Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
File: 3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa (raw, json)
Hash identifier: QvNbsq/W+7aAELNBj6A0SoRSaPFvF0Z6vXxPRa84xi8=
Subject key identifier: 3D:83:17:08:00:09:F5:DF:0A:4F:40:0A:66:F9:77:D6:33:F6:AE:E4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 20EB31CD1255E54E3A2E024073448B90D3A83FC3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
Signing time: Mon 27 Jan 2025 09:44:57 +0000
ROA not before: Mon 27 Jan 2025 09:39:57 +0000
ROA not after: Mon 26 Jan 2026 09:44:57 +0000
asID: 56876
IP address blocks: 185.208.204.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:eb:31:cd:12:55:e5:4e:3a:2e:02:40:73:44:8b:90:d3:a8:3f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:57 2025 GMT
Not After : Jan 26 09:44:57 2026 GMT
Subject: CN=3D8317080009F5DF0A4F400A66F977D633F6AEE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:66:41:57:39:6e:08:db:9f:f1:7a:4d:d4:ab:
47:e4:8e:5a:7e:b2:21:53:b4:4f:39:9c:73:24:9c:
c7:a5:71:2e:ba:8e:7d:59:6c:14:5b:19:48:a7:4d:
72:9d:02:c4:b0:b3:d6:01:10:4a:da:05:c6:15:ca:
2d:1d:94:ca:b0:e7:90:2a:18:ad:f2:5a:b9:28:42:
5d:71:13:74:64:dc:61:a2:18:5a:eb:82:05:c3:5b:
8d:90:1f:f8:a9:55:f7:1f:b5:00:83:e2:93:dc:70:
83:23:d0:82:ef:15:0c:dd:7d:de:2b:82:b7:d6:3f:
f0:5e:01:e4:16:bf:8f:61:6f:89:5d:88:c2:fe:51:
ae:93:00:a3:20:a9:af:9f:aa:2e:b6:8a:e9:b0:36:
2c:03:17:6c:f4:21:52:db:2b:b3:50:2a:46:26:93:
ea:cb:09:40:eb:00:da:1f:d3:3b:45:73:14:93:44:
34:a0:04:72:3e:56:95:57:f5:c3:3e:8f:ee:7a:b9:
33:50:a5:5d:43:aa:93:29:fa:85:6d:33:63:8e:3a:
0e:18:1b:c5:97:56:5a:5a:58:0e:2d:de:88:36:b4:
37:3d:e6:95:ad:e4:0b:df:73:0a:74:e0:65:07:00:
06:cc:9a:9c:fe:03:d7:61:f7:b7:45:f4:63:22:94:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:17:08:00:09:F5:DF:0A:4F:40:0A:66:F9:77:D6:33:F6:AE:E4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230342e302f32332d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.204.0/23
Signature Algorithm: sha256WithRSAEncryption
19:54:ee:d4:92:c5:27:5c:42:34:2c:21:59:7d:f5:e2:86:8e:
ac:2f:b6:5c:af:98:96:11:2e:0b:5f:c5:0e:3e:68:c2:37:48:
cd:45:6a:27:ec:da:45:a8:67:9a:fb:57:9c:fe:0f:46:7e:06:
09:47:ce:a8:68:88:f5:52:8b:b1:12:f1:46:7a:3a:85:e5:32:
9b:fe:59:fd:03:d1:c1:25:c4:e0:ed:ee:b9:11:a6:1a:18:d1:
61:bf:01:9c:b5:29:85:d4:a4:18:b3:75:77:05:c7:f9:7a:bb:
3c:8e:d2:81:33:f9:e8:f8:38:52:1e:ac:e7:6d:4a:4d:d0:6f:
3b:bf:ca:fb:d9:07:b6:c0:f0:0f:5e:49:a5:67:aa:86:63:7f:
81:e2:7c:5a:f1:4f:52:6d:12:ec:6d:5f:6c:c0:10:7e:72:7d:
36:1a:43:c0:34:fa:76:5e:6a:70:a6:3e:a2:46:97:36:93:84:
06:73:16:6a:ce:8d:1c:50:7e:96:fb:60:dc:8b:bb:bc:d8:fd:
95:da:09:4d:87:20:33:0f:21:18:25:ad:0b:38:63:60:db:81:
e4:fa:f8:b9:23:05:38:c7:70:95:41:df:38:b7:2d:dc:31:d5:
6f:95:78:02:7f:38:62:95:52:7e:0f:79:60:45:21:db:b5:55:
e9:bc:e0:81
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIOsxzRJV5U46LgJAc0SLkNOoP8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTdaFw0yNjAxMjYwOTQ0NTdaMDMxMTAvBgNV
BAMTKDNEODMxNzA4MDAwOUY1REYwQTRGNDAwQTY2Rjk3N0Q2MzNGNkFFRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdZkFXOW4I25/xek3Uq0fkjlp+
siFTtE85nHMknMelcS66jn1ZbBRbGUinTXKdAsSws9YBEEraBcYVyi0dlMqw55Aq
GK3yWrkoQl1xE3Rk3GGiGFrrggXDW42QH/ipVfcftQCD4pPccIMj0ILvFQzdfd4r
grfWP/BeAeQWv49hb4ldiML+Ua6TAKMgqa+fqi62iumwNiwDF2z0IVLbK7NQKkYm
k+rLCUDrANof0ztFcxSTRDSgBHI+VpVX9cM+j+56uTNQpV1DqpMp+oVtM2OOOg4Y
G8WXVlpaWA4t3og2tDc95pWt5Avfcwp04GUHAAbMmpz+A9dh97dF9GMilDDrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPYMXCAAJ9d8KT0AKZvl31jP2ruQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzYzODM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG50MwwDQYJKoZIhvcNAQELBQADggEBABlU7tSSxSdcQjQsIVl99eKGjqwvtlyv
mJYRLgtfxQ4+aMI3SM1Faifs2kWoZ5r7V5z+D0Z+BglHzqhoiPVSi7ES8UZ6OoXl
Mpv+Wf0D0cElxODt7rkRphoY0WG/AZy1KYXUpBizdXcFx/l6uzyO0oEz+ej4OFIe
rOdtSk3Qbzu/yvvZB7bA8A9eSaVnqoZjf4HifFrxT1JtEuxtX2zAEH5yfTYaQ8A0
+nZeanCmPqJGlzaThAZzFmrOjRxQfpb7YNyLu7zY/ZXaCU2HIDMPIRglrQs4Y2Db
geT6+LkjBTjHcJVB3zi3Ldwx1W+VeAJ/OGKVUn4PeWBFIdu1Vem84IE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:46 2025 by rpki-client