Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
File: 3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: sUlE+lmFl39C7cplUaKFhfj7YhhqYz3+c27KrlAypbo=
Subject key identifier: 33:5F:DB:F9:37:3E:38:5F:E6:72:2B:39:DE:7B:33:8D:3E:95:11:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3A39F8EC84603D21B6276721E730E73F3E823BA6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:15 +0000
ROA not before: Mon 26 Feb 2024 08:48:15 +0000
ROA not after: Mon 24 Feb 2025 08:53:15 +0000
asID: 51167
IP address blocks: 185.209.228.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:39:f8:ec:84:60:3d:21:b6:27:67:21:e7:30:e7:3f:3e:82:3b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:15 2024 GMT
Not After : Feb 24 08:53:15 2025 GMT
Subject: CN=335FDBF9373E385FE6722B39DE7B338D3E9511C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2d:04:e0:b7:e6:7b:0f:6d:3a:61:8b:88:71:
36:6f:2c:17:72:02:b3:2f:ad:f8:e4:2e:90:4e:fd:
c3:6d:da:82:92:69:17:71:24:cc:f7:fb:6d:00:f3:
98:4d:44:38:85:b2:bb:e8:78:93:9c:bf:b1:c9:39:
7e:b4:a8:a9:4c:58:df:30:01:f6:2d:d2:7c:d4:c5:
af:74:ac:a4:60:3c:bb:d7:da:ff:6d:e0:64:eb:ca:
03:64:cd:e2:0e:1f:e2:53:42:cb:74:4e:71:66:83:
2e:5f:66:04:2d:30:09:a9:58:13:6c:e7:3d:b0:d1:
e1:9b:c1:03:87:b8:cc:f6:8a:70:b6:16:6a:a0:b0:
c2:73:3b:33:24:f0:01:77:34:58:e7:25:16:1d:2e:
64:b4:40:a8:69:28:ac:6f:09:ad:c2:1e:aa:09:9a:
83:0b:71:0b:d1:86:06:e1:e4:8d:78:10:81:98:ff:
8b:04:da:a2:fe:9b:ae:14:9f:5d:0b:b9:12:a8:2a:
fc:6e:9c:2e:6b:34:b1:5a:d7:93:55:8a:f7:2c:84:
70:d0:d3:dc:12:a9:a7:02:75:74:4a:88:d8:e9:47:
c8:25:ea:2f:ea:2e:ed:e8:da:15:f5:aa:af:e3:e3:
8e:67:1e:c4:60:2d:5a:22:2d:be:59:e6:22:c2:ed:
91:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5F:DB:F9:37:3E:38:5F:E6:72:2B:39:DE:7B:33:8D:3E:95:11:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.228.0/23
Signature Algorithm: sha256WithRSAEncryption
76:06:71:56:65:d3:0e:f3:39:2c:f6:89:a9:2f:71:82:13:91:
30:0f:53:e9:46:d7:d1:d8:46:fb:aa:6e:95:e3:57:fd:6f:fd:
e1:50:fa:29:94:0d:5b:5a:21:15:aa:c1:ee:83:93:dd:8d:23:
a1:8e:42:6a:51:99:c6:c2:3b:43:17:3b:b5:1a:b5:db:cf:6d:
ef:24:f1:44:5f:d0:1d:45:70:b8:8c:38:ba:28:55:c9:f8:b6:
b8:07:a9:7b:9e:b0:bd:de:73:5b:94:9c:31:eb:0f:61:c7:6b:
d5:fa:59:0c:67:5b:aa:bf:dc:a3:93:16:c1:8d:53:8b:79:74:
20:57:48:e8:ec:62:23:ab:f7:68:82:a2:8a:11:9d:ad:87:29:
33:21:27:49:bb:5a:1d:11:67:ff:3e:4e:b4:08:4b:bf:89:ac:
ef:a4:19:22:83:77:9f:05:4c:ec:f5:74:6c:d3:73:e6:f9:e3:
53:72:b7:1e:cd:f1:d6:6b:22:d9:46:b0:cd:33:38:95:cc:04:
82:a8:10:2d:80:9a:0b:9e:0f:7a:e8:cb:de:08:3e:26:0e:68:
1a:c8:b7:a1:44:2d:2b:5d:d5:0e:2c:48:af:30:92:ff:5a:22:
42:b3:1a:ce:b5:20:a7:bd:25:88:d5:c7:7b:89:3d:14:b8:1e:
34:e5:8b:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOjn47IRgPSG2J2ch5zDnPz6CO6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTVaFw0yNTAyMjQwODUzMTVaMDMxMTAvBgNV
BAMTKDMzNUZEQkY5MzczRTM4NUZFNjcyMkIzOURFN0IzMzhEM0U5NTExQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjLQTgt+Z7D206YYuIcTZvLBdy
ArMvrfjkLpBO/cNt2oKSaRdxJMz3+20A85hNRDiFsrvoeJOcv7HJOX60qKlMWN8w
AfYt0nzUxa90rKRgPLvX2v9t4GTrygNkzeIOH+JTQst0TnFmgy5fZgQtMAmpWBNs
5z2w0eGbwQOHuMz2inC2FmqgsMJzOzMk8AF3NFjnJRYdLmS0QKhpKKxvCa3CHqoJ
moMLcQvRhgbh5I14EIGY/4sE2qL+m64Un10LuRKoKvxunC5rNLFa15NVivcshHDQ
09wSqacCdXRKiNjpR8gl6i/qLu3o2hX1qq/j445nHsRgLVoiLb5Z5iLC7ZHbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM1/b+Tc+OF/mcis53nszjT6VEcgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG50eQwDQYJKoZIhvcNAQELBQADggEBAHYGcVZl0w7zOSz2iakvcYITkTAPU+lG
19HYRvuqbpXjV/1v/eFQ+imUDVtaIRWqwe6Dk92NI6GOQmpRmcbCO0MXO7UatdvP
be8k8URf0B1FcLiMOLooVcn4trgHqXuesL3ec1uUnDHrD2HHa9X6WQxnW6q/3KOT
FsGNU4t5dCBXSOjsYiOr92iCoooRna2HKTMhJ0m7Wh0RZ/8+TrQIS7+JrO+kGSKD
d58FTOz1dGzTc+b541Nytx7N8dZrItlGsM0zOJXMBIKoEC2AmgueD3roy94IPiYO
aBrIt6FELStd1Q4sSK8wkv9aIkKzGs61IKe9JYjVx3uJPRS4HjTli88=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org