Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
File: 3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa (raw, json)
Hash identifier: Sns2avL5Nam8P0rTnxbS+E3BsfVu6DGwhB9XN2W/ALs=
Subject key identifier: 4E:DB:EC:9D:B3:CF:CE:4C:54:BB:69:71:E2:91:DB:DB:80:9F:E9:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 27FBD158F2FC48B0A46E22CF1B7EF4A1C1AF26DF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 213122
IP address blocks: 185.216.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:fb:d1:58:f2:fc:48:b0:a4:6e:22:cf:1b:7e:f4:a1:c1:af:26:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=4EDBEC9DB3CFCE4C54BB6971E291DBDB809FE96F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:75:f8:3c:52:af:77:05:b8:a1:36:0c:b0:
02:25:46:81:db:2d:42:c7:63:0b:75:b9:a6:aa:ae:
d4:3a:bb:c8:ea:67:1c:0e:1c:bc:d5:f7:ce:1a:65:
9a:32:04:ac:a1:0a:af:d4:08:3b:3d:f6:3e:d5:45:
af:6f:ed:ed:4c:4c:3a:3c:6a:e8:fc:c5:9e:74:72:
91:08:8b:b1:50:20:2e:13:1e:a6:8e:22:94:bb:09:
3c:7d:c6:e8:da:af:e5:61:90:a2:7a:08:78:d9:e5:
d1:43:02:3b:bd:d5:41:e2:a7:49:87:bd:d8:d6:71:
25:d7:56:61:5e:81:ce:c6:0b:30:43:d7:07:7a:cd:
74:79:de:04:eb:00:5a:f8:d3:43:36:77:d8:4c:9e:
32:7a:9d:4f:64:45:cf:3c:a5:e1:5c:66:63:a7:42:
1f:67:cc:08:36:40:23:39:b6:96:52:22:e9:11:61:
00:57:81:89:b1:43:1f:8e:a5:b2:39:4e:dd:22:da:
6f:be:6a:af:ec:98:b4:7b:da:06:1b:35:a5:a1:de:
db:90:e4:a6:66:04:f1:51:46:83:84:6b:65:d2:e5:
da:ee:64:88:b0:78:41:2a:0e:7a:29:60:3b:76:c5:
7d:35:e8:63:be:9e:6a:e6:05:a5:5e:c4:8a:77:8c:
7f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DB:EC:9D:B3:CF:CE:4C:54:BB:69:71:E2:91:DB:DB:80:9F:E9:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.72.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e5:2c:8f:b6:14:52:71:68:a3:e6:5b:9e:27:67:8d:c1:2c:
b6:97:ac:6d:5f:25:28:26:3f:45:83:22:b4:ab:42:c2:42:d2:
f6:63:f9:dc:97:c9:b2:e5:e8:19:a2:52:3f:be:9c:71:b3:1a:
bf:bb:05:9a:88:fd:77:98:8b:ef:b8:5f:61:bc:60:70:ce:46:
b4:d7:cf:01:3a:cd:23:1f:d2:08:fd:db:57:c4:fd:ad:94:29:
34:da:ff:a0:e6:94:ba:43:f2:f4:19:f5:0c:bf:b3:bf:42:ab:
61:ca:93:32:73:c1:5b:6e:59:d9:3f:68:c7:d0:3d:0a:a1:c5:
97:ae:93:e0:3e:53:fb:d1:15:dc:a3:53:cd:aa:c3:41:c6:8c:
32:59:d2:a6:59:99:18:e6:26:13:6d:ca:67:04:18:4c:5f:72:
7f:70:79:b9:1a:ef:e4:7a:ec:fa:ff:1e:ec:3c:df:7d:d9:5c:
a1:79:77:72:2e:67:32:a5:29:4b:b9:7d:a4:91:94:e0:7b:a7:
fe:47:ee:87:c3:1d:f7:b3:09:d2:10:59:a9:ab:d9:1c:e9:0e:
5b:cf:8a:45:78:fb:6f:c3:70:9d:de:ed:62:70:97:95:33:99:
59:41:d1:29:25:60:e9:31:5e:a6:b9:fb:63:9c:eb:b7:a8:9b:
98:ce:d2:f9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJ/vRWPL8SLCkbiLPG370ocGvJt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKDRFREJFQzlEQjNDRkNFNEM1NEJCNjk3MUUyOTFEQkRCODA5RkU5NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8TnX4PFKvdwW4oTYMsAIlRoHb
LULHYwt1uaaqrtQ6u8jqZxwOHLzV984aZZoyBKyhCq/UCDs99j7VRa9v7e1MTDo8
auj8xZ50cpEIi7FQIC4THqaOIpS7CTx9xujar+VhkKJ6CHjZ5dFDAju91UHip0mH
vdjWcSXXVmFegc7GCzBD1wd6zXR53gTrAFr400M2d9hMnjJ6nU9kRc88peFcZmOn
Qh9nzAg2QCM5tpZSIukRYQBXgYmxQx+OpbI5Tt0i2m++aq/smLR72gYbNaWh3tuQ
5KZmBPFRRoOEa2XS5druZIiweEEqDnopYDt2xX016GO+nmrmBaVexIp3jH97AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTtvsnbPPzkxUu2lx4pHb24Cf6W8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMTMyMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EgwDQYJKoZIhvcNAQELBQADggEBAIPlLI+2FFJxaKPmW54nZ43BLLaXrG1f
JSgmP0WDIrSrQsJC0vZj+dyXybLl6BmiUj++nHGzGr+7BZqI/XeYi++4X2G8YHDO
RrTXzwE6zSMf0gj921fE/a2UKTTa/6DmlLpD8vQZ9Qy/s79Cq2HKkzJzwVtuWdk/
aMfQPQqhxZeuk+A+U/vRFdyjU82qw0HGjDJZ0qZZmRjmJhNtymcEGExfcn9webka
7+R67Pr/Huw8333ZXKF5d3IuZzKlKUu5faSRlOB7p/5H7ofDHfezCdIQWamr2Rzp
DlvPikV4+2/DcJ3e7WJwl5UzmVlB0SklYOkxXqa5+2Oc67eom5jO0vk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:47 2024 by rpki-client on console-ams.rpki-client.org