:a8:c8:1e:8f:2f:4b:5c:2f:
b0:bb:e1:97:7b:82:ef:81:19:ae:20:35:70:ff:07:6a:a5:37:
28:40:aa:b5:d6:79:ed:cd:94:3f:b2:3d:8b:0d:ed:80:62:06:
b4:1a:ce:8b:68:90:ad:02:a1:6c:db:9a:d0:ae:10:01:bb:1d:
7f:04:4a:94:a0:2f:35:2a:62:ea:48:fb:4d:a7:db:c9:e1:30:
08:6b:d2:c0:f9:fe:63:dc:c9:95:cb:69:17:3f:bb:4d:c4:0e:
9a:ba:17:88:7f:19:07:78:9b:8d:e2:52:56:33:24:e0:e5:3c:
89:ce:95:aa:54:10:eb:63:45:32:e4:de:bd:ee:97:99:eb:c7:
f9:48:b3:88:6d:61:a6:e6:7e:f6:a8:44:a8:69:c3:4c:da:72:
31:de:c2:1f:41:45:45:97:14:07:a5:d1:ff:51:99:13:a9:59:
ea:8e:9c:9f:35:10:3a:cd:c3:5a:8a:df:81:e2:87:ef:87:e1:
61:03:dc:82:66:1b:11:d7:6e:63:d0:80:8c:e3:e4:1e:2d:83:
df:6b:d6:c0:1a:71:fd:6f:dd:6e:a1:55:dd:83:33:f0:49:c2:
3d:67:b3:65
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIptnVSj9yPF6xE34LNWVsVY2khgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDhaFw0yNDEwMTgxMzQxNDhaMDMxMTAvBgNV
BAMTKERFMTkzNDdENUYwOEVGNkI0NjVERDBEQjIyN0VCQTdFMDRGQUVCQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG8eCFfmGefgjahhYOytVw3ASb
gnnixcloHf4ea5EfcWX4nJ7Rme1qWfHdRx8SYGDJqP8F/SwGVpk7M6cJoyuoL+AR
Wi/MrhlOuiyo226ztQLuQim5v/Wbhk/dgwRL05Fr/jweHWk0HlAszZwWo8qpQnuR
btxaIvWmFK61OUbfWpmT9kmRcbi2+VExgp8zXaez/EoQWBeX0kyUiMGnEogFegLQ
aAhh9dwqWTW3Gsk+YFdf5aaKG5Hxks9M5eWZnmOfxgjYm+pivCXlvIrUMj+t/Uls
OkUzT7Sm45QGsoc3ISvXkPBsCOfHOfbrbIq8N6CW+VhnhitMA7pCXAo0pNqpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3hk0fV8I72tGXdDbIn66fgT666owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzIzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yt8wDQYJKoZIhvcNAQELBQADggEBACHdBhwtXdKHEMDJjKoQ0x2JviYRT1uF
6WUlh2qoyB6PL0tcL7C74Zd7gu+BGa4gNXD/B2qlNyhAqrXWee3NlD+yPYsN7YBi
BrQazotokK0CoWzbmtCuEAG7HX8ESpSgLzUqYupI+02n28nhMAhr0sD5/mPcyZXL
aRc/u03EDpq6F4h/GQd4m43iUlYzJODlPInOlapUEOtjRTLk3r3ul5nrx/lIs4ht
YabmfvaoRKhpw0zacjHewh9BRUWXFAel0f9RmROpWeqOnJ81EDrNw1qK34Hih++H
4WED3IJmGxHXbmPQgIzj5B4tg99r1sAacf1v3W6hVd2DM/BJwj1ns2U=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org