Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
File: 3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa (raw, json)
Hash identifier: x9FaKxQnScFheCY8WqNu60mHzwGDalakuT2hHStsMS4=
Subject key identifier: D8:32:10:AA:B7:3C:D7:2D:21:07:E8:AA:FA:84:3F:83:34:4B:C3:64
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 38837D6B92B167FFF0F7B966C6CA5B2C841380BA
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:21:19 +0000
ROA not before: Mon 02 Oct 2023 05:16:19 +0000
ROA not after: Mon 30 Sep 2024 05:21:19 +0000
asID: 22363
IP address blocks: 178.208.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:83:7d:6b:92:b1:67:ff:f0:f7:b9:66:c6:ca:5b:2c:84:13:80:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:16:19 2023 GMT
Not After : Sep 30 05:21:19 2024 GMT
Subject: CN=D83210AAB73CD72D2107E8AAFA843F83344BC364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:bb:bf:d8:d5:4c:06:1f:8e:ff:96:1e:3f:
c7:5b:ae:23:9f:ae:9f:5a:dd:82:a7:2a:c5:dc:c9:
97:9c:f4:b8:f2:e1:99:85:04:e1:98:92:f6:f3:fe:
93:e9:4a:e3:ce:e1:0d:ac:e0:66:b5:c9:e8:70:e5:
be:33:a6:45:7e:a5:75:9c:61:88:9e:9f:28:6d:9b:
5f:b4:cc:26:96:43:47:84:19:1f:f3:63:df:58:51:
7b:b6:d3:65:b3:d5:93:22:0c:56:18:ca:e9:df:c3:
25:15:9d:e7:a9:8b:f5:6e:f7:13:a9:89:21:db:02:
fc:da:fe:fa:7a:4b:47:44:81:f5:40:aa:59:19:c7:
b4:79:2a:bb:6e:35:8b:55:77:69:94:17:f4:ea:1a:
c8:e5:a2:26:3c:f8:22:35:43:de:15:31:d3:d3:bc:
da:15:1f:ed:c2:df:5a:6c:47:f7:ff:13:bc:1b:c5:
64:16:1b:56:ab:a9:c7:a0:77:37:6f:f2:29:14:39:
3d:61:eb:5d:b9:12:e1:d0:fa:44:51:64:f1:b5:c3:
8d:d3:f5:aa:9c:c1:51:2b:cb:d4:dc:24:71:e7:a2:
a2:d0:d5:65:a4:70:22:60:96:32:23:7c:ec:93:17:
ee:00:a1:15:20:53:2a:1f:db:0f:c3:3b:34:43:ea:
de:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:32:10:AA:B7:3C:D7:2D:21:07:E8:AA:FA:84:3F:83:34:4B:C3:64
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137322e302f32322d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.172.0/22
Signature Algorithm: sha256WithRSAEncryption
91:12:61:57:cf:54:a4:ac:0c:45:aa:5e:4c:36:01:fb:53:73:
96:98:c7:7d:89:e6:b6:c4:6b:42:a4:f9:83:dd:2a:db:e8:03:
ed:66:0f:9c:74:e7:61:f2:61:5a:af:b5:05:64:f3:f4:77:06:
00:40:19:9a:80:21:dc:13:4b:87:38:e1:ba:ce:9c:bf:e4:4a:
f1:d3:bb:67:e5:35:f2:8f:7e:42:f4:9b:27:4f:25:f1:b0:41:
90:8f:66:b8:d3:79:20:23:26:5a:81:84:0b:20:9f:8e:b2:4b:
cb:25:75:d1:cf:66:05:00:ea:ad:50:16:a4:fa:b7:0d:da:a0:
12:3f:08:54:42:23:9e:b0:dd:76:b1:d8:de:c7:12:5c:63:37:
8d:82:82:79:51:37:89:84:6d:97:9f:92:f6:af:bc:91:97:40:
25:7b:4c:41:de:f0:c1:1a:c7:19:03:71:80:95:6e:c7:f2:ab:
0f:b8:04:7d:d0:0e:cd:c1:3e:53:dc:f2:9e:bd:3c:9c:67:d8:
0a:9c:b6:a6:7d:53:10:0d:f4:11:3c:62:5a:ff:7e:99:01:9a:
a6:7a:10:31:2a:9b:23:ec:5b:d3:98:a5:f5:8f:41:a6:f4:d2:
9a:47:7c:23:b8:ba:2a:81:f6:c1:b1:52:45:ab:1c:f8:2e:f2:
2e:f1:a6:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOIN9a5KxZ//w97lmxspbLIQTgLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE2MTlaFw0yNDA5MzAwNTIxMTlaMDMxMTAvBgNV
BAMTKEQ4MzIxMEFBQjczQ0Q3MkQyMTA3RThBQUZBODQzRjgzMzQ0QkMzNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdbLu/2NVMBh+O/5YeP8dbriOf
rp9a3YKnKsXcyZec9Ljy4ZmFBOGYkvbz/pPpSuPO4Q2s4Ga1yehw5b4zpkV+pXWc
YYienyhtm1+0zCaWQ0eEGR/zY99YUXu202Wz1ZMiDFYYyunfwyUVneepi/Vu9xOp
iSHbAvza/vp6S0dEgfVAqlkZx7R5KrtuNYtVd2mUF/TqGsjloiY8+CI1Q94VMdPT
vNoVH+3C31psR/f/E7wbxWQWG1arqcegdzdv8ikUOT1h6125EuHQ+kRRZPG1w43T
9aqcwVEry9TcJHHnoqLQ1WWkcCJgljIjfOyTF+4AoRUgUyof2w/DOzRD6t4BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2DIQqrc81y0hB+iq+oQ/gzRLw2QwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzIzMzM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy0KwwDQYJKoZIhvcNAQELBQADggEBAJESYVfPVKSsDEWqXkw2AftTc5aYx32J
5rbEa0Kk+YPdKtvoA+1mD5x052HyYVqvtQVk8/R3BgBAGZqAIdwTS4c44brOnL/k
SvHTu2flNfKPfkL0mydPJfGwQZCPZrjTeSAjJlqBhAsgn46yS8slddHPZgUA6q1Q
FqT6tw3aoBI/CFRCI56w3Xax2N7HElxjN42CgnlRN4mEbZefkvavvJGXQCV7TEHe
8MEaxxkDcYCVbsfyqw+4BH3QDs3BPlPc8p69PJxn2AqctqZ9UxAN9BE8Ylr/fpkB
mqZ6EDEqmyPsW9OYpfWPQab00ppHfCO4uiqB9sGxUkWrHPgu8i7xpiA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:48:53 2024 by rpki-client on console-fra.rpki-client.org