Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: qVVh5E9YlfTKlGCAhNGXFUCSQFpEodsXK8vy3kDaMzM=
Subject key identifier: FD:B1:66:82:62:24:66:AF:1F:91:49:73:A0:A9:53:C1:09:75:AD:99
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7F0C78A30A470FF70380379E11F92BB5650BBE93
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 20 Oct 2023 13:41:55 +0000
ROA not before: Fri 20 Oct 2023 13:36:55 +0000
ROA not after: Fri 18 Oct 2024 13:41:55 +0000
asID: 141039
IP address blocks: 185.203.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0c:78:a3:0a:47:0f:f7:03:80:37:9e:11:f9:2b:b5:65:0b:be:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:55 2023 GMT
Not After : Oct 18 13:41:55 2024 GMT
Subject: CN=FDB16682622466AF1F914973A0A953C10975AD99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a3:7a:78:44:60:11:75:11:dc:57:6f:0c:7e:
81:dc:6b:9d:a8:1b:c7:70:c4:3c:fb:70:c8:ad:47:
3c:ff:d2:68:ea:8a:b0:ec:33:e9:19:4d:a7:5d:87:
83:20:df:97:c6:c7:8a:e4:f4:b9:cf:1a:2d:e3:7a:
4a:30:2d:2f:f0:d8:11:04:4f:cb:0c:55:9c:a6:e7:
52:9f:40:44:1f:26:c0:43:ac:ae:70:ec:81:f5:a0:
34:5e:7e:3e:2a:a1:0c:57:22:2e:5f:65:58:f6:66:
60:88:68:dd:c5:f8:a7:bc:77:ef:3f:ad:7e:15:6a:
43:84:cc:f9:00:da:c3:98:cd:8d:4d:8b:ba:6e:34:
0a:27:cb:43:a7:52:d9:d2:b7:fa:aa:9b:14:5e:40:
9d:0d:96:5f:62:e0:00:1a:f5:43:04:05:a7:fd:1e:
be:1f:45:c9:3d:e6:42:a0:7b:de:87:a3:05:1f:0c:
c7:ad:b4:4b:22:ce:f7:dd:d1:39:5b:32:05:b6:ee:
2b:e1:da:ff:18:cf:be:08:cd:a8:e2:68:04:c3:4a:
1c:47:35:34:e8:e5:80:d5:0f:cb:69:77:a8:d5:16:
da:e5:f6:d8:e7:7f:2a:87:a3:6f:15:02:57:e8:29:
ce:38:c7:85:16:2d:50:c5:d0:55:63:74:1e:6c:d7:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:66:82:62:24:66:AF:1F:91:49:73:A0:A9:53:C1:09:75:AD:99
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231382e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.218.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8b:9a:92:91:e7:2a:35:84:09:65:07:9f:1d:5c:b0:07:c3:
99:39:ce:ef:86:eb:f1:b5:03:31:54:7a:05:14:43:b8:ef:5c:
1b:0f:d2:ed:e7:1f:32:ed:3f:d4:fd:6e:1c:2a:63:a4:4a:f7:
14:22:39:a1:2b:b6:4f:cc:ce:08:8a:77:ce:68:4a:02:ec:5a:
4d:f1:30:1e:02:dd:0d:01:df:1a:21:ef:83:44:0e:cd:51:d6:
4a:82:db:9d:d3:2f:75:97:9a:0c:28:1f:cc:94:85:29:65:c3:
ee:48:2f:9c:99:78:bc:70:c0:c9:68:48:59:7d:ae:2c:86:25:
68:26:1d:69:54:bb:b6:b7:15:e1:30:38:8c:6a:28:d9:9e:79:
f4:b0:9c:a1:5d:14:19:a8:d0:9a:27:39:dd:50:c6:24:fe:b1:
be:01:6e:9d:5d:6c:04:58:64:f3:19:4b:1f:63:ae:05:17:65:
55:b1:eb:d8:70:55:b3:2b:61:da:9f:70:68:34:16:ce:5b:fa:
9f:ba:b3:15:cb:80:5d:a4:7c:e5:8c:b6:e3:48:71:cc:94:85:
ee:c0:7a:cb:41:b7:e2:e2:51:3a:34:1a:b0:71:0d:ed:6f:d5:
45:0d:ae:7e:5a:47:5b:66:e2:e9:ab:7f:05:75:27:08:0d:8a:
87:3b:5d:40
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfwx4owpHD/cDgDeeEfkrtWULvpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTVaFw0yNDEwMTgxMzQxNTVaMDMxMTAvBgNV
BAMTKEZEQjE2NjgyNjIyNDY2QUYxRjkxNDk3M0EwQTk1M0MxMDk3NUFEOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvo3p4RGARdRHcV28MfoHca52o
G8dwxDz7cMitRzz/0mjqirDsM+kZTaddh4Mg35fGx4rk9LnPGi3jekowLS/w2BEE
T8sMVZym51KfQEQfJsBDrK5w7IH1oDRefj4qoQxXIi5fZVj2ZmCIaN3F+Ke8d+8/
rX4VakOEzPkA2sOYzY1Ni7puNAony0OnUtnSt/qqmxReQJ0Nll9i4AAa9UMEBaf9
Hr4fRck95kKge96HowUfDMettEsizvfd0TlbMgW27ivh2v8Yz74IzajiaATDShxH
NTTo5YDVD8tpd6jVFtrl9tjnfyqHo28VAlfoKc44x4UWLVDF0FVjdB5s1/jnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU/bFmgmIkZq8fkUlzoKlTwQl1rZkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnL2jANBgkqhkiG9w0BAQsFAAOCAQEAAYuakpHnKjWECWUHnx1csAfDmTnO
74br8bUDMVR6BRRDuO9cGw/S7ecfMu0/1P1uHCpjpEr3FCI5oSu2T8zOCIp3zmhK
AuxaTfEwHgLdDQHfGiHvg0QOzVHWSoLbndMvdZeaDCgfzJSFKWXD7kgvnJl4vHDA
yWhIWX2uLIYlaCYdaVS7trcV4TA4jGoo2Z559LCcoV0UGajQmic53VDGJP6xvgFu
nV1sBFhk8xlLH2OuBRdlVbHr2HBVsyth2p9waDQWzlv6n7qzFcuAXaR85Yy240hx
zJSF7sB6y0G34uJROjQasHEN7W/VRQ2uflpHW2bi6at/BXUnCA2KhztdQA==
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:06 2024 by rpki-client on console-ams.rpki-client.org