Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
File: 38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 2ij+dvQavDc1i3XOc1pApyUrX8OIQMwFf8u+fClJlkQ=
Subject key identifier: 11:17:0F:A3:AF:B8:B5:29:F9:EC:AF:88:C5:7C:1F:02:CC:69:AD:D2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 51AF4D3B70FDC132796C53CD6963F064385553A8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Dec 2024 18:44:29 +0000
ROA not before: Sun 15 Dec 2024 18:39:29 +0000
ROA not after: Sun 14 Dec 2025 18:44:29 +0000
asID: 136787
IP address blocks: 88.218.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:af:4d:3b:70:fd:c1:32:79:6c:53:cd:69:63:f0:64:38:55:53:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 15 18:39:29 2024 GMT
Not After : Dec 14 18:44:29 2025 GMT
Subject: CN=11170FA3AFB8B529F9ECAF88C57C1F02CC69ADD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:48:af:46:5d:bc:4e:42:e4:d2:26:94:fc:5a:
2e:aa:7f:25:5f:92:70:4c:0c:00:81:9e:de:24:79:
c4:69:88:e0:11:53:b9:ef:fe:6c:72:ab:64:53:36:
d3:96:08:1c:91:0e:8d:53:e0:22:56:54:0b:47:65:
d3:05:29:9e:ae:7a:4f:0c:5d:f8:cc:f0:ae:02:1d:
d3:e2:2c:52:ab:ee:e2:eb:bc:dd:9a:0b:96:99:c0:
48:80:a2:0a:09:88:b7:36:73:a7:34:c3:dc:63:c1:
2a:b4:3b:c2:19:9e:0f:a3:06:02:5c:1d:d1:21:12:
ae:00:d1:7e:ab:8d:b4:d9:36:09:4d:f1:54:9a:22:
71:c5:68:5d:00:0b:65:53:fa:13:aa:c6:b0:3a:68:
6b:94:ee:52:17:03:44:81:66:62:8e:00:93:8e:c0:
b1:91:45:9f:35:13:bf:22:8a:c7:01:9d:c6:a0:93:
ed:e7:f6:fd:5b:de:fa:63:5e:f7:98:77:c9:e9:c4:
84:26:b7:34:9d:be:8a:68:92:0b:80:4a:38:b8:14:
cb:2f:5a:0c:bb:b7:48:b0:5e:81:ec:8e:4e:9e:17:
f7:bb:e8:d1:d2:fa:c3:e7:84:c0:3c:fd:76:ce:84:
de:80:f2:c2:fc:55:68:8f:68:7e:bf:77:da:3f:47:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:17:0F:A3:AF:B8:B5:29:F9:EC:AF:88:C5:7C:1F:02:CC:69:AD:D2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.203.0/24
Signature Algorithm: sha256WithRSAEncryption
53:df:c0:0e:8e:7d:b4:3e:51:32:22:15:5b:f5:54:2c:8e:ea:
fb:a5:5c:26:52:2c:1c:34:42:9e:4f:c3:5e:55:23:b8:12:33:
b3:09:9b:98:e3:03:87:3a:ba:64:df:7e:c5:2c:dd:a5:ae:d0:
59:70:fa:26:95:66:6d:3e:8f:ce:85:94:c2:fc:50:95:f6:81:
b2:ff:a0:f0:33:62:35:ed:b3:2d:f9:2c:dd:be:59:49:42:f6:
f0:3b:97:23:3c:07:80:fb:ad:6c:6b:bc:41:c0:0e:3b:ae:a2:
f3:62:22:b7:9a:e0:40:a6:1c:81:b7:bb:ac:7c:c1:ac:03:cb:
2e:04:c6:24:ca:68:7b:50:bb:94:6c:f6:e9:5a:14:e2:ce:87:
c8:c9:53:da:28:f2:5b:cb:34:0a:b5:d7:f5:e2:67:be:99:b6:
73:45:5f:c5:51:1e:42:51:07:2b:4d:45:c6:29:c8:99:a5:af:
ae:5c:22:fd:32:0f:61:3c:d3:26:0e:58:9c:98:37:8f:a1:7c:
9e:e3:70:2f:04:4f:36:c2:2f:6f:80:87:dc:6f:57:da:f6:7e:
21:6c:b2:b6:32:10:8e:63:96:f7:cd:e1:ae:8c:bc:dc:9d:6d:
4d:1b:09:65:6b:04:d9:11:4f:77:83:29:76:80:be:12:40:e5:
04:5d:ee:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUa9NO3D9wTJ5bFPNaWPwZDhVU6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMTUxODM5MjlaFw0yNTEyMTQxODQ0MjlaMDMxMTAvBgNV
BAMTKDExMTcwRkEzQUZCOEI1MjlGOUVDQUY4OEM1N0MxRjAyQ0M2OUFERDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTSK9GXbxOQuTSJpT8Wi6qfyVf
knBMDACBnt4kecRpiOARU7nv/mxyq2RTNtOWCByRDo1T4CJWVAtHZdMFKZ6uek8M
XfjM8K4CHdPiLFKr7uLrvN2aC5aZwEiAogoJiLc2c6c0w9xjwSq0O8IZng+jBgJc
HdEhEq4A0X6rjbTZNglN8VSaInHFaF0AC2VT+hOqxrA6aGuU7lIXA0SBZmKOAJOO
wLGRRZ81E78iiscBncagk+3n9v1b3vpjXveYd8npxIQmtzSdvopokguASji4FMsv
Wgy7t0iwXoHsjk6eF/e76NHS+sPnhMA8/XbOhN6A8sL8VWiPaH6/d9o/R+VdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUERcPo6+4tSn57K+IxXwfAsxprdIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzODJlMzIzMTM4MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABY2sswDQYJKoZIhvcNAQELBQADggEBAFPfwA6OfbQ+UTIiFVv1VCyO6vulXCZS
LBw0Qp5Pw15VI7gSM7MJm5jjA4c6umTffsUs3aWu0Flw+iaVZm0+j86FlML8UJX2
gbL/oPAzYjXtsy35LN2+WUlC9vA7lyM8B4D7rWxrvEHADjuuovNiIrea4ECmHIG3
u6x8wawDyy4ExiTKaHtQu5Rs9ulaFOLOh8jJU9oo8lvLNAq11/XiZ76ZtnNFX8VR
HkJRBytNRcYpyJmlr65cIv0yD2E80yYOWJyYN4+hfJ7jcC8ETzbCL2+Ah9xvV9r2
fiFssrYyEI5jlvfN4a6MvNydbU0bCWVrBNkRT3eDKXaAvhJA5QRd7mA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:55 2025 by rpki-client