Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e203130313033.roa
File: 3138352e322e3136302e302f32332d3233203d3e203130313033.roa (raw, json)
Hash identifier: 33zUHby3oxz4wj8BYiAKDnKFZKq7ahMTMDVjb6Xaft8=
Subject key identifier: 02:18:FD:71:32:DC:4E:FC:F7:FF:57:41:A9:75:D6:6A:75:4A:9E:A7
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 5955045326D4072CA6DE9CFC03C40BD1515AA2EB
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e203130313033.roa
Signing time: Mon 06 May 2024 10:17:31 +0000
ROA not before: Mon 06 May 2024 10:12:31 +0000
ROA not after: Mon 05 May 2025 10:17:31 +0000
asID: 10103
IP address blocks: 185.2.160.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:55:04:53:26:d4:07:2c:a6:de:9c:fc:03:c4:0b:d1:51:5a:a2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: May 6 10:12:31 2024 GMT
Not After : May 5 10:17:31 2025 GMT
Subject: CN=0218FD7132DC4EFCF7FF5741A975D66A754A9EA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8f:a8:7a:2a:0a:50:57:ae:6f:c6:e0:ff:54:
7e:d3:05:9d:71:86:d7:49:cc:8f:33:64:ba:70:5e:
41:db:d2:63:5d:fa:fa:56:af:3b:c4:89:96:7d:48:
ea:81:21:6c:5b:a0:31:13:fa:0e:20:7f:52:07:58:
b6:37:b3:06:8f:b6:3b:80:8c:e3:38:c7:3a:9c:ea:
d6:9c:cd:47:5c:dc:c9:67:7f:57:7d:8c:ed:6f:05:
00:e4:14:7c:33:cc:37:f6:5b:ed:b9:82:49:1d:00:
8b:9c:e8:be:eb:fd:3a:23:3c:48:70:12:66:b7:38:
df:cb:bb:72:17:4c:81:f3:25:84:86:9e:4a:51:6f:
1d:26:d7:4a:4d:93:51:5d:cc:28:18:c7:ad:2f:fd:
57:56:0f:38:19:e3:7c:8b:36:42:29:91:35:43:db:
0b:34:ee:17:d0:5d:bc:80:a0:cd:2b:c0:3d:1c:10:
b5:8c:e2:16:51:17:9b:e2:57:aa:60:e8:55:7a:c7:
41:99:1c:ff:60:38:a3:22:20:d5:b4:24:32:7c:b9:
b8:19:38:f0:d0:ff:03:c5:7d:41:c6:7e:db:bb:3a:
8a:2c:47:47:29:06:6b:25:ff:d9:e8:02:e9:95:83:
92:b2:ef:7e:29:64:5b:d1:9f:0d:c8:65:7f:9d:b1:
07:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:18:FD:71:32:DC:4E:FC:F7:FF:57:41:A9:75:D6:6A:75:4A:9E:A7
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e203130313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.160.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:88:ca:ee:02:6e:a5:7b:56:38:b9:dd:a2:fb:63:2c:90:c4:
23:52:9e:60:47:37:16:90:a9:b8:24:20:9b:f4:7f:28:05:67:
33:9e:b8:e1:89:d3:7e:21:fe:d4:3b:6d:8d:35:ee:53:5e:8a:
01:f6:c4:12:c3:79:0d:bc:a3:f5:da:2d:ed:8a:67:95:b8:a5:
f2:47:eb:7f:4f:80:18:bb:28:03:24:a9:db:59:75:65:f7:ea:
ac:64:ce:ba:97:75:69:4e:60:50:76:c0:a3:bf:03:73:b6:76:
9b:20:b1:f5:fd:5a:87:d9:50:96:8c:16:35:80:8c:3e:54:c6:
db:34:6f:6d:3a:9c:a5:46:00:67:d5:1f:e8:56:d7:cb:5f:d8:
8c:54:05:71:6c:ef:2e:84:d4:74:54:14:ef:8f:1f:4b:10:ed:
a8:b2:c8:61:f9:c3:5c:2c:2c:1d:4e:b5:de:21:a9:cc:ff:ef:
aa:9a:70:7b:10:d1:e5:33:2b:16:f6:f6:3d:b0:97:19:e0:8d:
41:fc:37:ec:f3:ee:65:cb:cb:1a:98:81:9f:ea:da:64:e6:89:
e9:d1:4e:57:ac:1a:27:56:5b:ce:f6:61:3f:ec:f1:48:42:8f:
d0:f4:f9:76:8e:be:8c:3b:81:5e:1d:28:14:40:64:bf:9d:6f:
74:05:e0:df
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWVUEUybUByym3pz8A8QL0VFaouswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDA1MDYxMDEyMzFaFw0yNTA1MDUxMDE3MzFaMDMxMTAvBgNV
BAMTKDAyMThGRDcxMzJEQzRFRkNGN0ZGNTc0MUE5NzVENjZBNzU0QTlFQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZj6h6KgpQV65vxuD/VH7TBZ1x
htdJzI8zZLpwXkHb0mNd+vpWrzvEiZZ9SOqBIWxboDET+g4gf1IHWLY3swaPtjuA
jOM4xzqc6taczUdc3Mlnf1d9jO1vBQDkFHwzzDf2W+25gkkdAIuc6L7r/TojPEhw
Ema3ON/Lu3IXTIHzJYSGnkpRbx0m10pNk1FdzCgYx60v/VdWDzgZ43yLNkIpkTVD
2ws07hfQXbyAoM0rwD0cELWM4hZRF5viV6pg6FV6x0GZHP9gOKMiINW0JDJ8ubgZ
OPDQ/wPFfUHGftu7OoosR0cpBmsl/9noAumVg5Ky734pZFvRnw3IZX+dsQexAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUAhj9cTLcTvz3/1dBqXXWanVKnqcwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzODM1MmUzMjJlMzEzNjMw
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzMDMxMzAzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkC
oDANBgkqhkiG9w0BAQsFAAOCAQEAO4jK7gJupXtWOLndovtjLJDEI1KeYEc3FpCp
uCQgm/R/KAVnM5644YnTfiH+1DttjTXuU16KAfbEEsN5Dbyj9dot7Ypnlbil8kfr
f0+AGLsoAySp21l1ZffqrGTOupd1aU5gUHbAo78Dc7Z2myCx9f1ah9lQlowWNYCM
PlTG2zRvbTqcpUYAZ9Uf6FbXy1/YjFQFcWzvLoTUdFQU748fSxDtqLLIYfnDXCws
HU613iGpzP/vqppwexDR5TMrFvb2PbCXGeCNQfw37PPuZcvLGpiBn+raZOaJ6dFO
V6waJ1ZbzvZhP+zxSEKP0PT5do6+jDuBXh0oFEBkv51vdAXg3w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 05:09:37 2024 by rpki-client on console-fra.rpki-client.org