Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa (raw, json)
Hash identifier: ddhbP+lqjwOd+VmpfYz7f0xHI2ml5O5u/drKxozYncs=
Subject key identifier: 3B:99:13:AD:D2:8F:E2:3F:08:71:AB:7C:08:20:D4:1B:8E:4E:5C:FD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 040F1BAAC3CFB8A93530C4A1115A0637C0BE09F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
Signing time: Fri 20 Oct 2023 13:41:59 +0000
ROA not before: Fri 20 Oct 2023 13:36:59 +0000
ROA not after: Fri 18 Oct 2024 13:41:59 +0000
asID: 201882
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:0f:1b:aa:c3:cf:b8:a9:35:30:c4:a1:11:5a:06:37:c0:be:09:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:59 2023 GMT
Not After : Oct 18 13:41:59 2024 GMT
Subject: CN=3B9913ADD28FE23F0871AB7C0820D41B8E4E5CFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c8:7f:73:96:db:83:4c:63:d0:4c:85:a7:03:
4b:77:07:1c:6f:86:96:a3:5d:77:cc:c1:69:33:49:
7a:f3:c4:76:15:d8:13:6e:be:5f:c4:0f:7d:91:0f:
2a:23:9d:03:c0:96:6f:a3:82:72:ae:5d:7a:29:fd:
3b:72:48:97:32:4d:43:bb:3f:70:0f:ce:90:54:12:
a2:93:25:ee:60:5a:8c:d4:28:e6:16:08:03:6c:f4:
d2:ac:a7:a8:7a:51:40:3c:90:1d:1a:10:14:31:0f:
19:24:0d:1d:de:42:3e:de:79:28:ee:18:f4:62:a3:
f1:60:64:98:0a:16:f4:26:44:5d:86:70:88:73:ee:
bb:cd:7b:fb:07:b3:a3:3b:ad:6b:71:0a:2e:21:83:
16:f3:35:06:3a:88:bb:ec:c6:42:b9:16:fd:27:e1:
ec:14:c2:f3:e3:8e:f6:dc:91:56:51:11:03:16:d8:
78:d8:2b:ea:f1:93:e5:85:b1:08:06:95:61:f1:15:
04:03:b5:66:93:26:47:59:84:fa:7f:e6:07:19:51:
11:ad:9a:d4:17:d6:d6:1a:99:1a:9e:81:38:4a:99:
ba:d6:10:f9:23:33:19:26:62:82:0b:9e:fb:96:df:
00:57:e4:da:30:a6:3e:5d:d0:3f:f9:90:ad:c8:c0:
18:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:99:13:AD:D2:8F:E2:3F:08:71:AB:7C:08:20:D4:1B:8E:4E:5C:FD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
82:94:a9:8e:85:34:d9:ca:b4:bb:cc:43:e3:6a:aa:58:ef:3c:
06:d4:95:e1:d6:9c:ca:4d:b1:ca:d7:80:4d:0d:f5:53:cf:5c:
b4:6e:09:f4:c2:69:85:22:46:bf:db:a6:e2:8d:5d:5b:94:9a:
ba:23:ed:d7:61:59:f3:3d:bb:90:fb:3c:df:a0:1e:0f:2e:db:
92:97:e2:57:b2:79:b2:46:2b:86:dc:ef:d0:c5:11:78:00:54:
c5:46:a8:09:55:68:26:74:c9:01:b9:69:30:2a:10:14:56:36:
32:07:6c:b0:07:0c:11:c2:b7:f4:d0:73:c8:75:1e:f3:fb:e5:
d5:a0:6d:37:8c:36:35:fd:1c:13:16:15:95:04:cc:08:3e:27:
f0:5f:2f:22:70:5a:ed:7d:b4:58:58:ee:cd:82:a9:5e:f5:2b:
3b:0d:5d:81:9c:09:91:9f:74:2f:9d:62:88:ad:9c:cd:b9:e9:
95:e5:29:a8:34:ee:e1:95:5e:8f:b1:72:4d:c3:80:ed:4f:c6:
ce:30:57:b2:20:73:5e:c5:f6:e3:ea:42:fa:b7:4b:4b:38:0a:
c3:b2:fc:df:eb:3a:50:70:cc:c2:60:14:c7:d7:d7:08:12:4c:
9e:b2:5b:e2:84:04:51:c9:38:d5:9f:4c:31:c9:96:45:88:95:
df:83:16:19
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBA8bqsPPuKk1MMShEVoGN8C+CfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTlaFw0yNDEwMTgxMzQxNTlaMDMxMTAvBgNV
BAMTKDNCOTkxM0FERDI4RkUyM0YwODcxQUI3QzA4MjBENDFCOEU0RTVDRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRyH9zltuDTGPQTIWnA0t3Bxxv
hpajXXfMwWkzSXrzxHYV2BNuvl/ED32RDyojnQPAlm+jgnKuXXop/TtySJcyTUO7
P3APzpBUEqKTJe5gWozUKOYWCANs9NKsp6h6UUA8kB0aEBQxDxkkDR3eQj7eeSju
GPRio/FgZJgKFvQmRF2GcIhz7rvNe/sHs6M7rWtxCi4hgxbzNQY6iLvsxkK5Fv0n
4ewUwvPjjvbckVZREQMW2HjYK+rxk+WFsQgGlWHxFQQDtWaTJkdZhPp/5gcZURGt
mtQX1tYamRqegThKmbrWEPkjMxkmYoILnvuW3wBX5Nowpj5d0D/5kK3IwBgTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUO5kTrdKP4j8Icat8CCDUG45OXP0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTM4MzgzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAgpSpjoU02cq0u8xD42qqWO88BtSV
4dacyk2xyteATQ31U89ctG4J9MJphSJGv9um4o1dW5SauiPt12FZ8z27kPs836Ae
Dy7bkpfiV7J5skYrhtzv0MUReABUxUaoCVVoJnTJAblpMCoQFFY2MgdssAcMEcK3
9NBzyHUe8/vl1aBtN4w2Nf0cExYVlQTMCD4n8F8vInBa7X20WFjuzYKpXvUrOw1d
gZwJkZ90L51iiK2czbnpleUpqDTu4ZVej7FyTcOA7U/GzjBXsiBzXsX24+pC+rdL
SzgKw7L83+s6UHDMwmAUx9fXCBJMnrJb4oQEUck41Z9MMcmWRYiV34MWGQ==
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:24 2024 by rpki-client on console-ams.rpki-client.org