Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: oRuB3JgVwPrlkyh9FS/FGo9p5I1ijUDNJrLymOsVJhM=
Subject key identifier: 46:86:7F:CB:B4:FE:EB:E9:47:28:C9:4E:A7:91:42:FB:FE:03:AD:55
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2BAC1B24E76A71AFB0432AEB1FB0B3997A21B5E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 141039
IP address blocks: 185.203.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ac:1b:24:e7:6a:71:af:b0:43:2a:eb:1f:b0:b3:99:7a:21:b5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=46867FCBB4FEEBE94728C94EA79142FBFE03AD55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b0:7a:22:4a:7a:20:e4:a8:ed:59:ea:21:dd:
de:0d:f4:e7:a4:56:e2:4b:42:1e:79:11:79:90:44:
c0:2f:d4:28:e7:f4:b3:29:7b:3d:1b:18:77:15:13:
ed:2e:0d:dd:7f:fa:ac:1b:f2:68:b1:ed:d5:38:3d:
8b:3f:b0:24:bc:87:74:27:a7:1a:3a:01:5f:95:18:
6c:69:ef:68:d1:b1:4a:71:d5:9f:3c:b3:e9:cf:4b:
a3:e2:82:69:ab:cc:61:3d:95:ca:be:37:55:8b:8d:
27:31:37:61:39:b1:6a:61:42:52:6c:64:50:9c:de:
29:9d:b3:1c:8c:85:9e:79:b2:12:04:54:8b:5f:2b:
15:a2:64:9b:fc:bc:d5:69:ed:b0:a3:12:7f:d8:db:
b4:1e:79:29:de:4c:14:0b:65:0c:22:02:93:d3:d7:
1d:e2:7d:e6:dc:2f:35:aa:92:4b:cb:2a:4c:2b:34:
8e:f7:dd:a0:f1:0b:7e:55:32:0a:a6:7f:ea:cb:ef:
6f:9d:1e:8f:21:b7:68:55:d8:40:62:93:22:24:69:
f2:96:7e:26:35:66:57:36:a9:07:a1:7e:62:81:7e:
86:bb:1f:1a:06:76:ca:48:a4:19:1a:bb:31:ee:01:
71:87:bb:a2:a4:35:af:9a:9d:37:26:1d:09:81:ac:
f6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:86:7F:CB:B4:FE:EB:E9:47:28:C9:4E:A7:91:42:FB:FE:03:AD:55
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.218.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ca:66:f7:84:08:16:a1:03:90:6a:41:e8:8e:82:09:a3:76:
e6:b2:52:2d:e9:c5:06:8b:de:9f:dc:1e:fb:73:6c:08:30:62:
5d:c4:42:66:39:3f:5e:e2:13:e6:58:ec:cd:2d:61:c0:b9:6f:
c8:4d:4c:19:4e:59:ea:af:89:0e:da:5c:bd:73:e6:26:59:5e:
e3:a0:94:12:65:30:28:1f:7b:37:1c:ee:80:4e:01:46:5d:a2:
08:bb:16:3e:59:3a:bd:4a:b3:74:85:63:13:82:c6:8b:24:28:
a7:44:d0:85:26:c9:62:38:c5:1b:cc:26:6e:9d:75:ac:c2:a2:
46:5b:1b:a8:99:d2:e8:9a:b6:3e:1b:13:8d:41:b0:84:26:eb:
16:cf:d8:10:51:35:0e:f0:3f:c1:5a:de:8f:7b:18:fa:95:f7:
25:a9:fe:27:1e:c3:a3:80:56:20:2a:68:26:14:fa:a0:46:2d:
06:91:d4:5b:d4:ae:44:a2:1e:02:96:da:e0:56:e4:0e:4d:22:
af:57:d8:8f:c1:59:54:4a:e4:05:3d:16:e2:00:c0:df:21:d9:
e6:e1:d7:0f:02:52:5d:c5:ae:5b:5e:4d:b2:12:f1:6b:f8:ba:
b5:db:85:27:d9:a2:86:06:1c:24:01:dc:be:bb:9a:41:93:a8:
db:53:0c:54
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUK6wbJOdqca+wQyrrH7CzmXohtegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKDQ2ODY3RkNCQjRGRUVCRTk0NzI4Qzk0RUE3OTE0MkZCRkUwM0FENTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCisHoiSnog5KjtWeoh3d4N9Oek
VuJLQh55EXmQRMAv1Cjn9LMpez0bGHcVE+0uDd1/+qwb8mix7dU4PYs/sCS8h3Qn
pxo6AV+VGGxp72jRsUpx1Z88s+nPS6PigmmrzGE9lcq+N1WLjScxN2E5sWphQlJs
ZFCc3imdsxyMhZ55shIEVItfKxWiZJv8vNVp7bCjEn/Y27QeeSneTBQLZQwiApPT
1x3ifebcLzWqkkvLKkwrNI733aDxC35VMgqmf+rL72+dHo8ht2hV2EBikyIkafKW
fiY1Zlc2qQehfmKBfoa7HxoGdspIpBkauzHuAXGHu6KkNa+anTcmHQmBrPb5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURoZ/y7T+6+lHKMlOp5FC+/4DrVUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnL2jANBgkqhkiG9w0BAQsFAAOCAQEAG8pm94QIFqEDkGpB6I6CCaN25rJS
LenFBoven9we+3NsCDBiXcRCZjk/XuIT5ljszS1hwLlvyE1MGU5Z6q+JDtpcvXPm
Jlle46CUEmUwKB97NxzugE4BRl2iCLsWPlk6vUqzdIVjE4LGiyQop0TQhSbJYjjF
G8wmbp11rMKiRlsbqJnS6Jq2PhsTjUGwhCbrFs/YEFE1DvA/wVrej3sY+pX3Jan+
Jx7Do4BWICpoJhT6oEYtBpHUW9SuRKIeApba4FbkDk0ir1fYj8FZVErkBT0W4gDA
3yHZ5uHXDwJSXcWuW15NshLxa/i6tduFJ9mihgYcJAHcvruaQZOo21MMVA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:35 2025 by rpki-client