Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: QEb64Y1zR8+DD0uWIVbqe23AX8qkc+R47gukslC91jY=
Subject key identifier: CA:20:94:E5:E4:CA:63:89:C2:FF:C7:22:28:28:94:97:8E:47:AD:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 46BF5C14017788174E73C4DB7CA18941F0CCBEFE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
Signing time: Fri 20 Sep 2024 14:05:01 +0000
ROA not before: Fri 20 Sep 2024 14:00:01 +0000
ROA not after: Fri 19 Sep 2025 14:05:01 +0000
asID: 58212
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:bf:5c:14:01:77:88:17:4e:73:c4:db:7c:a1:89:41:f0:cc:be:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:01 2024 GMT
Not After : Sep 19 14:05:01 2025 GMT
Subject: CN=CA2094E5E4CA6389C2FFC722282894978E47AD23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d6:12:0e:0e:b4:63:05:ff:87:1a:ba:df:d4:
af:78:8a:90:a9:9e:fd:2e:96:80:3c:3c:99:ef:47:
93:ee:7b:e3:38:c8:f8:80:94:77:ca:1c:ce:ae:98:
5a:c8:c0:2c:c7:b2:ff:4b:8b:40:5e:3b:4e:ca:cf:
53:f0:90:6f:2f:9a:6c:8f:d1:2b:b0:91:0e:d8:b5:
27:ce:e1:45:5e:b1:af:3e:c8:da:a8:b4:4c:35:50:
45:86:e6:78:ad:b1:66:f9:91:72:4f:28:d8:f9:73:
8a:07:62:7b:7c:71:de:7f:54:00:50:f5:d4:e0:4c:
0a:bd:12:06:97:8d:95:ca:2e:e6:95:ba:19:9b:14:
2b:3d:9e:6b:7b:f7:57:d2:41:34:59:e6:90:06:59:
df:d0:0a:76:3e:08:bf:65:1c:f1:13:9e:17:43:0b:
66:bb:38:3b:d1:bd:b0:39:d4:6b:30:cb:3a:45:96:
20:79:63:2a:e3:7a:f3:92:85:b4:46:0c:26:19:b1:
7b:83:8f:f0:42:af:95:ba:fa:a4:2f:ef:7b:0b:35:
78:40:6d:38:b7:bb:b8:d1:e6:c6:79:a0:c5:05:51:
e7:24:f0:bc:be:06:ee:01:00:fb:3c:bf:df:f8:2f:
b8:c2:3a:3c:73:37:dd:32:4a:74:f8:4e:48:25:23:
3a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:20:94:E5:E4:CA:63:89:C2:FF:C7:22:28:28:94:97:8E:47:AD:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f4:37:fa:fd:fe:53:03:be:51:93:45:37:c9:b2:cc:ad:ee:
a4:b6:a2:84:30:e7:8c:30:72:c5:2e:b4:31:d1:03:b5:6f:25:
77:71:be:48:cc:7d:4c:76:9e:70:4d:04:93:6c:7e:45:a4:64:
af:df:d0:5b:18:35:bb:45:eb:ed:7e:ad:c8:ce:4e:d8:9c:63:
bb:18:0f:34:b8:d1:27:c0:38:5a:53:84:e0:02:65:b1:9a:f5:
54:bd:39:be:44:8c:14:b4:94:1a:e8:60:f8:d5:1d:3d:9b:28:
f1:b3:b6:7b:ba:c3:ef:be:07:88:4f:4f:cd:b3:9e:79:92:1c:
d4:27:b4:56:9a:01:76:c1:e0:85:64:8a:ab:4f:3a:d2:3f:4a:
91:02:c8:60:56:ec:b9:35:a1:4d:5d:a5:ad:79:0b:92:7f:db:
0e:dd:fa:78:db:81:5e:9a:9f:a6:c2:36:c0:e3:e0:e5:6b:af:
c5:9b:28:2a:6a:69:37:db:b0:02:fc:7e:ca:4f:fa:f6:de:04:
c5:40:12:be:72:34:7d:22:08:79:ec:b0:db:d5:65:d5:81:37:
cd:53:e5:a4:77:3e:17:e6:68:f8:6c:99:13:72:a9:2a:35:72:
4e:61:4d:d4:a1:c9:70:fc:dc:f7:82:1e:2d:09:ce:e1:f9:95:
dc:12:6f:c1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURr9cFAF3iBdOc8TbfKGJQfDMvv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDFaFw0yNTA5MTkxNDA1MDFaMDMxMTAvBgNV
BAMTKENBMjA5NEU1RTRDQTYzODlDMkZGQzcyMjI4Mjg5NDk3OEU0N0FEMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDv1hIODrRjBf+HGrrf1K94ipCp
nv0uloA8PJnvR5Pue+M4yPiAlHfKHM6umFrIwCzHsv9Li0BeO07Kz1PwkG8vmmyP
0SuwkQ7YtSfO4UVesa8+yNqotEw1UEWG5nitsWb5kXJPKNj5c4oHYnt8cd5/VABQ
9dTgTAq9EgaXjZXKLuaVuhmbFCs9nmt791fSQTRZ5pAGWd/QCnY+CL9lHPETnhdD
C2a7ODvRvbA51GswyzpFliB5YyrjevOShbRGDCYZsXuDj/BCr5W6+qQv73sLNXhA
bTi3u7jR5sZ5oMUFUeck8Ly+Bu4BAPs8v9/4L7jCOjxzN90ySnT4TkglIzo5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyiCU5eTKY4nC/8ciKCiUl45HrSMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBAE/0N/r9/lMDvlGTRTfJssyt7qS2ooQw
54wwcsUutDHRA7VvJXdxvkjMfUx2nnBNBJNsfkWkZK/f0FsYNbtF6+1+rcjOTtic
Y7sYDzS40SfAOFpThOACZbGa9VS9Ob5EjBS0lBroYPjVHT2bKPGztnu6w+++B4hP
T82znnmSHNQntFaaAXbB4IVkiqtPOtI/SpECyGBW7Lk1oU1dpa15C5J/2w7d+njb
gV6an6bCNsDj4OVrr8WbKCpqaTfbsAL8fspP+vbeBMVAEr5yNH0iCHnssNvVZdWB
N81T5aR3PhfmaPhsmRNyqSo1ck5hTdShyXD83PeCHi0JzuH5ldwSb8E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org