Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
File: 3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa (raw, json)
Hash identifier: j8lbp+0lFAsNMaFLF++T2IMeHYnDI30uhlzfBLtOIF0=
Subject key identifier: 24:24:78:18:D7:80:98:8D:68:4C:98:B0:F4:F4:1B:97:E8:E3:23:BD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0EA311347C40BCF5169B2B8366644D21FC167811
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
Signing time: Mon 26 Feb 2024 08:53:05 +0000
ROA not before: Mon 26 Feb 2024 08:48:05 +0000
ROA not after: Mon 24 Feb 2025 08:53:05 +0000
asID: 56876
IP address blocks: 185.208.204.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:a3:11:34:7c:40:bc:f5:16:9b:2b:83:66:64:4d:21:fc:16:78:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:05 2024 GMT
Not After : Feb 24 08:53:05 2025 GMT
Subject: CN=24247818D780988D684C98B0F4F41B97E8E323BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:62:3d:9a:8a:62:dc:e1:7a:f1:cb:8a:48:7b:
75:cf:98:81:b4:5a:34:b5:5a:96:a9:e3:60:a0:b7:
21:66:d2:81:3b:f7:39:a8:75:33:b7:76:ff:04:7c:
9c:41:4c:3b:11:17:ad:73:ca:79:08:c4:74:ad:34:
19:af:4b:da:3c:9c:97:98:3b:44:05:19:cb:8b:65:
1e:8c:7d:a1:77:7c:82:ee:49:11:e4:c7:ce:80:d4:
93:89:95:8f:45:fa:01:45:a5:72:b7:92:8b:09:65:
bb:9a:f2:26:33:a4:f8:59:09:7e:ec:c6:13:3d:a0:
81:f7:13:6d:f0:12:89:8e:cd:d9:5c:9b:11:d5:a9:
51:35:ef:53:be:a0:63:c0:cd:b5:d5:20:2a:01:10:
cb:aa:6b:74:26:2c:ca:4b:cc:87:c6:28:bb:4f:de:
2c:c9:29:0b:4b:27:75:15:2a:b0:77:0e:c0:60:eb:
30:d1:f7:07:46:fe:db:9a:36:1e:b9:11:dc:4d:64:
9d:d1:ff:e0:20:92:db:c1:53:2f:31:c6:c2:12:e4:
64:14:64:30:ef:46:85:ac:7b:8f:49:12:81:ca:94:
03:3c:f2:31:5b:d2:87:e9:d8:c5:c3:14:4c:cd:c0:
26:3e:54:df:f9:3a:e0:c0:49:c6:e9:d5:e6:0d:9e:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:24:78:18:D7:80:98:8D:68:4C:98:B0:F4:F4:1B:97:E8:E3:23:BD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.204.0/23
Signature Algorithm: sha256WithRSAEncryption
82:39:fb:b9:5b:e6:24:30:a6:c8:58:64:af:ee:ee:e9:ee:5c:
c7:c5:b6:c1:b9:7a:1e:2f:92:30:df:dd:77:73:f7:48:52:f1:
02:0f:5a:35:58:fa:18:69:ff:15:38:1c:9b:44:35:9d:ea:43:
74:ec:f0:a4:09:74:f7:3a:4e:22:c5:ba:56:e2:e2:62:cc:3c:
ff:1f:46:fa:9b:c7:57:e4:d4:66:84:bd:49:f0:c9:2e:01:81:
3d:07:c6:d7:b7:0c:b8:6a:34:df:a2:1f:fa:cf:ea:0e:fe:5e:
88:98:8b:04:84:41:6d:b2:a3:34:e7:45:49:c6:80:aa:51:89:
2c:fc:f9:b3:86:cb:52:71:67:ae:50:9a:cf:b5:76:05:8e:2f:
fa:52:b5:74:05:92:93:ad:c8:84:cd:1c:8c:73:f5:e1:c7:d0:
c3:12:0b:b8:54:c1:d1:9a:ff:f3:62:4b:c7:31:7a:16:1e:8b:
cd:7f:b7:01:a2:95:b0:b2:e4:56:70:78:4e:38:f8:7d:11:7c:
05:5f:76:24:94:9a:65:e0:2e:28:0e:20:69:ab:d5:be:cd:58:
33:6f:e7:25:9f:e7:66:ee:ea:a7:8c:d4:d0:30:0a:af:4e:c6:
cf:0f:73:60:7d:1a:92:6a:e5:c8:7e:02:b5:c4:ea:93:80:fd:
e5:38:31:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDqMRNHxAvPUWmyuDZmRNIfwWeBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDVaFw0yNTAyMjQwODUzMDVaMDMxMTAvBgNV
BAMTKDI0MjQ3ODE4RDc4MDk4OEQ2ODRDOThCMEY0RjQxQjk3RThFMzIzQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDYj2aimLc4Xrxy4pIe3XPmIG0
WjS1Wpap42CgtyFm0oE79zmodTO3dv8EfJxBTDsRF61zynkIxHStNBmvS9o8nJeY
O0QFGcuLZR6MfaF3fILuSRHkx86A1JOJlY9F+gFFpXK3kosJZbua8iYzpPhZCX7s
xhM9oIH3E23wEomOzdlcmxHVqVE171O+oGPAzbXVICoBEMuqa3QmLMpLzIfGKLtP
3izJKQtLJ3UVKrB3DsBg6zDR9wdG/tuaNh65EdxNZJ3R/+AgktvBUy8xxsIS5GQU
ZDDvRoWse49JEoHKlAM88jFb0ofp2MXDFEzNwCY+VN/5OuDAScbp1eYNnhcfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJCR4GNeAmI1oTJiw9PQbl+jjI70wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzYzODM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG50MwwDQYJKoZIhvcNAQELBQADggEBAII5+7lb5iQwpshYZK/u7unuXMfFtsG5
eh4vkjDf3Xdz90hS8QIPWjVY+hhp/xU4HJtENZ3qQ3Ts8KQJdPc6TiLFulbi4mLM
PP8fRvqbx1fk1GaEvUnwyS4BgT0Hxte3DLhqNN+iH/rP6g7+XoiYiwSEQW2yozTn
RUnGgKpRiSz8+bOGy1JxZ65Qms+1dgWOL/pStXQFkpOtyITNHIxz9eHH0MMSC7hU
wdGa//NiS8cxehYei81/twGilbCy5FZweE44+H0RfAVfdiSUmmXgLigOIGmr1b7N
WDNv5yWf52bu6qeM1NAwCq9Oxs8Pc2B9GpJq5ch+ArXE6pOA/eU4MYA=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org