Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233322e302f32332d3234203d3e203631333137.roa
File: 3138352e3138372e3233322e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: B84xDMnxUlhINoZeFG8ogqSigqQJs4/5H+ohoUI77Og=
Subject key identifier: 3B:9B:19:F9:0C:73:C4:8E:6B:56:EE:A6:12:C9:45:43:56:38:7B:5C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 56DF13E3843D61D7A43BA78F89D7B099A277CF04
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233322e302f32332d3234203d3e203631333137.roa
Signing time: Fri 20 Oct 2023 13:41:54 +0000
ROA not before: Fri 20 Oct 2023 13:36:54 +0000
ROA not after: Fri 18 Oct 2024 13:41:54 +0000
asID: 61317
IP address blocks: 185.187.232.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:df:13:e3:84:3d:61:d7:a4:3b:a7:8f:89:d7:b0:99:a2:77:cf:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:54 2023 GMT
Not After : Oct 18 13:41:54 2024 GMT
Subject: CN=3B9B19F90C73C48E6B56EEA612C9454356387B5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:24:86:86:0d:63:f4:1c:95:92:f8:f4:96:27:
fe:90:8b:ee:8c:39:8b:8c:e0:4f:90:49:2b:8b:1e:
d0:38:ee:a9:41:9e:08:82:d5:8c:2c:cf:62:58:c8:
ea:a8:d2:52:1f:00:4c:84:24:fb:f6:9e:5c:61:6a:
a8:47:7c:79:58:b4:be:b3:71:66:88:92:fb:2b:58:
e0:2c:2b:59:54:2b:c2:46:b4:70:46:72:9e:52:53:
4f:b1:ef:67:e0:1e:f3:66:2e:fc:a8:59:fb:0d:32:
6a:32:88:4b:fd:e5:37:32:9c:b5:67:69:33:20:23:
46:ec:ad:7e:b7:33:f8:51:e9:75:af:fa:18:72:9e:
a6:29:d2:bb:44:d7:c2:f4:27:26:66:45:c9:28:5f:
78:88:f4:72:ee:c6:d2:c8:29:88:14:68:9e:12:ec:
59:a5:35:49:d8:a8:29:39:3f:5c:78:d8:ab:59:f8:
e9:39:03:15:42:7a:30:33:bc:df:75:d3:fa:ee:f6:
45:48:45:08:bb:5c:67:4e:59:aa:8c:84:87:38:35:
08:19:4d:2f:9a:f7:fe:35:41:90:6c:f1:0d:a0:72:
74:0e:82:07:c0:0c:ee:b5:1c:3e:67:fc:d6:b3:47:
fb:fe:25:4e:1f:bc:af:84:da:87:91:95:a3:af:77:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:19:F9:0C:73:C4:8E:6B:56:EE:A6:12:C9:45:43:56:38:7B:5C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233322e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.232.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:bf:dd:07:e1:3c:bc:b3:81:82:00:8e:94:2f:6f:8c:1b:ed:
5a:89:b4:ff:76:3f:08:95:ab:9c:b4:bf:0e:71:7a:93:30:fb:
85:68:c6:68:2f:25:d3:d6:bc:c8:78:37:dd:d1:82:37:91:31:
15:1a:40:99:84:da:d0:0e:92:97:13:4d:45:32:48:8f:d3:0f:
0f:90:4f:34:62:65:cd:d6:21:fa:41:90:ef:f5:76:16:5a:a7:
a0:bc:80:24:47:03:87:9e:57:1e:dc:f6:66:60:f5:f0:49:2c:
4b:30:ec:29:ac:59:50:36:a7:bb:f9:fe:0c:bd:47:13:86:bf:
28:cd:25:2e:df:bc:70:f5:7a:1b:c7:a5:db:dd:88:89:6e:c5:
ff:7e:f7:16:df:6f:44:b2:03:eb:01:67:e8:1d:bc:7c:df:f1:
74:1f:5c:58:2c:44:d2:ba:b0:21:11:66:3b:42:8a:c4:67:7c:
b2:c2:19:8f:91:26:2a:ff:6d:7b:16:76:f2:27:ac:5a:23:4a:
61:56:ba:9e:a5:e1:ed:de:fb:df:c8:96:22:1f:c8:cf:ee:c6:
b1:9d:3c:c2:93:6c:4b:03:66:20:98:6d:d9:87:5b:c0:18:2a:
e9:85:33:e8:af:0d:01:71:2e:75:ec:43:7d:0e:3e:d9:5e:6d:
45:43:89:d1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVt8T44Q9YdekO6ePidewmaJ3zwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTRaFw0yNDEwMTgxMzQxNTRaMDMxMTAvBgNV
BAMTKDNCOUIxOUY5MEM3M0M0OEU2QjU2RUVBNjEyQzk0NTQzNTYzODdCNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPJIaGDWP0HJWS+PSWJ/6Qi+6M
OYuM4E+QSSuLHtA47qlBngiC1Ywsz2JYyOqo0lIfAEyEJPv2nlxhaqhHfHlYtL6z
cWaIkvsrWOAsK1lUK8JGtHBGcp5SU0+x72fgHvNmLvyoWfsNMmoyiEv95TcynLVn
aTMgI0bsrX63M/hR6XWv+hhynqYp0rtE18L0JyZmRckoX3iI9HLuxtLIKYgUaJ4S
7FmlNUnYqCk5P1x42KtZ+Ok5AxVCejAzvN910/ru9kVIRQi7XGdOWaqMhIc4NQgZ
TS+a9/41QZBs8Q2gcnQOggfADO61HD5n/NazR/v+JU4fvK+E2oeRlaOvd8xbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUO5sZ+QxzxI5rVu6mEslFQ1Y4e1wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5u+gwDQYJKoZIhvcNAQELBQADggEBAA6/3QfhPLyzgYIAjpQvb4wb7VqJtP92
PwiVq5y0vw5xepMw+4VoxmgvJdPWvMh4N93RgjeRMRUaQJmE2tAOkpcTTUUySI/T
Dw+QTzRiZc3WIfpBkO/1dhZap6C8gCRHA4eeVx7c9mZg9fBJLEsw7CmsWVA2p7v5
/gy9RxOGvyjNJS7fvHD1ehvHpdvdiIluxf9+9xbfb0SyA+sBZ+gdvHzf8XQfXFgs
RNK6sCERZjtCisRnfLLCGY+RJir/bXsWdvInrFojSmFWup6l4e3e+9/IliIfyM/u
xrGdPMKTbEsDZiCYbdmHW8AYKumFM+ivDQFxLnXsQ30OPtlebUVDidE=
-----END CERTIFICATE-----
Generated at Fri May 3 19:20:33 2024 by rpki-client on console-ams.rpki-client.org