Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
File: 3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa (raw, json)
Hash identifier: adzmwSgVMmTQrE3QQq07+a6BDvk8hNmnoVwbzdsX5r0=
Subject key identifier: D9:FF:FB:34:F5:6D:CC:32:31:73:66:6A:EE:04:3B:2C:EF:5C:11:11
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 37E1F4FA6D9575DE7790AF18B014C54401FEA60A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
Signing time: Fri 20 Sep 2024 14:04:57 +0000
ROA not before: Fri 20 Sep 2024 13:59:57 +0000
ROA not after: Fri 19 Sep 2025 14:04:57 +0000
asID: 212520
IP address blocks: 185.216.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e1:f4:fa:6d:95:75:de:77:90:af:18:b0:14:c5:44:01:fe:a6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:57 2024 GMT
Not After : Sep 19 14:04:57 2025 GMT
Subject: CN=D9FFFB34F56DCC323173666AEE043B2CEF5C1111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:16:a7:4e:0d:ec:06:7e:8e:9b:78:9c:02:50:
86:1f:6f:91:f4:d8:1a:67:a0:f2:8a:63:ea:a9:ea:
29:f3:ab:53:ad:be:d5:c8:78:84:7e:7e:38:c3:46:
dc:81:b5:44:72:ff:a9:30:63:96:fd:36:18:54:c7:
95:10:d5:75:3d:40:a5:35:5f:79:4e:1d:e0:8d:f1:
ea:61:d5:db:7d:2c:e5:bf:1b:23:c3:33:73:1f:0c:
05:b8:75:70:6f:62:22:03:03:cf:5d:fa:4d:f4:f4:
23:d8:c8:48:3f:ac:41:91:95:4c:5a:13:be:81:90:
f5:28:86:8b:0b:b9:de:dc:90:71:4d:bf:66:fc:8a:
df:53:c8:37:c1:6b:63:02:f9:29:13:81:ff:73:25:
3d:4c:34:f3:c5:b3:da:b9:fb:10:f1:0f:e1:f7:e0:
32:ae:19:35:0a:65:ec:11:52:c5:39:d1:2f:7d:ef:
7b:b3:7d:36:51:08:20:71:c8:60:32:08:bc:53:76:
e1:a7:e3:d5:89:36:8d:cc:a8:49:e5:44:9b:4d:99:
b2:c4:8a:83:39:5d:33:19:5f:a4:ed:b5:6f:ff:a5:
da:1d:2c:3a:07:59:50:d9:fa:80:ce:ff:1e:6c:d5:
34:fe:2a:2c:2f:c8:97:53:b2:f5:ab:f4:dd:18:8f:
f9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FF:FB:34:F5:6D:CC:32:31:73:66:6A:EE:04:3B:2C:EF:5C:11:11
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.72.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:35:ce:3c:b6:8e:9b:55:44:a1:72:d4:8a:69:d0:0d:e4:c3:
43:21:0b:d7:8a:3f:b8:15:e7:d4:f0:5c:3a:c4:d5:49:ed:cd:
08:9b:87:3c:ba:db:3d:d1:9c:b5:6c:66:f4:18:4e:2b:3a:70:
3a:b3:55:ed:19:e6:78:a8:d8:4a:3c:c9:45:42:f6:e3:3a:27:
a1:71:06:24:3a:85:5d:fe:90:a3:b9:25:8d:b9:16:b1:25:4f:
0f:53:94:63:28:60:b0:b0:83:26:0d:b3:ef:a1:9e:21:3c:69:
ef:a1:c9:6e:10:98:25:0a:57:52:e7:21:26:49:44:e6:c6:f6:
88:a3:da:4f:da:73:39:d7:d5:31:de:30:46:56:25:df:14:42:
ad:2c:b2:5a:75:f8:ea:4d:2d:2b:f0:45:4d:35:6c:42:77:6e:
27:69:24:04:64:70:39:8b:2e:44:a8:9a:56:31:4d:99:ae:b7:
ff:59:ed:7a:18:58:46:33:14:b9:f1:df:ca:c5:9a:d8:17:3e:
f6:d1:50:20:57:d5:26:90:1d:49:c5:2a:33:7f:f5:d0:43:6b:
37:fe:55:38:e6:eb:82:15:5e:83:84:af:10:ba:61:c1:46:c2:
91:62:01:f6:88:d3:8a:5a:18:38:9d:48:7e:7e:24:ed:42:1c:
b7:83:65:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN+H0+m2Vdd53kK8YsBTFRAH+pgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTdaFw0yNTA5MTkxNDA0NTdaMDMxMTAvBgNV
BAMTKEQ5RkZGQjM0RjU2RENDMzIzMTczNjY2QUVFMDQzQjJDRUY1QzExMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRFqdODewGfo6beJwCUIYfb5H0
2BpnoPKKY+qp6inzq1OtvtXIeIR+fjjDRtyBtURy/6kwY5b9NhhUx5UQ1XU9QKU1
X3lOHeCN8eph1dt9LOW/GyPDM3MfDAW4dXBvYiIDA89d+k309CPYyEg/rEGRlUxa
E76BkPUohosLud7ckHFNv2b8it9TyDfBa2MC+SkTgf9zJT1MNPPFs9q5+xDxD+H3
4DKuGTUKZewRUsU50S9973uzfTZRCCBxyGAyCLxTduGn49WJNo3MqEnlRJtNmbLE
ioM5XTMZX6TttW//pdodLDoHWVDZ+oDO/x5s1TT+KiwvyJdTsvWr9N0Yj/n9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2f/7NPVtzDIxc2Zq7gQ7LO9cEREwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNTMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EgwDQYJKoZIhvcNAQELBQADggEBAGw1zjy2jptVRKFy1Ipp0A3kw0MhC9eK
P7gV59TwXDrE1UntzQibhzy62z3RnLVsZvQYTis6cDqzVe0Z5nio2Eo8yUVC9uM6
J6FxBiQ6hV3+kKO5JY25FrElTw9TlGMoYLCwgyYNs++hniE8ae+hyW4QmCUKV1Ln
ISZJRObG9oij2k/acznX1THeMEZWJd8UQq0sslp1+OpNLSvwRU01bEJ3bidpJARk
cDmLLkSomlYxTZmut/9Z7XoYWEYzFLnx38rFmtgXPvbRUCBX1SaQHUnFKjN/9dBD
azf+VTjm64IVXoOErxC6YcFGwpFiAfaI04paGDidSH5+JO1CHLeDZeY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org