Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa (raw, json)
Hash identifier: B4yeHwdLEp1ic6EcFKPWRWX6iILdmlsh92N2jGNa7KE=
Subject key identifier: E1:05:2C:97:36:13:B1:E9:3A:BE:54:2B:F5:8F:66:99:6D:AC:18:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3DF6288514F0946DC19CD759C038608C97223A63
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
Signing time: Fri 20 Sep 2024 14:04:56 +0000
ROA not before: Fri 20 Sep 2024 13:59:56 +0000
ROA not after: Fri 19 Sep 2025 14:04:56 +0000
asID: 41944
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f6:28:85:14:f0:94:6d:c1:9c:d7:59:c0:38:60:8c:97:22:3a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:56 2024 GMT
Not After : Sep 19 14:04:56 2025 GMT
Subject: CN=E1052C973613B1E93ABE542BF58F66996DAC187C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:57:a3:bf:75:00:0a:ca:9e:1c:22:f4:4c:85:
f0:e6:da:59:25:19:c2:f5:16:d1:dc:b5:fa:13:87:
5a:14:13:bc:f6:3e:e2:80:51:15:a1:a4:a3:2d:3d:
20:34:f1:60:5e:ff:cc:3c:2c:92:89:e6:c9:f1:01:
6e:e0:78:c7:ed:93:b9:76:72:8b:d5:b9:a2:a9:e9:
04:68:bf:bc:e9:00:30:e2:5d:17:7f:6e:55:a2:9e:
51:b7:64:b1:d4:70:a0:97:a3:3a:73:fb:a1:ad:95:
0f:f9:89:60:f2:48:9e:2d:6d:dc:82:16:ba:19:8b:
dd:45:7c:7c:b8:b8:94:ed:48:57:9c:ca:3d:63:54:
5f:30:2f:c7:0c:09:41:51:67:e3:8e:5a:74:79:7a:
dd:57:77:64:1b:a1:6f:22:4f:52:9f:fe:e0:2f:43:
9d:1d:7d:23:96:c3:57:7b:f9:79:fd:7f:19:c4:fc:
a9:65:4f:41:47:e3:81:e1:66:27:da:8f:9d:91:ee:
dd:83:e1:de:fe:61:b4:1e:cd:65:39:86:f2:68:cd:
29:e0:59:23:19:9f:02:06:d3:18:f9:fb:5e:67:cd:
07:2f:4e:f8:b6:e6:3f:02:5d:64:29:e8:c9:c5:4c:
24:cb:97:06:94:51:b1:e8:85:b6:c9:2d:5d:81:3a:
77:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:05:2C:97:36:13:B1:E9:3A:BE:54:2B:F5:8F:66:99:6D:AC:18:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:23:d7:b4:6f:f2:4a:f8:04:f1:7a:bd:cb:51:6d:b8:0a:8d:
da:54:80:4f:92:c4:b3:7b:93:b4:d7:c5:c9:73:b8:60:ac:fc:
f4:23:e1:c6:91:a1:8b:a6:81:9b:ef:e6:29:1f:61:b9:40:ae:
f4:51:22:eb:1a:d8:3e:28:2d:99:6c:37:7b:d1:3b:34:a3:2c:
a0:c8:e1:6b:fc:87:ea:6c:21:50:3e:bd:ae:65:cc:bb:3a:a0:
42:87:f2:a0:6b:14:eb:8e:f4:b0:e9:3e:ed:c1:f7:3a:e7:88:
08:ab:67:af:a8:d5:62:65:e4:32:5b:62:a6:5a:3e:16:fa:c5:
be:c9:97:c0:28:bf:4f:be:22:21:af:07:a5:55:d4:b9:81:fe:
12:30:e7:9d:3c:1b:c3:95:8e:97:da:5e:b0:19:f1:cc:25:08:
d0:e7:94:98:3f:51:8e:0a:c0:af:93:ba:0f:ac:52:8b:90:6b:
4a:68:97:6e:c2:19:21:92:80:c5:4a:2b:0b:37:8a:80:7f:2e:
22:65:73:52:54:d8:2d:c3:a9:2e:86:ff:07:53:3c:50:8f:b1:
ed:31:f7:2c:4b:dd:2b:89:0d:c1:b2:e5:76:f7:5a:64:0f:47:
14:1d:86:37:9a:6e:39:87:87:5f:8b:a8:1e:a0:7e:33:bd:f8:
e9:e5:a4:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPfYohRTwlG3BnNdZwDhgjJciOmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTZaFw0yNTA5MTkxNDA0NTZaMDMxMTAvBgNV
BAMTKEUxMDUyQzk3MzYxM0IxRTkzQUJFNTQyQkY1OEY2Njk5NkRBQzE4N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1V6O/dQAKyp4cIvRMhfDm2lkl
GcL1FtHctfoTh1oUE7z2PuKAURWhpKMtPSA08WBe/8w8LJKJ5snxAW7geMftk7l2
covVuaKp6QRov7zpADDiXRd/blWinlG3ZLHUcKCXozpz+6GtlQ/5iWDySJ4tbdyC
FroZi91FfHy4uJTtSFecyj1jVF8wL8cMCUFRZ+OOWnR5et1Xd2QboW8iT1Kf/uAv
Q50dfSOWw1d7+Xn9fxnE/KllT0FH44HhZifaj52R7t2D4d7+YbQezWU5hvJozSng
WSMZnwIG0xj5+15nzQcvTvi25j8CXWQp6MnFTCTLlwaUUbHohbbJLV2BOneJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4QUslzYTsek6vlQr9Y9mmW2sGHwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzOTM0MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBADsj17Rv8kr4BPF6vctRbbgKjdpUgE+S
xLN7k7TXxclzuGCs/PQj4caRoYumgZvv5ikfYblArvRRIusa2D4oLZlsN3vROzSj
LKDI4Wv8h+psIVA+va5lzLs6oEKH8qBrFOuO9LDpPu3B9zrniAirZ6+o1WJl5DJb
YqZaPhb6xb7Jl8Aov0++IiGvB6VV1LmB/hIw5508G8OVjpfaXrAZ8cwlCNDnlJg/
UY4KwK+Tug+sUouQa0pol27CGSGSgMVKKws3ioB/LiJlc1JU2C3DqS6G/wdTPFCP
se0x9yxL3SuJDcGy5Xb3WmQPRxQdhjeabjmHh1+LqB6gfjO9+OnlpB4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org