Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
File: 3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: FuAb1V1nxLxeN0oVm7YCTgSKDZnFGgkdPRUwLdRh2Ks=
Subject key identifier: D6:B9:5C:5F:00:0D:BD:5A:A9:5B:FE:7D:7A:E8:75:83:A5:D1:DA:CC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 41EDD9584F33B8A6C9AAC9631ED61C8F554211E5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:22 +0000
ROA not before: Mon 26 Feb 2024 08:48:22 +0000
ROA not after: Mon 24 Feb 2025 08:53:22 +0000
asID: 51167
IP address blocks: 185.216.203.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ed:d9:58:4f:33:b8:a6:c9:aa:c9:63:1e:d6:1c:8f:55:42:11:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:22 2024 GMT
Not After : Feb 24 08:53:22 2025 GMT
Subject: CN=D6B95C5F000DBD5AA95BFE7D7AE87583A5D1DACC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:7e:db:cf:ba:be:99:16:2f:f8:2b:1d:60:
d9:7a:8a:9e:00:c9:fc:4b:cf:23:f9:db:6d:a0:03:
77:9f:b4:2e:a4:7e:f6:d2:fc:9b:58:a8:b9:a6:f9:
53:6b:91:b4:09:65:2c:8d:73:25:10:e9:66:6b:ef:
44:a6:db:09:a4:dc:8c:95:fd:b2:5c:09:1f:70:e2:
6f:85:a3:43:85:eb:ff:a0:ff:7a:59:d9:37:3e:f6:
82:64:81:ad:e3:62:0c:40:43:04:2c:04:6b:37:27:
18:35:6a:7e:c2:62:f9:20:27:36:14:6b:c0:87:d8:
a1:fd:79:47:39:15:db:0b:54:cb:36:b4:8d:13:0c:
d0:12:0f:3a:b4:00:6b:4b:73:37:8e:e1:d4:87:0b:
bc:e4:8a:9d:b6:56:87:44:a3:52:52:e0:d7:88:cb:
4d:ba:29:7c:a7:e4:6c:70:03:25:61:77:ca:53:c1:
ff:a9:ae:80:23:4d:b4:15:3e:91:0a:ba:80:0a:b5:
38:57:7e:5f:76:f1:5d:36:38:8b:81:f8:69:4d:78:
a4:3f:8e:cd:f9:7e:ad:46:60:03:5e:cf:fa:f4:e9:
c3:c3:6b:09:8d:bf:3d:00:6b:f4:50:e9:39:ea:5b:
20:c2:64:f8:f1:b6:bd:69:fb:29:42:52:e7:50:79:
df:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B9:5C:5F:00:0D:BD:5A:A9:5B:FE:7D:7A:E8:75:83:A5:D1:DA:CC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.203.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:26:fd:0f:45:d3:64:36:f7:d6:47:da:88:f9:9e:69:12:49:
b9:72:20:d3:b3:2c:9a:f4:81:7e:80:31:9a:6e:4b:4d:ca:dd:
a2:6e:a7:10:cc:99:6a:eb:4a:4e:14:9f:05:e9:94:eb:0c:7d:
29:0c:83:3e:bb:e7:d7:33:4b:e8:78:ff:8a:3d:34:90:a5:f9:
29:f0:97:72:6a:58:45:e0:10:01:6c:af:51:fc:e2:32:fb:0b:
56:ad:7e:31:de:37:5b:3f:cc:ee:c2:00:60:87:46:7f:ef:7a:
70:e1:c3:a1:03:79:86:3e:4e:fe:0e:31:f6:d6:27:3a:d7:2d:
11:a0:5a:f2:ca:e6:54:d1:88:dd:22:c2:bd:f5:03:89:10:25:
6e:34:d2:52:06:34:b3:1f:66:0b:73:61:23:d8:5a:e7:61:7b:
62:06:27:bf:e3:dd:9e:e4:a5:17:d8:d0:bf:a6:d7:77:e8:6e:
2f:a2:47:61:eb:2e:c1:d5:30:3b:2d:9b:42:28:43:ff:ee:fd:
f7:ec:8a:f6:d3:59:c9:61:54:f2:35:b1:57:a3:e5:08:82:c5:
ea:fd:97:41:6c:a5:cf:06:d6:1d:92:fb:8f:48:ca:b7:46:51:
3d:8e:da:1c:5b:ef:fd:7d:51:17:e9:63:20:93:35:55:2e:93:
51:05:b6:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQe3ZWE8zuKbJqsljHtYcj1VCEeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjJaFw0yNTAyMjQwODUzMjJaMDMxMTAvBgNV
BAMTKEQ2Qjk1QzVGMDAwREJENUFBOTVCRkU3RDdBRTg3NTgzQTVEMURBQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC73H7bz7q+mRYv+CsdYNl6ip4A
yfxLzyP5222gA3eftC6kfvbS/JtYqLmm+VNrkbQJZSyNcyUQ6WZr70Sm2wmk3IyV
/bJcCR9w4m+Fo0OF6/+g/3pZ2Tc+9oJkga3jYgxAQwQsBGs3Jxg1an7CYvkgJzYU
a8CH2KH9eUc5FdsLVMs2tI0TDNASDzq0AGtLczeO4dSHC7zkip22VodEo1JS4NeI
y026KXyn5GxwAyVhd8pTwf+proAjTbQVPpEKuoAKtThXfl928V02OIuB+GlNeKQ/
js35fq1GYANez/r06cPDawmNvz0Aa/RQ6TnqWyDCZPjxtr1p+ylCUudQed8FAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1rlcXwANvVqpW/59euh1g6XR2swwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTMy
MzAzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52MswDQYJKoZIhvcNAQELBQADggEBAEom/Q9F02Q299ZH2oj5nmkSSblyINOz
LJr0gX6AMZpuS03K3aJupxDMmWrrSk4UnwXplOsMfSkMgz6759czS+h4/4o9NJCl
+Snwl3JqWEXgEAFsr1H84jL7C1atfjHeN1s/zO7CAGCHRn/venDhw6EDeYY+Tv4O
MfbWJzrXLRGgWvLK5lTRiN0iwr31A4kQJW400lIGNLMfZgtzYSPYWudhe2IGJ7/j
3Z7kpRfY0L+m13fobi+iR2HrLsHVMDstm0IoQ//u/ffsivbTWclhVPI1sVej5QiC
xer9l0Fspc8G1h2S+49IyrdGUT2O2hxb7/19URfpYyCTNVUuk1EFtss=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org