Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
File: 38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FZXtmX+hL6BIDZe4eNCrYWFlqwDJ0Ls3LBxseSvpMCk=
Subject key identifier: F1:94:B9:08:CF:35:F0:9C:90:6D:75:2C:B2:D3:CE:D3:5B:6F:2A:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38C3E5A2D09C1830E06ACCF2994D9A20E0E4307C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Dec 2024 18:44:30 +0000
ROA not before: Sun 15 Dec 2024 18:39:30 +0000
ROA not after: Sun 14 Dec 2025 18:44:30 +0000
asID: 136787
IP address blocks: 88.218.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:c3:e5:a2:d0:9c:18:30:e0:6a:cc:f2:99:4d:9a:20:e0:e4:30:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 15 18:39:30 2024 GMT
Not After : Dec 14 18:44:30 2025 GMT
Subject: CN=F194B908CF35F09C906D752CB2D3CED35B6F2A17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fb:80:5b:17:b2:48:80:e0:0b:aa:9c:9c:f6:
1f:80:11:07:43:23:f2:b1:06:13:24:d7:6b:a2:fe:
9d:7a:f1:37:d2:8a:77:e0:26:64:42:38:5d:f8:59:
03:57:32:54:fc:02:87:16:97:f0:c3:6a:0c:c2:51:
84:0c:eb:52:54:10:f7:8c:00:b1:0b:68:08:25:f4:
48:92:50:38:30:6b:5e:56:59:f1:76:64:92:66:44:
8e:96:76:ce:c6:06:b6:66:5d:44:61:07:7e:43:1b:
0e:40:57:2f:bd:a8:ad:9d:f0:4d:8b:6b:d3:4d:6b:
8b:fe:d1:2c:01:dd:33:68:53:96:a1:d2:ec:75:df:
dc:9e:31:cb:89:cf:04:05:bf:db:8a:a7:e0:af:46:
12:da:a0:a1:64:7d:2b:e7:14:45:52:e5:e4:f8:c3:
16:03:88:85:a2:6c:b1:be:ab:36:a7:e1:61:bc:d8:
72:c8:d8:1b:39:da:84:4d:b0:1b:37:5c:42:09:36:
fb:72:7f:6e:01:0e:57:e2:79:d5:50:e6:9b:b3:25:
0f:db:38:b3:31:00:61:71:ea:52:0a:b3:47:ff:8d:
ef:b6:76:9a:fe:64:77:f7:13:c9:fc:2e:b5:88:68:
97:9b:c8:ef:58:9a:b8:5d:ff:08:b6:b2:13:73:c5:
a6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:94:B9:08:CF:35:F0:9C:90:6D:75:2C:B2:D3:CE:D3:5B:6F:2A:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c3:f9:f3:33:66:7c:6a:ff:8b:60:21:bb:2e:63:e6:f4:7b:
d7:59:98:f8:f1:20:ac:34:a4:c0:3d:d6:06:72:73:69:81:82:
d3:c0:3f:db:21:d5:2c:ee:40:74:f5:26:aa:01:3e:87:39:09:
ab:ba:03:dd:85:a5:ea:54:20:7f:43:3c:1f:55:90:de:19:d8:
67:9b:90:4d:62:46:75:b3:ff:68:73:79:98:b9:3f:4b:4f:4a:
12:c8:86:81:f9:70:b7:26:32:da:45:0e:a4:17:e5:d5:44:ac:
9b:9c:67:11:2e:45:86:2c:15:27:6f:5e:f0:9a:bb:b1:78:94:
1e:1e:23:27:f3:c0:82:23:d1:a3:06:1e:57:d9:bb:99:e7:cc:
b8:07:30:e4:de:9b:af:97:f4:11:ef:94:58:e6:63:11:10:f9:
e6:20:48:f4:57:37:07:fd:f3:8e:d2:ba:0a:65:e1:e5:0f:a9:
f8:a5:85:0b:95:35:3f:d0:55:85:32:11:b3:6e:77:c9:09:af:
26:72:9e:da:86:66:cf:3e:5d:8a:3d:e2:43:a7:3f:13:75:37:
51:7c:78:16:08:5c:30:70:cd:3d:dc:99:2b:36:76:c5:6f:da:
93:b1:1e:ce:f7:87:97:ed:ee:9a:9f:86:60:ac:09:85:a0:e5:
20:af:d4:42
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOMPlotCcGDDgaszymU2aIODkMHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMTUxODM5MzBaFw0yNTEyMTQxODQ0MzBaMDMxMTAvBgNV
BAMTKEYxOTRCOTA4Q0YzNUYwOUM5MDZENzUyQ0IyRDNDRUQzNUI2RjJBMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA+4BbF7JIgOALqpyc9h+AEQdD
I/KxBhMk12ui/p168TfSinfgJmRCOF34WQNXMlT8AocWl/DDagzCUYQM61JUEPeM
ALELaAgl9EiSUDgwa15WWfF2ZJJmRI6Wds7GBrZmXURhB35DGw5AVy+9qK2d8E2L
a9NNa4v+0SwB3TNoU5ah0ux139yeMcuJzwQFv9uKp+CvRhLaoKFkfSvnFEVS5eT4
wxYDiIWibLG+qzan4WG82HLI2Bs52oRNsBs3XEIJNvtyf24BDlfiedVQ5puzJQ/b
OLMxAGFx6lIKs0f/je+2dpr+ZHf3E8n8LrWIaJebyO9Ymrhd/wi2shNzxaajAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8ZS5CM818JyQbXUsstPO01tvKhcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzODJlMzIzMTM4MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABY2sowDQYJKoZIhvcNAQELBQADggEBAG7D+fMzZnxq/4tgIbsuY+b0e9dZmPjx
IKw0pMA91gZyc2mBgtPAP9sh1SzuQHT1JqoBPoc5Cau6A92FpepUIH9DPB9VkN4Z
2GebkE1iRnWz/2hzeZi5P0tPShLIhoH5cLcmMtpFDqQX5dVErJucZxEuRYYsFSdv
XvCau7F4lB4eIyfzwIIj0aMGHlfZu5nnzLgHMOTem6+X9BHvlFjmYxEQ+eYgSPRX
Nwf9847Sugpl4eUPqfilhQuVNT/QVYUyEbNud8kJryZyntqGZs8+XYo94kOnPxN1
N1F8eBYIXDBwzT3cmSs2dsVv2pOxHs73h5ft7pqfhmCsCYWg5SCv1EI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:18:44 2025 by rpki-client