Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa (raw, json)
Hash identifier: VlZDC78Ttufq1CNcYeo1RYowYWQBs/VARPJqH4qwT1Q=
Subject key identifier: D9:98:9E:5D:16:A7:E3:4A:25:61:AB:2A:48:35:AA:65:1D:37:AA:4D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 62F49DF61B6E58217581ECA23FDA0414CF616CCB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
Signing time: Fri 20 Oct 2023 13:41:49 +0000
ROA not before: Fri 20 Oct 2023 13:36:49 +0000
ROA not after: Fri 18 Oct 2024 13:41:49 +0000
asID: 206804
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:f4:9d:f6:1b:6e:58:21:75:81:ec:a2:3f:da:04:14:cf:61:6c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:49 2023 GMT
Not After : Oct 18 13:41:49 2024 GMT
Subject: CN=D9989E5D16A7E34A2561AB2A4835AA651D37AA4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:0c:62:7d:ab:c6:5b:81:a8:fc:54:5f:19:
3d:54:fc:43:2e:19:f5:9e:e3:a0:88:70:09:b3:5e:
07:21:35:f7:ea:b1:0f:eb:e8:53:2e:63:3e:9d:95:
f2:4b:ec:14:56:6a:97:d7:bc:54:fc:0f:00:ca:91:
95:6e:b1:31:72:23:c9:8f:66:30:db:bd:01:26:6d:
05:c9:cf:9c:24:86:ce:0b:d2:ad:f3:cd:33:75:f5:
b9:d6:84:ea:40:a8:e4:5b:4d:6b:78:d3:db:d5:5b:
24:b6:9a:36:58:98:dc:9d:1f:29:3c:53:cb:2c:4f:
d3:50:c4:cd:86:f4:6f:cb:02:fe:28:49:2e:af:93:
d4:15:da:61:63:40:85:93:a2:65:9d:8c:b1:eb:43:
13:35:9a:db:52:e0:29:10:26:78:db:5c:44:37:80:
98:b1:92:f7:86:db:81:2d:cc:1d:8b:ed:2a:47:ae:
ac:fe:69:0f:f0:39:88:53:bc:7c:e3:93:d4:ca:48:
15:72:14:12:9c:46:15:2b:4f:72:da:05:82:63:d0:
06:05:7d:6c:d5:9d:80:02:04:e4:92:10:5a:76:ed:
85:bd:fa:d9:f0:82:04:53:c4:2c:de:0d:6e:bc:29:
6d:22:df:73:4a:13:4c:8b:26:f3:4f:70:3c:23:8f:
15:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:98:9E:5D:16:A7:E3:4A:25:61:AB:2A:48:35:AA:65:1D:37:AA:4D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323036383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:db:cf:b7:55:5f:a1:86:3f:6d:57:b5:af:28:b2:7f:12:5d:
99:97:f1:5e:fa:3a:10:dc:ae:19:a8:e4:44:23:c4:df:38:93:
9c:0b:a9:cf:6b:6d:a0:37:5f:15:9d:93:e3:80:80:73:86:a5:
d9:83:be:a0:99:0e:bb:21:94:fb:d1:73:43:da:98:bc:42:78:
76:50:7b:6b:37:3a:64:7e:97:53:a9:17:27:93:e9:4c:89:4c:
c6:48:64:0a:22:8a:31:49:c6:ad:26:cb:ae:7f:36:9f:01:25:
83:68:a8:e2:76:9c:5b:d3:ca:7f:08:96:09:e9:26:34:28:6a:
dd:62:1c:4c:c1:c9:47:c0:c0:90:86:b7:d7:96:43:bc:6d:6d:
ed:2b:5b:72:86:36:0b:93:32:2f:5b:f7:4b:86:cc:e8:be:27:
77:6e:a0:10:30:37:5f:d3:11:2c:6b:17:72:da:37:5d:38:c0:
f7:79:09:2b:bb:e4:4f:7d:5d:d4:be:81:ed:c7:6d:03:0d:50:
cf:b4:c2:47:63:98:d2:fd:05:48:06:4b:b9:83:ba:ae:ca:bc:
d0:e4:6f:dd:37:17:c2:f5:f0:73:2c:7b:7d:fe:2a:60:8d:d9:
18:6d:9f:db:8e:ac:b1:95:ec:84:04:8a:84:2d:c9:69:81:c0:
2d:9f:13:e1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYvSd9htuWCF1geyiP9oEFM9hbMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDlaFw0yNDEwMTgxMzQxNDlaMDMxMTAvBgNV
BAMTKEQ5OTg5RTVEMTZBN0UzNEEyNTYxQUIyQTQ4MzVBQTY1MUQzN0FBNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC65QxifavGW4Go/FRfGT1U/EMu
GfWe46CIcAmzXgchNffqsQ/r6FMuYz6dlfJL7BRWapfXvFT8DwDKkZVusTFyI8mP
ZjDbvQEmbQXJz5wkhs4L0q3zzTN19bnWhOpAqORbTWt409vVWyS2mjZYmNydHyk8
U8ssT9NQxM2G9G/LAv4oSS6vk9QV2mFjQIWTomWdjLHrQxM1mttS4CkQJnjbXEQ3
gJixkveG24EtzB2L7SpHrqz+aQ/wOYhTvHzjk9TKSBVyFBKcRhUrT3LaBYJj0AYF
fWzVnYACBOSSEFp27YW9+tnwggRTxCzeDW68KW0i33NKE0yLJvNPcDwjjxWhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2ZieXRan40olYasqSDWqZR03qk0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNjM4MzAzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAPNvPt1VfoYY/bVe1ryiyfxJdmZfx
Xvo6ENyuGajkRCPE3ziTnAupz2ttoDdfFZ2T44CAc4al2YO+oJkOuyGU+9FzQ9qY
vEJ4dlB7azc6ZH6XU6kXJ5PpTIlMxkhkCiKKMUnGrSbLrn82nwElg2io4nacW9PK
fwiWCekmNChq3WIcTMHJR8DAkIa315ZDvG1t7StbcoY2C5MyL1v3S4bM6L4nd26g
EDA3X9MRLGsXcto3XTjA93kJK7vkT31d1L6B7cdtAw1Qz7TCR2OY0v0FSAZLuYO6
rsq80ORv3TcXwvXwcyx7ff4qYI3ZGG2f246ssZXshASKhC3JaYHALZ8T4Q==
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:47 2024 by rpki-client on console-fra.rpki-client.org