Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ifmp2q49QEaT0LOvqzFadcsHlpXzIlBXhWkno+K/5DA=
Subject key identifier: B0:B9:8F:35:35:2D:19:99:20:A1:D9:C7:7E:F6:38:63:82:FF:36:89
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 102E1F2F409FAF8540FD41D9EB4C87B848A739E2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:50:37 +0000
ROA not before: Sun 26 Nov 2023 19:45:37 +0000
ROA not after: Sun 24 Nov 2024 19:50:37 +0000
asID: 136787
IP address blocks: 158.220.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:2e:1f:2f:40:9f:af:85:40:fd:41:d9:eb:4c:87:b8:48:a7:39:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:45:37 2023 GMT
Not After : Nov 24 19:50:37 2024 GMT
Subject: CN=B0B98F35352D199920A1D9C77EF6386382FF3689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:81:20:8d:c8:ac:33:e6:b2:d7:07:39:4b:
01:56:ee:d8:48:92:27:dc:6f:19:df:0d:ec:da:5d:
34:9e:eb:f9:40:85:a5:af:c8:73:a4:ba:7f:72:75:
03:ca:43:c4:76:a2:d2:91:dc:07:ca:36:27:37:67:
f9:1b:71:13:3a:af:0e:81:b6:6e:7a:24:e7:96:cb:
75:b4:82:80:dc:07:ae:03:e0:0e:6d:5c:fb:70:46:
e1:54:c6:fe:d7:5a:60:4e:01:1b:50:2c:76:2e:ee:
dd:dc:90:bf:84:84:16:76:54:a0:10:99:12:e9:c2:
56:17:9a:b9:10:79:7d:20:36:b8:84:9f:cb:6f:0b:
19:da:05:37:d1:b4:5f:d5:34:6c:ea:63:31:c6:ea:
71:39:87:e7:bd:90:9c:2e:5d:da:9c:6b:68:fd:e8:
e4:59:ce:e5:e8:ed:28:86:e6:08:15:9d:06:e3:30:
3f:60:61:70:7e:74:56:e3:63:79:d5:4d:29:97:14:
0e:69:3b:6e:5c:e6:e3:22:4a:38:b4:27:b8:9b:22:
c6:e3:59:9a:c0:f9:ee:9c:ed:71:d5:98:eb:63:32:
65:a5:9d:2b:a8:8d:e1:af:84:6d:f9:e9:5c:7e:a8:
fd:b3:7c:73:1d:a1:fc:52:00:3b:74:7d:c1:51:3e:
13:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B9:8F:35:35:2D:19:99:20:A1:D9:C7:7E:F6:38:63:82:FF:36:89
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.72.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:2c:6f:06:9f:9a:e0:2d:f8:9a:6e:20:d4:7a:7b:70:cf:10:
f1:37:af:1e:58:93:5d:2a:67:51:9c:28:9e:a2:bd:64:c3:cf:
ce:07:a5:37:66:8e:bb:7f:98:65:18:70:ec:32:3e:31:41:12:
18:7a:e0:81:7e:da:dd:8c:aa:fd:5e:91:6d:66:5f:b3:8e:f7:
98:ed:14:f8:75:4f:52:c4:a8:6b:7e:a5:3f:4e:3d:10:a3:47:
1f:c8:ed:a2:83:85:bb:d0:8c:16:ff:0a:71:c7:f2:3d:6b:e5:
71:55:1e:78:67:2b:c8:12:74:5c:c2:00:5b:b1:4f:92:31:24:
57:00:f8:a3:7f:0b:8e:49:cf:4e:de:5d:6a:bc:1b:8d:0e:b7:
ca:98:7f:bd:65:9b:fe:cb:60:c8:de:95:db:f6:3f:b1:ed:a9:
1b:0a:1f:bd:06:ae:38:51:2e:92:3c:18:9c:22:a1:7e:98:d0:
d7:cb:a4:f4:ee:2d:a7:62:76:5b:c3:cd:33:c0:08:26:8e:a8:
25:78:f1:26:a0:f1:5f:3b:5c:33:15:d1:e7:ef:3a:aa:7a:5a:
3b:c9:5d:ce:cf:8d:a9:0d:e8:54:af:72:03:43:7e:5b:a9:be:
a7:cc:64:2a:d1:64:cc:e9:96:50:2b:71:8e:37:84:48:6b:55:
16:1e:cc:83
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEC4fL0Cfr4VA/UHZ60yHuEinOeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ1MzdaFw0yNDExMjQxOTUwMzdaMDMxMTAvBgNV
BAMTKEIwQjk4RjM1MzUyRDE5OTkyMEExRDlDNzdFRjYzODYzODJGRjM2ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8z4EgjcisM+ay1wc5SwFW7thI
kifcbxnfDezaXTSe6/lAhaWvyHOkun9ydQPKQ8R2otKR3AfKNic3Z/kbcRM6rw6B
tm56JOeWy3W0goDcB64D4A5tXPtwRuFUxv7XWmBOARtQLHYu7t3ckL+EhBZ2VKAQ
mRLpwlYXmrkQeX0gNriEn8tvCxnaBTfRtF/VNGzqYzHG6nE5h+e9kJwuXdqca2j9
6ORZzuXo7SiG5ggVnQbjMD9gYXB+dFbjY3nVTSmXFA5pO25c5uMiSji0J7ibIsbj
WZrA+e6c7XHVmOtjMmWlnSuojeGvhG356Vx+qP2zfHMdofxSADt0fcFRPhNfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsLmPNTUtGZkgodnHfvY4Y4L/NokwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EgwDQYJKoZIhvcNAQELBQADggEBAJ8sbwafmuAt+JpuINR6e3DPEPE3rx5Y
k10qZ1GcKJ6ivWTDz84HpTdmjrt/mGUYcOwyPjFBEhh64IF+2t2Mqv1ekW1mX7OO
95jtFPh1T1LEqGt+pT9OPRCjRx/I7aKDhbvQjBb/CnHH8j1r5XFVHnhnK8gSdFzC
AFuxT5IxJFcA+KN/C45Jz07eXWq8G40Ot8qYf71lm/7LYMjeldv2P7HtqRsKH70G
rjhRLpI8GJwioX6Y0NfLpPTuLadidlvDzTPACCaOqCV48Sag8V87XDMV0efvOqp6
WjvJXc7PjakN6FSvcgNDflupvqfMZCrRZMzpllArcY43hEhrVRYezIM=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org