Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
File: 3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: Moh+LLZN23txPrV2JYzCrXoInaU4CcGwwfMUi+KNmFo=
Subject key identifier: 8E:96:E1:F2:76:DF:FC:B9:09:B8:14:EE:78:B7:E4:EE:C5:B1:26:BC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 49DE34BE14647B19FEEC1E3F3C5E5FEAA5FFD5C6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
Signing time: Wed 22 May 2024 12:54:04 +0000
ROA not before: Wed 22 May 2024 12:49:04 +0000
ROA not after: Wed 21 May 2025 12:54:04 +0000
asID: 51167
IP address blocks: 185.203.216.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:de:34:be:14:64:7b:19:fe:ec:1e:3f:3c:5e:5f:ea:a5:ff:d5:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 22 12:49:04 2024 GMT
Not After : May 21 12:54:04 2025 GMT
Subject: CN=8E96E1F276DFFCB909B814EE78B7E4EEC5B126BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:d1:d0:41:bf:e3:2a:56:5d:97:9a:8e:3c:
ae:1c:66:3a:78:ac:06:72:b2:62:75:b0:67:89:96:
01:b5:d3:10:bb:24:f0:b3:89:d7:db:fe:c4:39:7a:
ba:7d:8a:63:e1:0a:92:bd:43:67:60:38:d9:e3:32:
28:8b:38:64:a4:3a:fd:a5:ab:ec:cc:7c:46:30:2b:
f6:83:d8:10:33:ef:19:99:dc:34:64:f9:48:09:d0:
50:87:22:bf:8f:c0:8a:1d:b2:1d:4e:f8:13:50:16:
7d:3d:0a:00:a4:91:58:9d:1c:cc:e9:be:e6:70:ab:
38:71:86:49:40:21:91:4c:68:e7:ed:41:55:42:c2:
fd:29:4d:af:f6:9e:0b:b6:b9:2f:f4:da:69:17:6e:
26:42:75:93:b7:09:bd:e9:0c:9e:b4:19:0c:69:50:
e1:8e:d2:51:44:29:3d:7c:f1:55:0a:57:ce:29:c4:
e7:e8:1a:9b:d7:f7:62:44:ea:76:0b:a3:b2:30:a6:
bb:b9:f3:7c:47:25:4d:48:1f:61:5d:40:7f:78:6f:
ad:45:96:5d:86:79:31:b9:4e:61:d0:de:6c:b5:8f:
e6:3a:2f:74:91:77:6f:c9:60:73:c5:0c:8f:b6:08:
32:bc:83:1d:51:99:5f:fe:24:16:1c:2a:a2:a4:64:
fa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:96:E1:F2:76:DF:FC:B9:09:B8:14:EE:78:B7:E4:EE:C5:B1:26:BC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.216.0/23
Signature Algorithm: sha256WithRSAEncryption
05:6c:5c:c1:ab:3d:ac:07:a0:94:b6:bd:50:18:61:6a:99:fe:
b0:10:04:f9:01:41:6d:44:9d:31:89:c6:1d:45:3c:f0:f1:43:
0c:05:19:7b:88:18:1b:fb:d6:0a:7d:c9:dc:cf:47:79:b5:90:
02:14:75:33:34:7b:f9:1b:83:c5:02:6c:d0:9a:69:33:0a:f9:
f5:9d:31:98:c0:53:68:ea:69:80:ba:b2:ed:21:d6:2b:93:7a:
65:6a:d5:e0:6e:64:27:67:92:81:0b:03:8e:2b:5c:02:41:9b:
60:85:2f:f8:f7:1f:bd:40:72:2a:63:09:15:09:86:a1:d4:40:
b0:c7:0c:40:dd:c7:27:c1:28:0c:7c:27:5c:78:4b:4e:c2:42:
5b:49:30:3f:79:40:59:0b:33:37:68:7e:b8:ff:17:87:4f:0b:
2e:4d:38:c7:46:ec:2d:0d:e3:5d:ba:e7:6b:b6:99:77:6b:ac:
d6:66:2f:0a:86:e5:7e:3c:4a:d8:12:e3:76:16:19:b9:cb:45:
aa:c7:ff:71:41:a2:d7:bf:5a:e7:d2:e6:78:32:40:fb:c3:23:
b2:b6:49:c5:35:b6:87:f1:bd:67:b1:fe:02:4a:bb:c7:ed:b1:
9e:bd:7e:88:e4:dc:30:33:e1:4c:4b:e2:13:23:ca:8a:f1:36:
4a:6e:4c:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSd40vhRkexn+7B4/PF5f6qX/1cYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MjIxMjQ5MDRaFw0yNTA1MjExMjU0MDRaMDMxMTAvBgNV
BAMTKDhFOTZFMUYyNzZERkZDQjkwOUI4MTRFRTc4QjdFNEVFQzVCMTI2QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAGtHQQb/jKlZdl5qOPK4cZjp4
rAZysmJ1sGeJlgG10xC7JPCzidfb/sQ5erp9imPhCpK9Q2dgONnjMiiLOGSkOv2l
q+zMfEYwK/aD2BAz7xmZ3DRk+UgJ0FCHIr+PwIodsh1O+BNQFn09CgCkkVidHMzp
vuZwqzhxhklAIZFMaOftQVVCwv0pTa/2ngu2uS/02mkXbiZCdZO3Cb3pDJ60GQxp
UOGO0lFEKT188VUKV84pxOfoGpvX92JE6nYLo7Iwpru583xHJU1IH2FdQH94b61F
ll2GeTG5TmHQ3my1j+Y6L3SRd2/JYHPFDI+2CDK8gx1RmV/+JBYcKqKkZPo7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjpbh8nbf/LkJuBTueLfk7sWxJrwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5y9gwDQYJKoZIhvcNAQELBQADggEBAAVsXMGrPawHoJS2vVAYYWqZ/rAQBPkB
QW1EnTGJxh1FPPDxQwwFGXuIGBv71gp9ydzPR3m1kAIUdTM0e/kbg8UCbNCaaTMK
+fWdMZjAU2jqaYC6su0h1iuTemVq1eBuZCdnkoELA44rXAJBm2CFL/j3H71Acipj
CRUJhqHUQLDHDEDdxyfBKAx8J1x4S07CQltJMD95QFkLMzdofrj/F4dPCy5NOMdG
7C0N412652u2mXdrrNZmLwqG5X48StgS43YWGbnLRarH/3FBote/WufS5ngyQPvD
I7K2ScU1tofxvWex/gJKu8ftsZ69fojk3DAz4UxL4hMjyorxNkpuTDI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:09:56 2025 by rpki-client