Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
File: 3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: an3DKAYLg+ob7/PNZrzUhFHGNWL8CBkAkyUL3/YyZHA=
Subject key identifier: F2:03:22:BB:EA:49:5B:3C:69:14:73:95:58:84:33:C3:5F:17:63:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E968196FD33C495AEF9B3F2413A2911750DD3C2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:14 +0000
ROA not before: Mon 26 Feb 2024 08:48:14 +0000
ROA not after: Mon 24 Feb 2025 08:53:14 +0000
asID: 136787
IP address blocks: 109.123.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:96:81:96:fd:33:c4:95:ae:f9:b3:f2:41:3a:29:11:75:0d:d3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:14 2024 GMT
Not After : Feb 24 08:53:14 2025 GMT
Subject: CN=F20322BBEA495B3C69147395588433C35F176372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:e5:4d:41:cc:18:b9:72:d3:43:e7:3e:fc:
15:41:d8:e9:fe:18:4e:67:15:64:93:0f:95:b9:46:
9f:e2:c6:a8:27:97:ab:69:d3:99:38:83:ab:64:43:
60:f3:d0:25:ce:0d:85:63:70:7e:2e:68:5f:63:59:
8e:d6:ce:66:23:1f:b1:b5:de:dc:fd:7b:11:e1:ee:
4d:61:49:c0:49:ba:f3:4d:9a:ca:f7:f1:f9:43:ad:
5c:94:6d:92:b6:dc:da:e0:a2:81:93:88:f4:61:35:
1f:5d:be:69:f0:47:6c:0d:10:13:ac:db:97:ff:ac:
51:ab:96:a6:3f:5c:ac:2a:ef:7d:66:e7:ce:ad:59:
ae:92:77:39:10:e9:1e:33:26:b1:9b:24:42:4c:ea:
6c:a8:a7:ee:9f:4d:ce:2a:1c:39:57:de:82:87:cd:
f3:3b:44:51:2a:9d:a1:57:cf:d7:44:51:a0:6a:45:
7e:20:07:28:0a:87:4a:05:22:ba:c4:da:75:c6:6e:
50:10:fb:1b:cc:c1:4d:ac:59:80:f7:5d:5f:af:85:
0c:9f:8e:6d:6d:3d:02:53:05:fa:4e:5a:41:92:16:
31:aa:d5:88:b6:15:e2:33:ac:c6:f8:3f:1f:32:19:
87:3a:d4:5a:25:16:69:01:fa:f3:0c:77:60:b9:d4:
c8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:22:BB:EA:49:5B:3C:69:14:73:95:58:84:33:C3:5F:17:63:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.225.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ee:03:80:9d:0b:a8:2d:e6:f4:68:5f:0b:4c:15:3e:b3:b9:
07:33:9d:77:54:a5:fe:69:97:7e:dc:61:64:93:3b:9c:b5:a9:
f1:ab:fa:56:f6:78:ca:af:5b:c8:9e:10:d7:fc:db:8f:26:18:
6b:cb:d6:fe:21:8b:f7:cb:87:27:d5:97:db:c2:96:4e:05:c9:
aa:16:92:6a:29:62:3a:f2:8b:0a:81:e9:bb:2d:1e:8a:41:35:
cd:e5:58:07:e2:08:bc:95:21:bf:47:10:bd:d4:8e:5f:6f:cd:
2a:f9:44:81:6f:39:2f:29:9e:3b:42:14:6b:56:1b:b7:7c:fd:
64:fd:55:1f:01:9c:23:05:18:4e:4e:87:aa:bd:b4:d8:7a:9d:
1b:10:1c:49:8e:16:e0:1d:05:0e:86:44:b0:d3:48:3e:0c:b8:
de:0b:10:94:e5:dd:d7:34:bf:81:fc:32:44:15:63:3a:4d:40:
eb:dd:73:ef:9a:84:52:27:75:7d:da:b9:7b:7f:8a:a0:7a:c8:
ec:dd:df:40:f5:c8:a7:30:fd:1b:b5:9a:12:46:88:a9:b5:2b:
da:83:9e:e1:4c:51:15:a4:f1:e7:13:ea:52:bf:12:d7:53:c7:
7d:75:c1:01:2b:ef:a9:ad:e4:fa:d8:d4:fc:e0:82:c4:3d:03:
75:d0:89:c4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDpaBlv0zxJWu+bPyQTopEXUN08IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTRaFw0yNTAyMjQwODUzMTRaMDMxMTAvBgNV
BAMTKEYyMDMyMkJCRUE0OTVCM0M2OTE0NzM5NTU4ODQzM0MzNUYxNzYzNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t+VNQcwYuXLTQ+c+/BVB2On+
GE5nFWSTD5W5Rp/ixqgnl6tp05k4g6tkQ2Dz0CXODYVjcH4uaF9jWY7WzmYjH7G1
3tz9exHh7k1hScBJuvNNmsr38flDrVyUbZK23NrgooGTiPRhNR9dvmnwR2wNEBOs
25f/rFGrlqY/XKwq731m586tWa6SdzkQ6R4zJrGbJEJM6myop+6fTc4qHDlX3oKH
zfM7RFEqnaFXz9dEUaBqRX4gBygKh0oFIrrE2nXGblAQ+xvMwU2sWYD3XV+vhQyf
jm1tPQJTBfpOWkGSFjGq1Yi2FeIzrMb4Px8yGYc61FolFmkB+vMMd2C51MiFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8gMiu+pJWzxpFHOVWIQzw18XY3IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMyMzMyZTMy
MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG174TANBgkqhkiG9w0BAQsFAAOCAQEAJu4DgJ0LqC3m9GhfC0wVPrO5BzOd
d1Sl/mmXftxhZJM7nLWp8av6VvZ4yq9byJ4Q1/zbjyYYa8vW/iGL98uHJ9WX28KW
TgXJqhaSailiOvKLCoHpuy0eikE1zeVYB+IIvJUhv0cQvdSOX2/NKvlEgW85Lyme
O0IUa1Ybt3z9ZP1VHwGcIwUYTk6Hqr202HqdGxAcSY4W4B0FDoZEsNNIPgy43gsQ
lOXd1zS/gfwyRBVjOk1A691z75qEUid1fdq5e3+KoHrI7N3fQPXIpzD9G7WaEkaI
qbUr2oOe4UxRFaTx5xPqUr8S11PHfXXBASvvqa3k+tjU/OCCxD0DddCJxA==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org