Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: 1h7plMHqo/QA8g5CX3Wt+QjREn+6rphteGre7qtSbOM=
Subject key identifier: 09:8E:FD:B6:C8:FF:8D:EB:39:E0:BC:52:D4:14:7C:1B:A9:4F:36:DE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5FDD89E2D6275CCEA8DCE89505E93E6ED361EB79
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 203380
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:dd:89:e2:d6:27:5c:ce:a8:dc:e8:95:05:e9:3e:6e:d3:61:eb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=098EFDB6C8FF8DEB39E0BC52D4147C1BA94F36DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:28:e6:1d:09:17:1c:5d:39:c3:9f:59:4b:de:
95:33:82:80:b4:4d:c7:64:5b:d2:dd:ba:62:2d:bb:
5d:90:d5:04:79:ec:57:ca:4d:3d:dc:cc:cc:16:76:
9f:df:1a:30:04:da:1e:84:83:12:28:5f:d5:7e:e8:
28:fe:9a:ea:93:62:3d:4b:b3:e9:25:b6:b7:c8:a8:
38:3f:04:7a:e6:4e:4a:8f:05:d1:7a:be:e5:24:86:
33:00:d8:dc:51:f5:5e:51:68:16:58:a6:7f:6e:46:
72:d7:56:86:e1:91:23:9e:01:af:b8:1e:da:ff:e1:
5f:80:0b:f9:d5:6b:91:1f:78:be:7f:3b:1a:c8:67:
1e:89:61:84:bb:5f:06:5c:6f:c9:36:71:d1:f6:1d:
78:ab:72:fb:c9:e6:1a:48:65:5e:06:da:67:90:85:
59:06:fa:ed:9e:7f:c6:eb:d1:71:57:0c:2d:d4:36:
79:b6:e7:bf:81:67:08:14:eb:a0:fa:73:be:ea:1a:
31:6f:89:48:76:8a:d2:fc:e7:8b:0a:da:51:65:bd:
45:bd:2d:03:79:94:42:18:29:e9:7f:c5:06:fd:7c:
ce:d7:1c:b8:14:6b:dc:d9:d4:1d:dc:98:b2:10:87:
f0:d7:3b:6e:c8:da:4e:e0:7b:e2:7a:3c:88:b3:63:
50:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8E:FD:B6:C8:FF:8D:EB:39:E0:BC:52:D4:14:7C:1B:A9:4F:36:DE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3a:82:05:7c:19:84:90:b6:1e:67:60:ef:69:b9:7c:9a:5c:
4a:db:14:c9:e7:b7:3e:b7:87:99:89:83:75:89:86:46:29:78:
f7:b6:ec:35:1b:a7:55:46:e0:a2:2f:7d:8e:86:85:93:3c:8d:
b9:1a:51:66:f1:44:6a:b5:14:bd:09:ba:25:48:e8:9f:95:f0:
ab:03:d2:8d:24:20:de:2a:dc:d0:9c:4e:d6:d4:9e:46:7a:64:
ae:a8:cc:1d:73:1b:e7:c2:7c:6e:0e:34:d5:9a:5f:cc:12:31:
45:67:8d:b9:59:93:36:31:2d:7a:41:43:03:32:1c:79:f0:80:
a9:fd:86:02:f9:24:d1:6f:52:3c:3f:f0:e1:e6:2c:df:97:ff:
fe:3c:6a:8f:2e:7c:a3:72:12:d5:b2:f6:a5:a7:3e:f8:bd:c2:
58:eb:ed:7e:d7:a2:bc:c6:8f:45:a8:67:34:52:2e:cd:b0:7a:
83:af:8c:5d:15:4a:9a:a6:f7:97:01:e5:65:68:cd:f5:60:03:
46:85:b6:cb:f2:8e:9d:ff:7d:dc:95:c6:ee:e0:5b:49:b1:92:
9e:42:95:4f:5d:88:24:cb:a6:42:42:d2:b4:10:c9:e1:e8:9d:
2b:68:4a:96:58:1f:cf:82:bf:5a:74:16:df:45:4f:32:29:91:
19:3e:d2:72
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUX92J4tYnXM6o3OiVBek+btNh63kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKDA5OEVGREI2QzhGRjhERUIzOUUwQkM1MkQ0MTQ3QzFCQTk0RjM2REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdKOYdCRccXTnDn1lL3pUzgoC0
TcdkW9LdumItu12Q1QR57FfKTT3czMwWdp/fGjAE2h6EgxIoX9V+6Cj+muqTYj1L
s+kltrfIqDg/BHrmTkqPBdF6vuUkhjMA2NxR9V5RaBZYpn9uRnLXVobhkSOeAa+4
Htr/4V+AC/nVa5EfeL5/OxrIZx6JYYS7XwZcb8k2cdH2HXircvvJ5hpIZV4G2meQ
hVkG+u2ef8br0XFXDC3UNnm257+BZwgU66D6c77qGjFviUh2itL854sK2lFlvUW9
LQN5lEIYKel/xQb9fM7XHLgUa9zZ1B3cmLIQh/DXO27I2k7ge+J6PIizY1DFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUCY79tsj/jes54LxS1BR8G6lPNt4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAOTqCBXwZhJC2Hmdg72m5fJpcStsU
yee3PreHmYmDdYmGRil497bsNRunVUbgoi99joaFkzyNuRpRZvFEarUUvQm6JUjo
n5XwqwPSjSQg3irc0JxO1tSeRnpkrqjMHXMb58J8bg401ZpfzBIxRWeNuVmTNjEt
ekFDAzIcefCAqf2GAvkk0W9SPD/w4eYs35f//jxqjy58o3IS1bL2pac++L3CWOvt
fteivMaPRahnNFIuzbB6g6+MXRVKmqb3lwHlZWjN9WADRoW2y/KOnf993JXG7uBb
SbGSnkKVT12IJMumQkLStBDJ4eidK2hKllgfz4K/WnQW30VPMimRGT7Scg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:11 2025 by rpki-client