Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
File: 3138352e322e3230362e302f32342d3234203d3e203531303539.roa (raw, json)
Hash identifier: 9PHwyvRKIN8CC6tqDO30+rEY1zs7yflQXhOG4HrGiyk=
Subject key identifier: A3:56:E1:24:E6:C3:93:6D:FA:F4:EE:88:FA:2B:1F:1D:DC:80:EE:73
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 02872093983BA2D54FCCFFACC7C54C09CAC57A48
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
Signing time: Tue 07 Nov 2023 09:47:07 +0000
ROA not before: Tue 07 Nov 2023 09:42:07 +0000
ROA not after: Tue 05 Nov 2024 09:47:07 +0000
asID: 51059
IP address blocks: 185.2.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:87:20:93:98:3b:a2:d5:4f:cc:ff:ac:c7:c5:4c:09:ca:c5:7a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Nov 7 09:42:07 2023 GMT
Not After : Nov 5 09:47:07 2024 GMT
Subject: CN=A356E124E6C3936DFAF4EE88FA2B1F1DDC80EE73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:c6:a3:d9:f0:9c:13:a9:b9:69:b2:23:c6:
e4:2c:41:78:34:57:09:84:88:ba:e1:23:16:c1:9f:
fd:0f:77:2a:2f:42:e7:14:86:cd:ad:54:85:55:93:
31:1a:bb:00:88:d7:99:f8:4c:aa:05:fb:d6:df:37:
93:9f:f7:21:74:01:2d:30:f9:63:3f:fb:a7:fb:f6:
f3:79:ab:ad:25:94:40:f6:8d:c6:f0:44:92:ff:b0:
01:24:97:3a:7b:5e:6b:06:e9:d0:63:6b:6b:0e:8b:
b8:14:5f:d1:ce:6e:08:e2:16:d9:32:a7:0b:9d:ab:
46:7a:b1:15:66:0e:ca:41:eb:d5:95:b2:66:63:8f:
15:ce:31:f0:58:24:c7:81:77:00:e2:de:41:41:eb:
e4:58:a5:01:69:f6:38:c8:e4:4a:34:19:04:99:2b:
0a:e6:fa:9c:a4:05:34:9f:ba:13:42:8b:50:3a:fb:
77:95:32:85:99:b1:e8:84:f7:7f:3a:a7:29:57:c1:
48:ec:40:78:06:dd:af:c5:3e:c8:97:94:6b:bf:70:
97:68:7e:78:f4:50:86:24:23:c2:ad:ce:6d:0b:5e:
96:2e:52:85:96:91:99:52:47:2b:4b:6f:98:4d:39:
01:ab:95:49:a7:22:50:fb:6b:da:af:dd:fb:7e:7b:
25:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:56:E1:24:E6:C3:93:6D:FA:F4:EE:88:FA:2B:1F:1D:DC:80:EE:73
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230362e302f32342d3234203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.206.0/24
Signature Algorithm: sha256WithRSAEncryption
86:11:bc:ce:a3:cc:7e:7d:98:e5:f8:4f:84:73:dc:99:f4:94:
fb:b2:f4:9c:df:1d:89:01:ad:f1:19:04:97:df:69:fe:3d:7d:
09:93:75:57:8e:37:28:fb:15:b4:44:62:33:e5:ab:92:b5:31:
81:e0:de:41:ba:53:c6:9e:d7:bb:f8:1f:00:82:53:a8:63:97:
a9:63:a8:12:b0:15:b8:c9:64:0a:13:6b:26:6b:00:0d:68:c1:
c5:6e:7b:48:55:15:20:1c:0a:02:da:7d:7d:e5:f4:d8:df:f9:
63:51:0a:ea:ba:81:fa:a3:4e:92:16:c9:49:5b:00:72:ce:dd:
8c:d6:a1:ea:de:cd:9b:91:53:05:b8:6e:e8:23:e7:43:5d:02:
eb:92:da:90:fc:f3:d7:5a:c2:7e:91:d5:4b:70:2c:66:b1:3f:
cb:b4:18:b1:b3:d3:4d:de:36:3c:9c:e4:d0:e8:98:6a:65:38:
dc:89:a6:cc:31:f6:e5:78:26:3f:ae:9b:cc:ec:fe:01:35:3c:
f6:54:4c:7e:4d:4a:c8:0d:c0:9f:ad:d9:7f:ce:8a:21:8b:46:
2a:fc:87:c8:bf:f0:94:96:35:bd:ef:6e:f8:ac:88:1d:df:23:
da:61:84:2e:4e:0c:43:9b:bf:7a:e5:4b:d1:c7:75:dc:02:b8:
2c:0a:28:a1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAocgk5g7otVPzP+sx8VMCcrFekgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yMzExMDcwOTQyMDdaFw0yNDExMDUwOTQ3MDdaMDMxMTAvBgNV
BAMTKEEzNTZFMTI0RTZDMzkzNkRGQUY0RUU4OEZBMkIxRjFEREM4MEVFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz7saj2fCcE6m5abIjxuQsQXg0
VwmEiLrhIxbBn/0PdyovQucUhs2tVIVVkzEauwCI15n4TKoF+9bfN5Of9yF0AS0w
+WM/+6f79vN5q60llED2jcbwRJL/sAEklzp7XmsG6dBja2sOi7gUX9HObgjiFtky
pwudq0Z6sRVmDspB69WVsmZjjxXOMfBYJMeBdwDi3kFB6+RYpQFp9jjI5Eo0GQSZ
Kwrm+pykBTSfuhNCi1A6+3eVMoWZseiE9386pylXwUjsQHgG3a/FPsiXlGu/cJdo
fnj0UIYkI8Ktzm0LXpYuUoWWkZlSRytLb5hNOQGrlUmnIlD7a9qv3ft+eyVDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUo1bhJObDk2369O6I+isfHdyA7nMwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzODM1MmUzMjJlMzIzMDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMwMzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkC
zjANBgkqhkiG9w0BAQsFAAOCAQEAhhG8zqPMfn2Y5fhPhHPcmfSU+7L0nN8diQGt
8RkEl99p/j19CZN1V443KPsVtERiM+WrkrUxgeDeQbpTxp7Xu/gfAIJTqGOXqWOo
ErAVuMlkChNrJmsADWjBxW57SFUVIBwKAtp9feX02N/5Y1EK6rqB+qNOkhbJSVsA
cs7djNah6t7Nm5FTBbhu6CPnQ10C65LakPzz11rCfpHVS3AsZrE/y7QYsbPTTd42
PJzk0OiYamU43ImmzDH25XgmP66bzOz+ATU89lRMfk1KyA3An63Zf86KIYtGKvyH
yL/wlJY1ve9u+KyIHd8j2mGELk4MQ5u/euVL0cd13AK4LAoooQ==
-----END CERTIFICATE-----
Generated at Fri May 31 23:16:06 2024 by rpki-client on console-ams.rpki-client.org