Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
File: 3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 3OuHeQjr7Mw/4Awjgqh0zEufocYpd+OFDsdLfSVSFKI=
Subject key identifier: 50:BC:C9:D2:01:FE:D3:F8:63:E4:1B:06:63:57:77:1E:78:DA:80:F4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 39A7CF57A2DC4D9112C79CE6A972384B7DF51C4B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:00 +0000
ROA not before: Mon 26 Feb 2024 08:48:00 +0000
ROA not after: Mon 24 Feb 2025 08:53:00 +0000
asID: 51167
IP address blocks: 185.208.207.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a7:cf:57:a2:dc:4d:91:12:c7:9c:e6:a9:72:38:4b:7d:f5:1c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:00 2024 GMT
Not After : Feb 24 08:53:00 2025 GMT
Subject: CN=50BCC9D201FED3F863E41B066357771E78DA80F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2f:4a:4e:9a:64:40:cf:dc:68:95:41:c3:41:
32:27:47:58:32:18:61:3f:90:7c:3e:43:f6:27:42:
c2:71:7f:92:8d:31:e6:cd:23:62:46:4f:27:28:b3:
07:1b:cc:98:f0:22:d8:2b:4c:7c:ad:8f:5d:5a:4b:
36:77:d4:b1:ab:d8:e7:f4:19:c3:4f:6e:c9:08:d6:
ff:94:7c:31:20:4f:ba:67:dc:e1:8a:a3:a4:d2:ce:
8c:44:bf:5e:1e:8f:3b:5c:b1:01:95:41:36:bf:37:
39:7b:12:76:7a:08:d1:ee:66:6c:0d:40:a6:ba:0c:
9b:54:d0:8a:f9:73:69:66:9c:f3:8d:e0:c1:7d:21:
cb:b8:47:e0:59:2a:3d:a2:09:df:2e:e6:28:dd:57:
64:5f:51:05:b9:93:df:76:a7:b0:0c:21:e9:3d:0d:
31:e2:02:10:b7:e8:a5:7d:30:72:d0:73:ca:da:39:
1a:f8:a8:c6:c7:c9:37:21:40:fa:d3:b0:c9:5d:6e:
1a:26:62:d2:a2:76:8f:06:ce:91:18:a6:f7:43:b2:
53:36:74:4a:d7:0a:2c:86:01:1d:8b:e1:25:a3:b8:
71:4a:c8:8c:95:cb:75:70:00:e9:d5:34:19:d1:f1:
4a:bc:7a:29:e6:21:fe:dd:92:67:dd:b9:37:3b:70:
df:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BC:C9:D2:01:FE:D3:F8:63:E4:1B:06:63:57:77:1E:78:DA:80:F4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.207.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b4:09:76:e6:99:a5:4f:fd:34:7e:b5:9a:d0:e9:38:70:6d:
96:87:c2:84:1e:b1:4e:96:12:2a:fe:30:e0:23:ef:97:76:13:
29:7b:73:6d:50:92:c7:01:b1:e6:29:53:11:4c:8f:9b:68:d3:
87:f4:64:94:c1:9a:a3:09:bb:08:dd:ae:0a:e6:73:bb:5b:02:
4b:a7:5d:ca:5e:a8:1b:02:a6:83:93:bd:32:d2:2d:71:5d:fb:
ad:09:45:a9:65:ee:77:c3:5e:35:32:ce:fe:d9:81:b6:a0:47:
cb:b2:ab:dd:9c:c3:eb:d9:51:ca:9d:b0:93:7d:79:92:b6:22:
72:49:1d:75:1e:c8:a2:60:db:e3:bf:d2:e7:39:b4:c9:6e:3d:
2e:83:ea:34:9d:a7:87:10:8a:a7:b0:bc:00:95:f2:fe:69:b9:
92:d0:a6:48:2c:d1:4c:ff:ad:3c:d6:bd:93:84:59:d6:5b:56:
76:fd:da:d7:a7:fa:c7:63:4e:98:ff:63:15:a3:ce:74:6d:7c:
64:b3:ec:77:55:76:33:a4:e1:b4:71:df:86:b2:1d:41:9b:c7:
11:64:b7:39:b3:74:64:f1:c9:23:1c:46:6f:57:d7:26:65:e3:
96:3b:6d:23:2a:db:81:74:f1:81:e9:52:86:99:42:55:64:48:
9e:32:d4:6d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOafPV6LcTZESx5zmqXI4S331HEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDBaFw0yNTAyMjQwODUzMDBaMDMxMTAvBgNV
BAMTKDUwQkNDOUQyMDFGRUQzRjg2M0U0MUIwNjYzNTc3NzFFNzhEQTgwRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLL0pOmmRAz9xolUHDQTInR1gy
GGE/kHw+Q/YnQsJxf5KNMebNI2JGTycoswcbzJjwItgrTHytj11aSzZ31LGr2Of0
GcNPbskI1v+UfDEgT7pn3OGKo6TSzoxEv14ejztcsQGVQTa/Nzl7EnZ6CNHuZmwN
QKa6DJtU0Ir5c2lmnPON4MF9Icu4R+BZKj2iCd8u5ijdV2RfUQW5k992p7AMIek9
DTHiAhC36KV9MHLQc8raORr4qMbHyTchQPrTsMldbhomYtKido8GzpEYpvdDslM2
dErXCiyGAR2L4SWjuHFKyIyVy3VwAOnVNBnR8Uq8einmIf7dkmfduTc7cN8FAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUULzJ0gH+0/hj5BsGY1d3HnjagPQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50M8wDQYJKoZIhvcNAQELBQADggEBAC60CXbmmaVP/TR+tZrQ6ThwbZaHwoQe
sU6WEir+MOAj75d2Eyl7c21QkscBseYpUxFMj5to04f0ZJTBmqMJuwjdrgrmc7tb
AkunXcpeqBsCpoOTvTLSLXFd+60JRall7nfDXjUyzv7ZgbagR8uyq92cw+vZUcqd
sJN9eZK2InJJHXUeyKJg2+O/0uc5tMluPS6D6jSdp4cQiqewvACV8v5puZLQpkgs
0Uz/rTzWvZOEWdZbVnb92ten+sdjTpj/YxWjznRtfGSz7HdVdjOk4bRx34ayHUGb
xxFktzmzdGTxySMcRm9X1yZl45Y7bSMq24F08YHpUoaZQlVkSJ4y1G0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org