Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa (raw, json)
Hash identifier: nXDDM58x8vhgONBmIz1fg11CGlsA/ssForR+B+6xE6w=
Subject key identifier: 70:A1:4C:AA:76:B4:C8:1E:90:5E:82:86:6B:69:55:72:D9:60:03:0C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 011FEC3C056607C349BF1A9F015BD38AED527F21
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
Signing time: Fri 20 Oct 2023 13:41:52 +0000
ROA not before: Fri 20 Oct 2023 13:36:52 +0000
ROA not after: Fri 18 Oct 2024 13:41:52 +0000
asID: 41944
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1f:ec:3c:05:66:07:c3:49:bf:1a:9f:01:5b:d3:8a:ed:52:7f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:52 2023 GMT
Not After : Oct 18 13:41:52 2024 GMT
Subject: CN=70A14CAA76B4C81E905E82866B695572D960030C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2f:7c:9b:da:7d:a8:35:45:6f:29:6c:ba:bb:
47:eb:f6:d7:89:59:4e:63:4a:4a:d1:dc:36:66:0d:
1e:fd:7a:5e:3c:62:62:7c:03:84:a3:91:54:fd:34:
92:c0:f0:51:ed:98:da:bb:67:63:84:ef:ce:9c:d3:
9c:35:d8:d0:1e:96:10:25:32:56:fd:3d:3c:0b:92:
e2:c4:a9:08:ca:41:72:f3:c2:76:da:73:d1:97:1b:
ea:4e:9d:ec:90:14:45:67:35:c2:94:e1:2b:98:be:
a7:54:3f:77:57:80:60:a4:35:9a:13:8a:37:5a:ea:
2a:81:10:99:b7:f1:b7:8c:df:d4:1a:dc:1a:db:26:
c1:75:11:26:e8:4b:0d:4e:f5:ec:32:f5:33:27:14:
47:72:c4:01:a8:a5:4c:a9:d7:b3:83:cd:b2:c8:f3:
53:93:da:4b:01:94:1e:de:58:5f:4b:18:6d:6a:ca:
13:5d:72:fe:1a:80:78:6c:16:dc:ba:b1:f4:04:12:
5b:ef:e4:48:df:88:ce:17:f8:22:ef:23:ae:88:76:
62:c2:c9:b5:d4:02:c0:bf:d9:fb:d9:a7:47:59:23:
c0:64:3d:70:5a:e4:c6:d8:aa:85:e7:8b:e5:33:c6:
a2:0f:e1:0a:fe:16:f4:8e:e9:e8:4b:04:2d:63:9d:
83:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A1:4C:AA:76:B4:C8:1E:90:5E:82:86:6B:69:55:72:D9:60:03:0C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ba:5d:6a:2d:14:44:06:9e:f4:26:24:14:78:68:fc:96:be:
f4:0a:ea:e6:62:d5:4b:ee:34:3e:23:6e:5d:9b:be:0f:05:47:
b6:d3:5b:1a:62:71:f0:1f:26:fc:fd:f4:da:a6:44:fc:64:d5:
91:47:bd:95:2d:f2:24:95:b9:c5:52:c3:43:b7:92:46:c2:6b:
a5:4c:ba:5a:af:5d:ab:f0:cc:08:6d:e7:fa:81:98:e4:b1:34:
de:55:fe:ee:62:a7:e8:60:a6:4b:c2:6a:de:ab:8f:67:7f:9b:
3e:1e:f2:27:93:6f:f1:d4:ed:15:c7:a7:67:c0:26:e1:7e:af:
18:96:d0:58:6a:f2:fb:08:da:89:c7:4e:e6:78:36:6e:f5:26:
d0:12:3b:22:20:66:a7:44:b7:4d:eb:48:c3:b5:bf:80:e5:ce:
f1:c2:db:81:10:ee:3b:37:92:92:34:70:a6:d4:86:43:f6:e4:
bf:c3:75:80:87:f6:d3:e2:cf:7c:d3:fd:3d:c0:70:84:9a:1b:
62:36:26:7c:32:cd:43:d3:b0:0f:c2:39:dd:2b:61:77:46:01:
88:79:d4:6e:25:76:34:71:be:00:b7:2d:66:86:7c:56:cf:8b:
ad:75:5a:cd:c8:68:33:a5:b7:32:90:45:66:47:9b:53:d4:21:
11:a5:2d:2c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAR/sPAVmB8NJvxqfAVvTiu1SfyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTJaFw0yNDEwMTgxMzQxNTJaMDMxMTAvBgNV
BAMTKDcwQTE0Q0FBNzZCNEM4MUU5MDVFODI4NjZCNjk1NTcyRDk2MDAzMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtL3yb2n2oNUVvKWy6u0fr9teJ
WU5jSkrR3DZmDR79el48YmJ8A4SjkVT9NJLA8FHtmNq7Z2OE786c05w12NAelhAl
Mlb9PTwLkuLEqQjKQXLzwnbac9GXG+pOneyQFEVnNcKU4SuYvqdUP3dXgGCkNZoT
ijda6iqBEJm38beM39Qa3BrbJsF1ESboSw1O9ewy9TMnFEdyxAGopUyp17ODzbLI
81OT2ksBlB7eWF9LGG1qyhNdcv4agHhsFty6sfQEElvv5EjfiM4X+CLvI66IdmLC
ybXUAsC/2fvZp0dZI8BkPXBa5MbYqoXni+UzxqIP4Qr+FvSO6ehLBC1jnYMPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcKFMqna0yB6QXoKGa2lVctlgAwwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzOTM0MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBAA26XWotFEQGnvQmJBR4aPyWvvQK6uZi
1UvuND4jbl2bvg8FR7bTWxpicfAfJvz99NqmRPxk1ZFHvZUt8iSVucVSw0O3kkbC
a6VMulqvXavwzAht5/qBmOSxNN5V/u5ip+hgpkvCat6rj2d/mz4e8ieTb/HU7RXH
p2fAJuF+rxiW0Fhq8vsI2onHTuZ4Nm71JtASOyIgZqdEt03rSMO1v4DlzvHC24EQ
7js3kpI0cKbUhkP25L/DdYCH9tPiz3zT/T3AcISaG2I2JnwyzUPTsA/COd0rYXdG
AYh51G4ldjRxvgC3LWaGfFbPi611Ws3IaDOltzKQRWZHm1PUIRGlLSw=
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:24 2024 by rpki-client on console-ams.rpki-client.org