Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa (raw, json)
Hash identifier: X5tAIQu7cAXRBUN5JMpajrbWEF/PWLcN5wP+KRDcS1M=
Subject key identifier: 6A:47:6F:F2:AC:41:1F:34:65:FC:05:AC:27:21:2B:86:AC:C5:A9:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21AA681B896447FB5DABCD0D85023FB18C4B4053
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
Signing time: Fri 20 Sep 2024 14:04:56 +0000
ROA not before: Fri 20 Sep 2024 13:59:56 +0000
ROA not after: Fri 19 Sep 2025 14:04:56 +0000
asID: 206804
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:aa:68:1b:89:64:47:fb:5d:ab:cd:0d:85:02:3f:b1:8c:4b:40:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:56 2024 GMT
Not After : Sep 19 14:04:56 2025 GMT
Subject: CN=6A476FF2AC411F3465FC05AC27212B86ACC5A9B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7f:b9:9b:b2:14:f4:0b:70:80:bd:53:0f:f6:
4a:6e:d5:d9:58:17:81:8f:91:f2:af:c1:27:2c:7e:
56:7e:e3:f5:fb:7a:99:64:93:97:0d:f2:80:c3:4b:
af:43:22:9b:95:82:93:c8:a8:32:12:9c:78:ac:cc:
ab:3e:80:49:0e:be:a7:f7:3e:d7:7c:4f:4b:d7:a2:
f7:39:09:79:96:3e:ac:e7:d0:5e:58:26:7b:52:9b:
df:86:d8:a1:38:cb:33:1b:07:d5:4d:ef:87:13:16:
9a:fa:49:d7:04:46:06:d7:55:c1:a6:69:90:ff:a1:
64:43:e5:d3:dd:12:fe:6b:b4:9d:59:a4:ef:4f:cc:
47:a8:c1:20:77:94:58:c5:b4:f8:ee:7f:1e:c7:da:
53:24:6b:8a:bf:d3:d9:31:ac:76:f8:40:9c:67:77:
ab:80:4c:a8:ee:2d:b4:ae:ee:4f:e1:40:50:0a:6c:
04:ae:ac:d8:d9:3a:69:2f:0e:69:8d:08:be:94:47:
e2:ed:96:ce:b1:b2:c8:06:af:ed:b9:86:35:41:2e:
46:00:5e:b9:11:33:f4:8f:3a:4d:a4:de:c8:58:88:
11:94:92:6a:5a:ac:3e:34:92:f6:1d:24:67:83:5c:
ea:0d:14:e7:43:ef:ce:92:60:61:7c:81:61:97:5a:
0a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:47:6F:F2:AC:41:1F:34:65:FC:05:AC:27:21:2B:86:AC:C5:A9:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:3e:29:04:ed:d1:8c:5d:66:b3:88:4b:6b:57:fe:3d:99:80:
9c:2e:71:e7:03:a2:1f:a2:25:d8:eb:52:96:a8:a7:7b:e9:b4:
13:b9:cb:b6:19:6a:00:69:9d:ed:37:67:08:98:84:3d:57:74:
93:7e:6f:f5:e7:de:26:5f:21:ef:71:43:96:bd:55:2a:1b:5a:
06:b0:dd:49:43:2e:d2:03:88:95:0c:fd:07:b2:12:72:41:3c:
e0:77:2b:34:e6:37:81:a2:6c:5b:50:2a:89:e1:5a:05:7a:34:
92:ac:58:5d:89:6a:7c:de:5c:6a:c5:31:91:59:99:93:0f:0d:
ea:e4:fe:33:83:82:89:2c:ec:77:d1:ca:c6:1f:3b:64:b4:14:
75:d0:41:b7:a9:f5:bc:f5:53:a8:ad:c5:8a:bf:47:c6:94:27:
ab:37:ca:3a:35:f7:c0:f9:2f:3f:39:11:1e:71:23:28:03:38:
9b:00:05:08:72:49:35:63:e4:e2:b9:2c:7d:40:24:73:5f:72:
16:a6:2d:ed:b2:2d:40:0b:9a:a2:d2:05:97:ec:a4:c1:9a:b3:
d7:31:97:4e:c8:ab:5f:00:29:c1:df:03:24:45:12:fa:0d:92:
17:ed:b1:84:b6:53:30:a6:b0:a4:00:89:06:b5:40:fb:cc:d1:
19:63:25:de
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIapoG4lkR/tdq80NhQI/sYxLQFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTZaFw0yNTA5MTkxNDA0NTZaMDMxMTAvBgNV
BAMTKDZBNDc2RkYyQUM0MTFGMzQ2NUZDMDVBQzI3MjEyQjg2QUNDNUE5QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOf7mbshT0C3CAvVMP9kpu1dlY
F4GPkfKvwScsflZ+4/X7eplkk5cN8oDDS69DIpuVgpPIqDISnHiszKs+gEkOvqf3
Ptd8T0vXovc5CXmWPqzn0F5YJntSm9+G2KE4yzMbB9VN74cTFpr6SdcERgbXVcGm
aZD/oWRD5dPdEv5rtJ1ZpO9PzEeowSB3lFjFtPjufx7H2lMka4q/09kxrHb4QJxn
d6uATKjuLbSu7k/hQFAKbASurNjZOmkvDmmNCL6UR+Ltls6xssgGr+25hjVBLkYA
XrkRM/SPOk2k3shYiBGUkmparD40kvYdJGeDXOoNFOdD786SYGF8gWGXWgonAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUakdv8qxBHzRl/AWsJyErhqzFqbYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjM4MzAzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAij4pBO3RjF1ms4hLa1f+PZmAnC5x
5wOiH6Il2OtSlqine+m0E7nLthlqAGmd7TdnCJiEPVd0k35v9efeJl8h73FDlr1V
KhtaBrDdSUMu0gOIlQz9B7ISckE84HcrNOY3gaJsW1AqieFaBXo0kqxYXYlqfN5c
asUxkVmZkw8N6uT+M4OCiSzsd9HKxh87ZLQUddBBt6n1vPVTqK3Fir9HxpQnqzfK
OjX3wPkvPzkRHnEjKAM4mwAFCHJJNWPk4rksfUAkc19yFqYt7bItQAuaotIFl+yk
wZqz1zGXTsirXwApwd8DJEUS+g2SF+2xhLZTMKawpACJBrVA+8zRGWMl3g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:25 2025 by rpki-client