Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
File: 3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: nRTblr9o+AgCWERgPRiMdd91k39kTT1xT/fD+YjrzIQ=
Subject key identifier: 9A:B3:22:5A:BE:CC:CC:FB:E0:CF:D3:23:05:83:E3:2A:89:92:62:6B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 16045C38463D1D13DA0104A22D580DB51C805A14
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
Signing time: Fri 20 Oct 2023 13:41:54 +0000
ROA not before: Fri 20 Oct 2023 13:36:54 +0000
ROA not after: Fri 18 Oct 2024 13:41:54 +0000
asID: 61317
IP address blocks: 185.241.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:04:5c:38:46:3d:1d:13:da:01:04:a2:2d:58:0d:b5:1c:80:5a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:54 2023 GMT
Not After : Oct 18 13:41:54 2024 GMT
Subject: CN=9AB3225ABECCCCFBE0CFD3230583E32A8992626B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:72:6d:5d:8a:96:0d:ee:44:e6:0c:34:c8:ad:
32:77:6f:d7:83:af:ae:d5:7d:68:e1:0e:db:7f:5b:
6c:62:c0:f8:8b:28:cf:53:8b:95:21:0f:bb:a0:7d:
44:4d:f3:01:d5:72:39:a3:6d:30:ed:a1:2e:08:ee:
10:3e:ce:bb:58:59:cd:d4:67:50:f5:3c:0b:99:5e:
66:59:be:d2:06:e4:00:f4:36:f4:49:bc:c7:95:0c:
94:ce:06:d4:6b:ef:47:dc:4e:b9:72:02:d7:56:e5:
6e:ef:59:9a:48:1b:86:26:58:12:63:64:9d:20:57:
8c:51:b6:b5:9d:ea:cd:78:76:1c:ca:54:83:03:64:
9b:b1:45:88:7a:65:77:02:28:1b:ef:2c:4f:89:2a:
5d:82:b9:55:3e:2e:78:21:4c:1d:17:1f:2d:7e:58:
90:b9:5a:4e:f6:a1:17:94:b2:3a:31:bc:19:7c:f8:
29:33:5e:b7:8e:ad:8f:de:0e:12:b7:0f:d2:cf:1c:
24:da:3a:39:94:e6:6c:49:62:0b:a3:8e:81:a0:a6:
60:3d:65:a4:60:4b:fe:62:ab:05:9b:42:8a:19:8b:
d8:d0:bf:5d:15:1b:4a:af:1a:1c:d5:1d:a1:9c:63:
3e:eb:7f:da:8b:31:df:0a:dd:5e:56:89:a4:21:62:
2d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B3:22:5A:BE:CC:CC:FB:E0:CF:D3:23:05:83:E3:2A:89:92:62:6B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.148.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:22:51:bf:f9:45:34:0f:79:af:1e:86:dc:30:36:b0:f6:b2:
be:8f:ce:07:26:86:f7:b9:98:0d:57:50:73:03:ec:34:b6:35:
7b:e4:8b:d9:9c:a0:0e:ef:e9:fb:9a:35:3b:a6:67:8a:77:c4:
7c:78:a3:78:60:07:72:7a:99:1d:a9:4e:36:72:b1:89:fb:fe:
b2:9c:f6:2f:c6:17:26:2a:e7:d1:6a:43:b2:1b:e8:f2:da:bb:
89:a4:85:c8:80:09:1d:77:91:7c:9a:3f:75:e6:b9:fb:c8:dc:
95:a5:3d:12:b1:4a:5b:97:c7:a6:55:9b:c9:d8:c1:70:b4:d6:
cb:1e:3f:d0:5f:f2:08:53:52:10:10:f3:0a:14:d1:23:e9:07:
05:82:42:7b:3f:e9:ae:35:a1:71:3e:ce:c3:2e:cf:b9:c6:ef:
7e:71:6e:f9:41:5c:91:fc:d1:14:f3:36:e4:f8:ee:c3:32:f3:
63:3e:8a:b4:1f:dc:16:51:fe:da:c8:0e:a4:9b:5b:12:98:a6:
bb:bc:67:18:4b:33:93:d7:c1:79:d3:34:1a:79:8f:a4:b4:66:
d4:7d:c3:d7:32:30:6f:c2:56:e5:47:1e:38:b4:26:2e:0a:a2:
48:3c:87:23:ab:a9:82:ce:49:1a:e2:28:1b:bb:36:59:8a:51:
dc:e0:87:d3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFgRcOEY9HRPaAQSiLVgNtRyAWhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTRaFw0yNDEwMTgxMzQxNTRaMDMxMTAvBgNV
BAMTKDlBQjMyMjVBQkVDQ0NDRkJFMENGRDMyMzA1ODNFMzJBODk5MjYyNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVcm1dipYN7kTmDDTIrTJ3b9eD
r67VfWjhDtt/W2xiwPiLKM9Ti5UhD7ugfURN8wHVcjmjbTDtoS4I7hA+zrtYWc3U
Z1D1PAuZXmZZvtIG5AD0NvRJvMeVDJTOBtRr70fcTrlyAtdW5W7vWZpIG4YmWBJj
ZJ0gV4xRtrWd6s14dhzKVIMDZJuxRYh6ZXcCKBvvLE+JKl2CuVU+LnghTB0XHy1+
WJC5Wk72oReUsjoxvBl8+CkzXreOrY/eDhK3D9LPHCTaOjmU5mxJYgujjoGgpmA9
ZaRgS/5iqwWbQooZi9jQv10VG0qvGhzVHaGcYz7rf9qLMd8K3V5WiaQhYi3NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmrMiWr7MzPvgz9MjBYPjKomSYmswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG58ZQwDQYJKoZIhvcNAQELBQADggEBAA4iUb/5RTQPea8ehtwwNrD2sr6Pzgcm
hve5mA1XUHMD7DS2NXvki9mcoA7v6fuaNTumZ4p3xHx4o3hgB3J6mR2pTjZysYn7
/rKc9i/GFyYq59FqQ7Ib6PLau4mkhciACR13kXyaP3XmufvI3JWlPRKxSluXx6ZV
m8nYwXC01sseP9Bf8ghTUhAQ8woU0SPpBwWCQns/6a41oXE+zsMuz7nG735xbvlB
XJH80RTzNuT47sMy82M+irQf3BZR/trIDqSbWxKYpru8ZxhLM5PXwXnTNBp5j6S0
ZtR9w9cyMG/CVuVHHji0Ji4Kokg8hyOrqYLOSRriKBu7NlmKUdzgh9M=
-----END CERTIFICATE-----
Generated at Sat May 4 11:29:15 2024 by rpki-client on console-ams.rpki-client.org