Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138312e3231362e302f32332d3234203d3e203437353833.roa
File: 352e3138312e3231362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: U+QJb0qyV2KQE7q5j/xWXdOzH3XsQlMFqZACjioiK2Y=
Subject key identifier: B1:B3:41:C1:00:EF:A9:5F:23:99:41:EF:9D:5D:74:A3:57:78:88:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3FF160E986DB2BDA5C5B70462D1123CF18F3D48C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138312e3231362e302f32332d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:04 +0000
ROA not before: Mon 26 Feb 2024 08:48:04 +0000
ROA not after: Mon 24 Feb 2025 08:53:04 +0000
asID: 47583
IP address blocks: 5.181.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f1:60:e9:86:db:2b:da:5c:5b:70:46:2d:11:23:cf:18:f3:d4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:04 2024 GMT
Not After : Feb 24 08:53:04 2025 GMT
Subject: CN=B1B341C100EFA95F239941EF9D5D74A35778888D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:07:57:1e:21:eb:44:3d:72:56:6a:d1:d9:
fb:b9:d4:cb:85:46:f6:9f:9f:c3:e2:b3:4d:f7:76:
1c:13:9e:af:95:de:30:93:2b:17:35:be:fa:b2:4f:
0b:e9:e5:35:ac:da:d1:78:60:4c:35:c9:53:91:49:
af:83:49:25:a0:ec:e4:f3:09:aa:65:92:9f:d4:b0:
34:03:0e:c1:19:d6:47:1e:36:dd:ce:bb:94:39:4d:
92:33:c7:44:20:81:a5:57:d6:9d:f3:ab:b5:5d:6a:
7c:c8:e2:ad:67:74:86:86:c8:5f:0c:a5:75:b8:12:
8a:36:f4:b5:d2:d6:9d:55:d9:0e:82:a4:02:f8:de:
d3:23:12:37:63:96:d4:c3:11:1e:23:b3:62:13:50:
3d:ae:b5:5c:a5:9d:d6:4b:f0:44:a3:46:00:47:b6:
fd:90:6e:c5:a1:fe:e6:15:8a:68:b0:ad:6f:e9:b9:
f7:c2:10:0e:27:e7:3d:1c:eb:f7:ad:e9:0b:ae:ce:
e9:df:ca:7a:5c:12:be:6d:0d:d2:0f:78:da:8f:a5:
2b:07:b6:6d:c6:89:d3:d9:96:60:23:dd:45:87:df:
48:c9:cb:76:bd:ab:c4:50:9e:63:a9:79:5a:f2:c4:
aa:b7:20:2d:ca:17:cf:b2:ef:d1:07:ee:49:14:dd:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B3:41:C1:00:EF:A9:5F:23:99:41:EF:9D:5D:74:A3:57:78:88:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3138312e3231362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.216.0/23
Signature Algorithm: sha256WithRSAEncryption
48:88:7c:ae:16:7b:0a:07:71:9e:d4:67:57:d1:73:c2:46:32:
18:c6:9b:6a:d6:ac:1e:ac:08:1b:c2:6f:23:0e:5b:1f:4a:2a:
78:13:03:a7:f3:b5:eb:a0:de:27:36:4c:43:b6:15:5b:0e:e5:
b3:9c:02:e8:c4:ea:2e:1f:74:22:e6:0f:04:bb:e9:21:d5:e6:
7e:d1:71:bf:c3:ff:13:35:ba:b7:a7:f0:6d:46:e8:20:7f:a2:
f6:53:44:9f:58:ee:d9:e1:41:b6:81:d8:c5:91:52:25:3c:e3:
99:a3:2c:c0:1e:09:b8:64:24:a9:25:aa:91:54:49:bc:9c:9e:
44:e6:ab:45:48:93:88:3b:da:43:68:44:33:58:c5:9e:30:ba:
30:bf:2b:fd:c7:52:e8:4d:a4:46:3b:bd:d4:7d:03:c6:e0:69:
51:b8:b6:03:77:7e:1d:74:5a:09:b1:b6:99:15:4e:4c:c3:88:
f2:5b:4e:00:f2:ee:49:f6:d5:15:78:de:be:bd:a7:00:b5:c5:
e7:8c:8c:05:d9:f7:dd:0b:e4:ef:40:0f:8b:ab:77:de:98:53:
33:df:78:27:f4:ea:32:d3:df:1e:7f:be:16:86:22:0a:b5:d2:
50:2c:50:d8:b7:18:22:dd:09:75:a8:d8:32:f5:22:ee:52:be:
43:9f:c7:1a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUP/Fg6YbbK9pcW3BGLREjzxjz1IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDRaFw0yNTAyMjQwODUzMDRaMDMxMTAvBgNV
BAMTKEIxQjM0MUMxMDBFRkE5NUYyMzk5NDFFRjlENUQ3NEEzNTc3ODg4OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKJgdXHiHrRD1yVmrR2fu51MuF
Rvafn8Pis033dhwTnq+V3jCTKxc1vvqyTwvp5TWs2tF4YEw1yVORSa+DSSWg7OTz
Caplkp/UsDQDDsEZ1kceNt3Ou5Q5TZIzx0QggaVX1p3zq7VdanzI4q1ndIaGyF8M
pXW4Eoo29LXS1p1V2Q6CpAL43tMjEjdjltTDER4js2ITUD2utVylndZL8ESjRgBH
tv2QbsWh/uYVimiwrW/puffCEA4n5z0c6/et6QuuzunfynpcEr5tDdIPeNqPpSsH
tm3GidPZlmAj3UWH30jJy3a9q8RQnmOpeVryxKq3IC3KF8+y79EH7kkU3YcbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUsbNBwQDvqV8jmUHvnV10o1d4iI0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzUyZTMxMzgzMTJlMzIzMTM2
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQW1
2DANBgkqhkiG9w0BAQsFAAOCAQEASIh8rhZ7CgdxntRnV9FzwkYyGMabatasHqwI
G8JvIw5bH0oqeBMDp/O166DeJzZMQ7YVWw7ls5wC6MTqLh90IuYPBLvpIdXmftFx
v8P/EzW6t6fwbUboIH+i9lNEn1ju2eFBtoHYxZFSJTzjmaMswB4JuGQkqSWqkVRJ
vJyeROarRUiTiDvaQ2hEM1jFnjC6ML8r/cdS6E2kRju91H0DxuBpUbi2A3d+HXRa
CbG2mRVOTMOI8ltOAPLuSfbVFXjevr2nALXF54yMBdn33Qvk70APi6t33phTM994
J/TqMtPfHn++FoYiCrXSUCxQ2LcYIt0JdajYMvUi7lK+Q5/HGg==
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:05 2024 by rpki-client on console-fra.rpki-client.org