Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138352e302f32342d3234203d3e203232333633.roa
File: 3137382e3230382e3138352e302f32342d3234203d3e203232333633.roa (raw, json)
Hash identifier: UcTl8kC3cfPsiNqEHcu2zhmdWJ0seQifSW6BYBk1El8=
Subject key identifier: 25:F4:B2:B6:6D:5F:5C:7D:3D:F8:BC:97:3D:BE:66:E2:8F:F7:83:C2
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 2B1535005E4D028C64610ECDCBE30C61AAFEAE1A
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138352e302f32342d3234203d3e203232333633.roa
Signing time: Mon 02 Oct 2023 05:19:43 +0000
ROA not before: Mon 02 Oct 2023 05:14:43 +0000
ROA not after: Mon 30 Sep 2024 05:19:43 +0000
asID: 22363
IP address blocks: 178.208.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 19:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:15:35:00:5e:4d:02:8c:64:61:0e:cd:cb:e3:0c:61:aa:fe:ae:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Oct 2 05:14:43 2023 GMT
Not After : Sep 30 05:19:43 2024 GMT
Subject: CN=25F4B2B66D5F5C7D3DF8BC973DBE66E28FF783C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0f:e5:d7:3e:71:43:52:a9:23:bf:53:ce:42:
19:9a:cd:09:07:a1:23:2c:7f:aa:3c:b4:1f:92:9a:
c6:22:69:69:2a:10:b2:5c:ae:4b:15:e0:31:1b:4a:
b0:bf:42:47:02:53:b4:e0:d4:ea:bb:66:46:a5:d5:
ee:42:7d:6e:98:65:fe:cc:ec:55:13:4a:5a:20:31:
71:5b:70:0c:7d:9f:43:94:2a:96:15:f5:00:1b:86:
b6:c8:d4:a7:14:89:64:13:b6:f5:34:39:bb:82:d0:
9e:b3:c7:4f:30:f6:24:2e:bc:91:dc:5d:f2:72:08:
ea:b5:bf:2d:c9:c0:af:d2:10:8b:23:50:4e:26:e6:
59:6a:e2:85:17:59:52:e8:fd:66:b6:b8:56:0e:99:
97:63:92:54:95:ed:60:92:71:24:e6:f7:65:e1:bc:
ba:1d:98:9d:dd:c6:6f:c2:df:3d:19:40:32:04:c6:
4f:b6:4b:97:2c:93:83:77:24:11:cc:eb:48:22:13:
4c:52:fa:67:87:6a:c1:6b:86:c8:88:75:7b:8c:1d:
64:a7:7e:eb:ee:d4:f3:ec:36:ef:55:9f:c2:e8:13:
7d:a9:b2:2a:03:50:75:fc:b1:05:1a:24:fb:fb:68:
0b:04:70:5e:53:a1:2a:53:02:b3:14:f3:d2:d0:4f:
4b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F4:B2:B6:6D:5F:5C:7D:3D:F8:BC:97:3D:BE:66:E2:8F:F7:83:C2
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138352e302f32342d3234203d3e203232333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.185.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:43:74:a3:37:ad:bb:2f:8c:60:9f:cd:f2:b8:93:2a:f3:88:
0d:78:df:0b:87:6c:4f:ae:ae:52:cd:26:45:3a:d7:29:9d:17:
09:43:f1:08:c7:e1:6c:9d:7e:02:4e:ad:92:2e:02:e2:7c:03:
e3:39:69:6a:e2:6e:32:4c:94:e6:e1:e0:37:9d:91:4a:41:3d:
18:3b:63:29:db:49:b1:af:7b:bf:c0:b8:c8:5b:70:08:97:e8:
a4:5d:07:96:44:15:cf:55:7d:86:5e:08:c1:84:9f:c4:ba:d1:
49:71:15:9e:e8:fe:11:55:86:3b:12:92:7a:62:87:d4:d3:5b:
09:fc:bd:5f:ed:13:6d:ac:31:95:43:72:af:5f:9f:d1:0b:f7:
36:77:41:49:c1:48:38:2c:41:6f:08:13:c4:9b:21:4f:d0:ae:
54:20:ef:7e:79:d8:a5:00:9d:e0:64:4d:e9:65:e1:44:f4:4e:
e0:eb:47:a2:3a:4f:54:0b:05:a5:8e:db:7c:a7:46:b0:9b:42:
ed:93:3a:b7:b5:27:a3:27:3b:6d:3f:70:4d:d0:83:ba:d0:56:
c6:16:ce:68:f7:96:8b:f7:6c:4f:73:b7:d6:49:1c:7a:32:0d:
17:0b:c2:47:de:49:8a:b9:dc:69:d6:b8:18:e8:a9:f4:11:a6:
57:fc:f6:10
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKxU1AF5NAoxkYQ7Ny+MMYar+rhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yMzEwMDIwNTE0NDNaFw0yNDA5MzAwNTE5NDNaMDMxMTAvBgNV
BAMTKDI1RjRCMkI2NkQ1RjVDN0QzREY4QkM5NzNEQkU2NkUyOEZGNzgzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPD+XXPnFDUqkjv1POQhmazQkH
oSMsf6o8tB+SmsYiaWkqELJcrksV4DEbSrC/QkcCU7Tg1Oq7Zkal1e5CfW6YZf7M
7FUTSlogMXFbcAx9n0OUKpYV9QAbhrbI1KcUiWQTtvU0ObuC0J6zx08w9iQuvJHc
XfJyCOq1vy3JwK/SEIsjUE4m5llq4oUXWVLo/Wa2uFYOmZdjklSV7WCScSTm92Xh
vLodmJ3dxm/C3z0ZQDIExk+2S5csk4N3JBHM60giE0xS+meHasFrhsiIdXuMHWSn
fuvu1PPsNu9Vn8LoE32psioDUHX8sQUaJPv7aAsEcF5ToSpTArMU89LQT0vFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJfSytm1fXH09+LyXPb5m4o/3g8IwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzIzMzM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy0LkwDQYJKoZIhvcNAQELBQADggEBAItDdKM3rbsvjGCfzfK4kyrziA143wuH
bE+urlLNJkU61ymdFwlD8QjH4WydfgJOrZIuAuJ8A+M5aWribjJMlObh4DedkUpB
PRg7YynbSbGve7/AuMhbcAiX6KRdB5ZEFc9VfYZeCMGEn8S60UlxFZ7o/hFVhjsS
knpih9TTWwn8vV/tE22sMZVDcq9fn9EL9zZ3QUnBSDgsQW8IE8SbIU/QrlQg7355
2KUAneBkTell4UT0TuDrR6I6T1QLBaWO23ynRrCbQu2TOre1J6MnO20/cE3Qg7rQ
VsYWzmj3lov3bE9zt9ZJHHoyDRcLwkfeSYq53GnWuBjoqfQRplf89hA=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:41:26 2024 by rpki-client on console-fra.rpki-client.org