Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
File: 3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: AX9+ZxmAOQm7rknS0rSlpDKkl4H6+rMCcFHi+s1NQDo=
Subject key identifier: CC:E9:25:97:D8:D9:D7:F8:E3:AD:BE:EF:A0:3F:E0:92:62:01:41:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E56697F3AEFBE28943B1176B558092C102A6229
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 26 Apr 2024 13:38:46 +0000
ROA not before: Fri 26 Apr 2024 13:33:46 +0000
ROA not after: Fri 25 Apr 2025 13:38:46 +0000
asID: 207137
IP address blocks: 185.161.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:56:69:7f:3a:ef:be:28:94:3b:11:76:b5:58:09:2c:10:2a:62:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 26 13:33:46 2024 GMT
Not After : Apr 25 13:38:46 2025 GMT
Subject: CN=CCE92597D8D9D7F8E3ADBEEFA03FE09262014123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:68:a8:32:51:7d:ae:29:45:dd:d1:a2:a1:
9c:aa:20:c6:e9:81:b2:49:0a:72:5d:e7:62:fd:18:
c9:13:21:00:ed:48:69:cc:44:a3:4f:69:4b:c4:89:
b1:94:e7:f3:87:64:67:d6:2f:b0:6b:06:42:b6:26:
65:8d:ad:c4:f3:50:a6:e0:eb:51:84:fe:35:84:2c:
f3:76:ba:da:9f:00:e8:cb:29:28:b1:0b:22:0f:8c:
d0:c8:82:cd:d7:b5:da:75:05:b7:32:79:b9:4a:0c:
85:f8:a3:74:1d:20:9d:f1:2d:50:a9:91:52:71:3a:
00:b8:1a:d8:c0:fd:79:36:ce:72:47:7e:16:ba:d8:
a8:67:f9:2c:6e:95:ea:13:bd:28:77:80:73:8f:d0:
90:53:e3:f9:b7:c3:8c:fd:11:91:b3:4a:f8:d3:7c:
82:a3:db:02:05:08:dd:70:22:f4:e2:54:b3:f7:6a:
36:f9:4c:7a:45:08:8f:ae:0d:e0:01:f1:75:7f:62:
d4:67:cc:18:00:57:f2:71:21:e6:7f:e0:9d:f1:9b:
46:00:69:a1:a2:87:7d:38:29:ec:bb:ff:9f:f1:56:
7f:03:bb:07:5c:0f:19:39:36:fb:7d:c2:0e:a9:ef:
1b:f4:77:ee:5f:e7:f0:dc:99:1d:97:71:95:64:bc:
80:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E9:25:97:D8:D9:D7:F8:E3:AD:BE:EF:A0:3F:E0:92:62:01:41:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.202.0/24
Signature Algorithm: sha256WithRSAEncryption
05:4e:50:1b:ee:0e:b3:a5:18:8e:c8:bb:95:41:84:71:f5:5a:
ca:6d:bb:6b:94:3f:39:cd:1a:35:45:27:cd:54:7a:9f:ed:20:
72:b6:e4:f4:af:da:06:11:f1:94:9b:eb:63:69:9c:36:6b:1b:
c7:67:ca:51:56:60:d1:d0:ad:60:6c:fd:69:72:16:64:82:cf:
95:01:af:46:65:1d:75:ff:12:d0:34:3a:bf:60:e4:f6:33:1b:
dc:8b:18:b0:62:b3:3f:b5:d4:cf:aa:4d:51:ed:8d:49:93:fd:
97:c4:8f:14:1a:5b:e1:9f:76:21:bf:1b:8b:db:cf:49:bb:1b:
74:c3:c7:f0:d3:cc:84:46:c6:b4:fc:eb:79:73:52:be:c3:a8:
7d:4b:df:24:8b:26:be:2c:86:1f:a1:a9:f8:e2:ff:1f:54:38:
c1:56:a2:8d:35:48:74:0d:f6:92:9f:a1:47:a3:bb:d3:d3:b1:
3e:a6:2a:ee:77:48:a6:da:88:5d:ff:5c:d2:76:03:24:90:c3:
37:fc:ea:d2:04:a5:7c:1b:cf:49:7a:63:d3:18:91:80:f3:d2:
26:27:a1:17:59:64:ad:f3:b3:ca:84:63:0b:6b:1e:c3:b0:9e:
a7:e2:7a:a5:37:89:01:7c:03:19:28:e2:ca:4c:ff:34:f2:3f:
f2:09:a2:07
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDlZpfzrvviiUOxF2tVgJLBAqYikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MjYxMzMzNDZaFw0yNTA0MjUxMzM4NDZaMDMxMTAvBgNV
BAMTKENDRTkyNTk3RDhEOUQ3RjhFM0FEQkVFRkEwM0ZFMDkyNjIwMTQxMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhDGioMlF9rilF3dGioZyqIMbp
gbJJCnJd52L9GMkTIQDtSGnMRKNPaUvEibGU5/OHZGfWL7BrBkK2JmWNrcTzUKbg
61GE/jWELPN2utqfAOjLKSixCyIPjNDIgs3Xtdp1BbcyeblKDIX4o3QdIJ3xLVCp
kVJxOgC4GtjA/Xk2znJHfha62Khn+SxuleoTvSh3gHOP0JBT4/m3w4z9EZGzSvjT
fIKj2wIFCN1wIvTiVLP3ajb5THpFCI+uDeAB8XV/YtRnzBgAV/JxIeZ/4J3xm0YA
aaGih304Key7/5/xVn8DuwdcDxk5Nvt9wg6p7xv0d+5f5/DcmR2XcZVkvIBLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzOkll9jZ1/jjrb7voD/gkmIBQSMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzEyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmhyjANBgkqhkiG9w0BAQsFAAOCAQEABU5QG+4Os6UYjsi7lUGEcfVaym27
a5Q/Oc0aNUUnzVR6n+0gcrbk9K/aBhHxlJvrY2mcNmsbx2fKUVZg0dCtYGz9aXIW
ZILPlQGvRmUddf8S0DQ6v2Dk9jMb3IsYsGKzP7XUz6pNUe2NSZP9l8SPFBpb4Z92
Ib8bi9vPSbsbdMPH8NPMhEbGtPzreXNSvsOofUvfJIsmviyGH6Gp+OL/H1Q4wVai
jTVIdA32kp+hR6O709OxPqYq7ndIptqIXf9c0nYDJJDDN/zq0gSlfBvPSXpj0xiR
gPPSJiehF1lkrfOzyoRjC2sew7Cep+J6pTeJAXwDGSjiykz/NPI/8gmiBw==
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:46 2024 by rpki-client on console-fra.rpki-client.org