Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
File: 3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: jKmTFqRjtu0Sj5HMrdgXpni032DX+PYINKLpUgiFf2A=
Subject key identifier: 7F:EF:FD:29:27:79:08:C7:94:6F:FA:40:E8:4F:0F:8C:10:72:D6:32
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F7244DE95EA5EB0C8937F5C2FC64044F6991A25
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
Signing time: Mon 04 Mar 2024 09:26:57 +0000
ROA not before: Mon 04 Mar 2024 09:21:57 +0000
ROA not after: Mon 03 Mar 2025 09:26:57 +0000
asID: 209854
IP address blocks: 185.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:72:44:de:95:ea:5e:b0:c8:93:7f:5c:2f:c6:40:44:f6:99:1a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 09:21:57 2024 GMT
Not After : Mar 3 09:26:57 2025 GMT
Subject: CN=7FEFFD29277908C7946FFA40E84F0F8C1072D632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:f1:64:fb:01:20:c2:84:a1:58:1d:76:ba:
1d:01:56:38:60:5e:8a:08:f0:93:8d:69:6b:ff:04:
40:0e:75:5d:ed:02:b4:cc:46:25:8b:d8:32:0d:df:
0c:39:fd:32:fd:b6:28:fd:d5:fc:d3:37:12:8a:26:
a6:0f:9b:6f:8a:d7:f0:57:1a:17:bb:98:8a:b3:b3:
de:51:7a:e9:ee:e3:10:c7:72:78:2c:20:00:d1:ab:
b0:0b:be:49:0b:7a:67:92:d5:08:9c:82:e8:b6:f1:
94:6d:68:27:79:5f:03:42:06:7b:ff:a6:a3:dc:e1:
5f:be:95:b3:2a:f2:8a:d4:63:7e:1e:c6:4c:b1:af:
20:6d:0d:27:c4:a0:02:58:2d:51:d1:3d:6d:46:49:
c9:0e:6f:1e:5d:dd:cd:14:a7:50:89:f3:03:25:0a:
70:b7:5b:08:f8:59:f0:51:6a:0e:32:52:8f:ff:dd:
95:3b:d0:89:90:41:94:fc:ea:7b:3f:04:8b:f9:c2:
a0:6b:23:41:8d:07:a9:72:b2:9b:4a:a7:58:25:9d:
61:46:ec:f8:84:10:f9:51:cc:1e:b6:21:02:04:d1:
fe:44:a1:ed:f7:8e:75:de:bd:fe:cc:53:95:53:eb:
4c:0a:d4:e2:cc:bb:de:29:6c:bb:a5:07:b8:6a:c8:
2a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:EF:FD:29:27:79:08:C7:94:6F:FA:40:E8:4F:0F:8C:10:72:D6:32
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
95:5a:96:40:fc:4d:21:2b:5a:8b:8a:03:57:78:bd:c5:2d:48:
87:ea:92:cd:1b:64:bc:6a:2e:be:85:1e:24:60:e7:89:8f:80:
8f:35:d6:4e:f5:20:69:f1:e1:0a:05:6b:c0:0e:6a:51:ab:3e:
ab:31:3c:72:a2:fd:79:e2:51:c8:6b:ce:b8:19:7a:a6:ab:bb:
7d:2b:e9:45:22:f7:74:e2:a1:f4:bf:ce:64:ee:6b:b2:77:4f:
99:ae:66:cd:ee:21:e6:1b:45:54:df:ea:8e:06:5c:55:42:c0:
1d:23:33:66:69:77:e2:5c:6d:af:a7:7a:63:71:b6:4b:65:2b:
36:0e:e1:77:55:8e:ba:83:f9:7a:80:d7:3c:9a:af:eb:3d:c5:
90:00:2b:a5:0e:da:80:4b:67:78:b0:5b:a5:cd:2c:ce:1c:91:
04:36:dd:18:eb:d3:c1:be:78:47:94:41:69:9e:d1:53:16:b7:
2d:c2:92:ef:22:30:f8:25:ef:da:9d:c8:6b:12:bd:aa:75:7c:
27:55:30:6f:55:c6:d7:41:c7:b0:47:0b:26:0d:e5:96:6b:cf:
c0:25:86:73:dd:6e:ab:71:76:75:69:c8:80:cf:c2:2b:34:21:
bf:94:50:fd:10:47:b3:c8:41:34:30:20:1b:ca:db:2a:65:66:
ad:fa:80:5f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUH3JE3pXqXrDIk39cL8ZARPaZGiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDQwOTIxNTdaFw0yNTAzMDMwOTI2NTdaMDMxMTAvBgNV
BAMTKDdGRUZGRDI5Mjc3OTA4Qzc5NDZGRkE0MEU4NEYwRjhDMTA3MkQ2MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqVPFk+wEgwoShWB12uh0BVjhg
XooI8JONaWv/BEAOdV3tArTMRiWL2DIN3ww5/TL9tij91fzTNxKKJqYPm2+K1/BX
Ghe7mIqzs95Reunu4xDHcngsIADRq7ALvkkLemeS1Qicgui28ZRtaCd5XwNCBnv/
pqPc4V++lbMq8orUY34exkyxryBtDSfEoAJYLVHRPW1GSckObx5d3c0Up1CJ8wMl
CnC3Wwj4WfBRag4yUo//3ZU70ImQQZT86ns/BIv5wqBrI0GNB6lysptKp1glnWFG
7PiEEPlRzB62IQIE0f5Eoe33jnXevf7MU5VT60wK1OLMu94pbLulB7hqyCr/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUf+/9KSd5CMeUb/pA6E8PjBBy1jIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3jANBgkqhkiG9w0BAQsFAAOCAQEAlVqWQPxNIStai4oDV3i9xS1Ih+qS
zRtkvGouvoUeJGDniY+AjzXWTvUgafHhCgVrwA5qUas+qzE8cqL9eeJRyGvOuBl6
pqu7fSvpRSL3dOKh9L/OZO5rsndPma5mze4h5htFVN/qjgZcVULAHSMzZml34lxt
r6d6Y3G2S2UrNg7hd1WOuoP5eoDXPJqv6z3FkAArpQ7agEtneLBbpc0szhyRBDbd
GOvTwb54R5RBaZ7RUxa3LcKS7yIw+CXv2p3IaxK9qnV8J1Uwb1XG10HHsEcLJg3l
lmvPwCWGc91uq3F2dWnIgM/CKzQhv5RQ/RBHs8hBNDAgG8rbKmVmrfqAXw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:56 2024 by rpki-client on console-fra.rpki-client.org