Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa (raw, json)
Hash identifier: chUqThYLUDQ0cVsK1TvlwH54LLfiS42CtAcIF9K2nzU=
Subject key identifier: 40:5A:1A:B4:F7:A3:AF:ED:43:2D:E1:36:58:D4:2F:99:42:3E:66:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6C87065FEC42B7BDB4E887B6207E5C68BA403485
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 201882
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:87:06:5f:ec:42:b7:bd:b4:e8:87:b6:20:7e:5c:68:ba:40:34:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=405A1AB4F7A3AFED432DE13658D42F99423E66C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5d:04:ed:ba:87:61:be:93:a4:c1:ca:d0:4c:
ab:32:a7:50:d4:a5:d8:bf:53:1e:12:a3:7c:c7:f6:
94:29:9d:cf:40:b6:75:9d:b1:14:a1:26:24:dc:79:
fd:1d:51:2f:9b:74:12:bb:e0:7e:5f:bf:a0:46:6e:
12:6b:27:99:73:69:ec:fc:96:a4:47:9a:9d:4a:ad:
b3:89:07:dd:be:d5:5f:06:67:2e:2b:e8:45:86:59:
23:09:e0:d7:4f:08:10:6a:57:8b:2a:e7:cd:81:e2:
41:76:69:c1:e9:42:a3:c2:56:68:da:0a:7c:0a:ef:
f3:5b:ac:86:89:9e:da:35:26:8e:be:15:2d:0d:9e:
17:d0:8b:f5:c8:c2:55:31:f7:8c:7b:02:91:2d:ad:
2a:69:4f:82:c4:67:da:5f:7b:a9:4e:4a:65:f6:bd:
8b:58:d7:46:4b:d4:67:c1:58:d6:86:0e:35:ab:b3:
a8:9c:cd:5f:b2:02:2f:7c:70:b4:76:c3:a6:5b:9a:
75:9c:31:8c:cf:d3:ef:08:c2:9c:47:91:d5:a5:92:
b2:43:b0:df:e6:89:1e:b8:d5:e7:71:f3:1f:0a:35:
02:ce:14:a5:5e:b1:07:07:9f:e2:ea:40:0c:6c:17:
dc:15:21:c0:46:14:32:55:9c:5b:79:b8:4e:3e:09:
81:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5A:1A:B4:F7:A3:AF:ED:43:2D:E1:36:58:D4:2F:99:42:3E:66:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323031383832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
44:02:a3:2d:67:ca:0b:fc:d8:ae:af:00:a3:ec:00:9a:c5:ca:
a6:20:b5:59:10:e0:73:47:77:f7:77:1b:11:2d:59:f5:e6:77:
fe:96:38:1e:59:0d:be:d4:29:20:64:1c:a9:8b:60:15:87:34:
28:68:a6:b6:e3:b7:67:5d:26:21:c5:d8:12:cb:25:4e:b0:97:
08:e2:f8:0a:a8:e6:b9:82:86:37:19:1f:44:91:7a:69:ec:99:
33:7d:18:dd:3b:9f:4a:e3:ec:fb:1a:cd:47:64:09:cd:4c:8b:
68:d3:bc:32:4d:22:a0:06:fc:6d:b2:fe:d9:af:a8:1b:16:7a:
42:36:36:ae:a8:3d:72:55:ed:a5:60:d7:04:28:ea:19:d1:cf:
28:0d:d9:3b:ba:62:e4:b8:b4:54:28:bf:36:93:4a:1d:37:38:
46:74:f6:c0:17:b0:95:c0:13:70:4a:68:21:eb:9e:f8:30:4b:
cf:82:52:ad:4f:ec:b1:e8:b5:ae:d0:1b:0b:67:f8:72:1c:13:
2e:95:64:8d:03:60:5c:14:d8:96:9e:57:3f:d9:27:ce:f3:71:
b1:93:9b:fc:ab:7e:47:90:e4:a6:cb:dc:7f:25:66:b5:fb:e5:
00:05:2b:13:0e:3d:83:1d:c8:2f:48:6a:cb:34:6b:02:25:10:
9f:4c:3c:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbIcGX+xCt7206Ie2IH5caLpANIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKDQwNUExQUI0RjdBM0FGRUQ0MzJERTEzNjU4RDQyRjk5NDIzRTY2QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4XQTtuodhvpOkwcrQTKsyp1DU
pdi/Ux4So3zH9pQpnc9AtnWdsRShJiTcef0dUS+bdBK74H5fv6BGbhJrJ5lzaez8
lqRHmp1KrbOJB92+1V8GZy4r6EWGWSMJ4NdPCBBqV4sq582B4kF2acHpQqPCVmja
CnwK7/NbrIaJnto1Jo6+FS0NnhfQi/XIwlUx94x7ApEtrSppT4LEZ9pfe6lOSmX2
vYtY10ZL1GfBWNaGDjWrs6iczV+yAi98cLR2w6ZbmnWcMYzP0+8IwpxHkdWlkrJD
sN/miR641edx8x8KNQLOFKVesQcHn+LqQAxsF9wVIcBGFDJVnFt5uE4+CYHvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQFoatPejr+1DLeE2WNQvmUI+ZsQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTM4MzgzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEARAKjLWfKC/zYrq8Ao+wAmsXKpiC1
WRDgc0d393cbES1Z9eZ3/pY4HlkNvtQpIGQcqYtgFYc0KGimtuO3Z10mIcXYEssl
TrCXCOL4CqjmuYKGNxkfRJF6aeyZM30Y3TufSuPs+xrNR2QJzUyLaNO8Mk0ioAb8
bbL+2a+oGxZ6QjY2rqg9clXtpWDXBCjqGdHPKA3ZO7pi5Li0VCi/NpNKHTc4RnT2
wBewlcATcEpoIeue+DBLz4JSrU/ssei1rtAbC2f4chwTLpVkjQNgXBTYlp5XP9kn
zvNxsZOb/Kt+R5DkpsvcfyVmtfvlAAUrEw49gx3IL0hqyzRrAiUQn0w8Yg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:17 2025 by rpki-client