Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
File: 3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa (raw, json)
Hash identifier: VfbGdqr+JvSamAhoh8VBRFeg9I53oT0fQqDs2q3TpCY=
Subject key identifier: C6:53:87:5F:D2:6B:76:C2:B0:D6:BD:92:3E:C9:DD:3F:5B:50:00:82
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 0D93F1CB403C3722589927C00367A4B58BC3311B
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
Signing time: Thu 21 Nov 2024 14:43:28 +0000
ROA not before: Thu 21 Nov 2024 14:38:28 +0000
ROA not after: Thu 20 Nov 2025 14:43:28 +0000
asID: 400909
IP address blocks: 178.208.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 10:42:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:93:f1:cb:40:3c:37:22:58:99:27:c0:03:67:a4:b5:8b:c3:31:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Nov 21 14:38:28 2024 GMT
Not After : Nov 20 14:43:28 2025 GMT
Subject: CN=C653875FD26B76C2B0D6BD923EC9DD3F5B500082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:66:2e:4b:6d:a1:e9:6b:93:58:c5:26:8b:ac:
10:99:27:d3:d5:39:55:fe:ed:82:c5:63:64:07:ab:
3f:ed:33:52:33:c1:83:34:37:9d:c6:49:cd:89:85:
15:f1:de:d7:88:99:92:0f:b5:20:15:4c:89:8f:70:
cc:0b:ce:eb:a7:91:8a:fb:46:d4:7d:a8:96:1a:1b:
da:3b:68:9a:81:1c:f8:92:57:71:6b:15:ee:b2:ee:
95:12:22:f8:e2:7a:26:aa:9e:a2:c0:02:b3:76:2c:
f5:88:83:6b:67:a7:27:93:b4:80:dd:77:36:6e:8e:
84:4c:12:eb:e9:cb:68:7e:a9:b1:b4:ff:0a:28:21:
39:f1:df:79:f0:29:16:de:37:61:83:b3:db:22:c2:
3a:5f:f7:ae:bd:6f:6f:c8:26:61:4b:dc:67:b3:e2:
ec:0f:ab:dd:a0:92:33:ed:d7:c0:63:52:d7:8b:4a:
f2:be:84:80:8b:87:bd:38:f0:e2:06:83:40:4b:ca:
6e:55:34:cd:fb:1e:63:a3:d3:71:c4:e1:02:9c:82:
10:20:a8:7a:58:77:fd:b1:94:92:bb:66:76:39:75:
c8:1b:b2:30:58:f1:fa:75:5c:7f:e0:ec:1f:79:35:
c3:c5:cc:af:9f:34:57:75:e0:11:d8:ed:f8:b5:d6:
72:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:53:87:5F:D2:6B:76:C2:B0:D6:BD:92:3E:C9:DD:3F:5B:50:00:82
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137382e302f32332d3233203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.178.0/23
Signature Algorithm: sha256WithRSAEncryption
22:64:d2:b2:51:74:7d:10:74:5e:73:e2:fb:9a:85:5f:2f:17:
a1:03:5e:8f:a5:03:06:8c:83:b8:c9:ec:ee:39:af:e5:06:c9:
ef:94:60:9f:15:80:20:6c:8e:a4:29:2c:57:13:6e:41:65:50:
61:77:52:cf:12:4d:73:b3:96:3c:aa:d5:1b:70:68:e3:ab:9e:
2e:84:c7:c4:4c:4e:c6:66:01:02:5f:a7:28:6a:21:8f:6c:3b:
16:4e:a0:6c:5e:81:f4:dd:b9:5c:fd:fb:6a:f4:e1:47:2e:cb:
87:a5:c5:35:d7:35:c3:b3:6a:1e:4e:c0:97:c6:58:b5:36:e0:
fa:c7:dd:7d:9d:9f:89:2a:94:00:c3:60:28:e2:b1:b9:49:38:
ef:76:93:85:45:53:6d:d7:b5:62:18:e7:cd:8b:68:59:90:02:
f5:fe:c9:f0:52:b3:a9:97:af:7a:cf:fe:d0:81:e3:a7:c5:2c:
42:ea:e0:8d:db:2e:f8:b1:ff:a6:87:cd:82:43:af:c2:c6:c8:
7a:9b:85:fc:19:72:14:b2:4c:99:79:cb:e5:ed:f6:50:fa:e7:
5d:a4:1b:19:2a:2f:f3:e5:37:57:8d:fc:d7:20:fc:db:60:49:
5c:08:47:0c:3a:0d:33:19:6b:8b:74:5f:f1:31:17:d8:fa:b4:
fd:20:59:52
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDZPxy0A8NyJYmSfAA2ektYvDMRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDExMjExNDM4MjhaFw0yNTExMjAxNDQzMjhaMDMxMTAvBgNV
BAMTKEM2NTM4NzVGRDI2Qjc2QzJCMEQ2QkQ5MjNFQzlERDNGNUI1MDAwODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjZi5LbaHpa5NYxSaLrBCZJ9PV
OVX+7YLFY2QHqz/tM1IzwYM0N53GSc2JhRXx3teImZIPtSAVTImPcMwLzuunkYr7
RtR9qJYaG9o7aJqBHPiSV3FrFe6y7pUSIvjieiaqnqLAArN2LPWIg2tnpyeTtIDd
dzZujoRMEuvpy2h+qbG0/wooITnx33nwKRbeN2GDs9siwjpf9669b2/IJmFL3Gez
4uwPq92gkjPt18BjUteLSvK+hICLh7048OIGg0BLym5VNM37HmOj03HE4QKcghAg
qHpYd/2xlJK7ZnY5dcgbsjBY8fp1XH/g7B95NcPFzK+fNFd14BHY7fi11nJzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxlOHX9JrdsKw1r2SPsndP1tQAIIwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzAzMDM5MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbLQsjANBgkqhkiG9w0BAQsFAAOCAQEAImTSslF0fRB0XnPi+5qFXy8XoQNe
j6UDBoyDuMns7jmv5QbJ75RgnxWAIGyOpCksVxNuQWVQYXdSzxJNc7OWPKrVG3Bo
46ueLoTHxExOxmYBAl+nKGohj2w7Fk6gbF6B9N25XP37avThRy7Lh6XFNdc1w7Nq
Hk7Al8ZYtTbg+sfdfZ2fiSqUAMNgKOKxuUk473aThUVTbde1YhjnzYtoWZAC9f7J
8FKzqZeves/+0IHjp8UsQurgjdsu+LH/pofNgkOvwsbIepuF/BlyFLJMmXnL5e32
UPrnXaQbGSov8+U3V4381yD822BJXAhHDDoNMxlri3Rf8TEX2Pq0/SBZUg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:16 2025 by rpki-client