Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: M741U56hebcma2SqJVWCK5ZFz8lTPe8iGwv5DyJXCXc=
Subject key identifier: DD:2D:6C:05:26:ED:8E:43:B5:DE:30:2C:BA:D2:AE:F2:65:4A:D7:9D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 486648547F590EE6ACF078E01DEDA9D597FD9B93
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 20 Oct 2023 13:41:52 +0000
ROA not before: Fri 20 Oct 2023 13:36:52 +0000
ROA not after: Fri 18 Oct 2024 13:41:52 +0000
asID: 203380
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:66:48:54:7f:59:0e:e6:ac:f0:78:e0:1d:ed:a9:d5:97:fd:9b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:52 2023 GMT
Not After : Oct 18 13:41:52 2024 GMT
Subject: CN=DD2D6C0526ED8E43B5DE302CBAD2AEF2654AD79D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:75:09:38:a1:e8:89:cf:d7:9a:49:98:4d:
07:fd:54:19:44:f8:3c:fa:03:62:5f:0b:43:77:1c:
09:5f:38:55:7e:1e:2a:4c:2d:ca:b7:20:06:fc:ca:
32:46:34:95:3d:89:67:33:7a:88:fc:58:e9:96:27:
3f:26:89:b2:c1:7c:ea:6e:6a:f2:df:fd:83:cf:8f:
89:23:57:08:3b:bf:b4:9a:2c:dc:81:25:3b:cc:6b:
ea:1b:93:cd:3d:4c:fd:25:f1:fb:a2:09:83:15:04:
e5:eb:46:f3:c2:9d:a4:fe:4a:5a:88:63:d7:da:b3:
6b:10:11:dd:64:92:7c:26:62:de:28:89:b8:cd:20:
ec:3d:c8:82:8b:ca:4a:10:28:ed:0d:0a:ba:6d:6c:
15:70:d7:f0:7f:c3:e4:8a:57:d1:dc:2a:25:cb:67:
e2:4e:34:45:85:4b:36:ad:b4:86:14:82:40:0d:0f:
ca:c0:2a:05:5d:aa:16:7a:08:7c:7c:d1:d2:0e:f0:
85:23:e1:3f:98:5a:ec:94:2c:e3:1a:b5:c4:2e:70:
14:f6:f7:6b:50:57:26:82:59:7e:d1:c3:34:6a:bb:
17:be:25:20:d3:9a:8d:1e:b7:83:a2:32:e6:88:2c:
a5:cb:3e:ab:08:1d:c6:a4:4f:f6:a9:85:2e:08:37:
20:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2D:6C:05:26:ED:8E:43:B5:DE:30:2C:BA:D2:AE:F2:65:4A:D7:9D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:bc:b7:dd:97:ff:4b:9c:c9:f5:d2:03:d6:7e:fc:6b:9d:25:
b4:62:d5:81:c5:70:a9:30:87:9c:06:82:5f:a0:47:b0:12:df:
27:8a:ff:0f:af:d1:9a:50:bb:a4:1c:f7:a9:dd:0a:4d:e9:6e:
86:ed:31:25:89:58:39:2b:81:f6:e0:8d:65:42:55:d7:95:18:
e7:5a:4a:36:19:0e:6d:1b:2c:e9:28:4a:07:16:fe:a7:62:fe:
5e:f6:c7:a7:f2:c0:ab:7d:47:ea:e5:fd:f1:70:86:4a:e8:5d:
ac:1d:f5:cc:32:61:2f:6f:c6:77:42:28:27:d7:dc:0a:96:6a:
82:d7:31:16:b8:ee:2d:4a:d9:0d:9a:2b:74:2d:15:41:a4:74:
d8:01:b9:a0:dc:aa:c8:07:26:92:dd:9b:f9:b1:9a:b7:bb:ac:
07:fe:f7:db:27:4a:8b:ed:98:88:f0:04:66:2a:fb:f6:80:14:
5c:40:97:ce:39:a2:97:40:d8:a0:89:e6:ef:ea:91:1f:af:b7:
a1:1c:21:df:5e:e4:55:8b:ed:d3:61:ae:5c:88:42:b5:d3:a2:
9d:c4:e1:ba:4b:4a:c5:8d:ec:66:79:a1:55:de:72:f1:8b:9f:
79:c6:db:5e:53:fa:56:56:07:17:d9:e4:0d:59:32:89:b5:65:
ed:ac:67:0f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSGZIVH9ZDuas8HjgHe2p1Zf9m5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTJaFw0yNDEwMTgxMzQxNTJaMDMxMTAvBgNV
BAMTKEREMkQ2QzA1MjZFRDhFNDNCNURFMzAyQ0JBRDJBRUYyNjU0QUQ3OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB03UJOKHoic/XmkmYTQf9VBlE
+Dz6A2JfC0N3HAlfOFV+HipMLcq3IAb8yjJGNJU9iWczeoj8WOmWJz8mibLBfOpu
avLf/YPPj4kjVwg7v7SaLNyBJTvMa+obk809TP0l8fuiCYMVBOXrRvPCnaT+SlqI
Y9fas2sQEd1kknwmYt4oibjNIOw9yIKLykoQKO0NCrptbBVw1/B/w+SKV9HcKiXL
Z+JONEWFSzattIYUgkAND8rAKgVdqhZ6CHx80dIO8IUj4T+YWuyULOMatcQucBT2
92tQVyaCWX7RwzRquxe+JSDTmo0et4OiMuaILKXLPqsIHcakT/aphS4INyCJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU3S1sBSbtjkO13jAsutKu8mVK150wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAjry33Zf/S5zJ9dID1n78a50ltGLV
gcVwqTCHnAaCX6BHsBLfJ4r/D6/RmlC7pBz3qd0KTeluhu0xJYlYOSuB9uCNZUJV
15UY51pKNhkObRss6ShKBxb+p2L+XvbHp/LAq31H6uX98XCGSuhdrB31zDJhL2/G
d0IoJ9fcCpZqgtcxFrjuLUrZDZordC0VQaR02AG5oNyqyAcmkt2b+bGat7usB/73
2ydKi+2YiPAEZir79oAUXECXzjmil0DYoInm7+qRH6+3oRwh317kVYvt02GuXIhC
tdOincThuktKxY3sZnmhVd5y8YufecbbXlP6VlYHF9nkDVkyibVl7axnDw==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org