Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa
File: 3135392e34382e342e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: RDwJS6aSZ5fzf4RZBOSQzdk4V4TrgQfNsxr/8yNm9o0=
Subject key identifier: 31:AD:DE:FD:AD:6B:AA:C8:1F:E4:F0:0B:13:87:D1:4A:5D:49:1C:C6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 60EAEA5C1F650D8E0933DBB95655DEBE48C08DAB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 26 Feb 2024 08:53:22 +0000
ROA not before: Mon 26 Feb 2024 08:48:22 +0000
ROA not after: Mon 24 Feb 2025 08:53:22 +0000
asID: 204170
IP address blocks: 159.48.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ea:ea:5c:1f:65:0d:8e:09:33:db:b9:56:55:de:be:48:c0:8d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:22 2024 GMT
Not After : Feb 24 08:53:22 2025 GMT
Subject: CN=31ADDEFDAD6BAAC81FE4F00B1387D14A5D491CC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b3:67:ce:4f:18:f5:63:31:72:2e:7e:02:c0:
5f:fd:8f:68:35:98:cc:17:6c:5f:59:f1:b9:f9:4c:
be:ad:b0:ee:3c:01:cc:f4:29:9c:c7:53:f4:af:a1:
0e:ce:45:54:9e:dd:ba:cb:00:4f:59:59:18:1d:03:
f8:bc:13:da:87:aa:dc:85:73:c9:1f:2e:15:2a:7b:
7f:8d:20:9e:c9:77:b0:02:ba:21:15:28:8a:a5:c9:
0f:c5:01:ea:8d:af:3f:ac:76:61:45:a0:c4:a8:08:
b2:01:91:59:1f:68:26:a7:8d:6a:eb:61:31:08:5c:
1a:76:8d:4c:25:3e:b7:20:e0:3b:05:cb:de:5b:71:
c1:c4:aa:8c:dc:57:30:38:f4:11:87:83:c5:e8:10:
0a:60:7c:27:29:45:49:b7:03:e1:eb:a9:9b:ac:37:
e3:8f:ab:84:23:8a:9e:53:ee:ce:6d:23:2b:5c:ac:
09:16:72:80:0f:81:61:83:3f:34:14:9b:61:a4:78:
b9:18:7a:ed:5a:a0:d2:19:ad:a9:f5:29:53:49:f7:
38:9e:f3:dd:5b:29:f1:3a:a8:fa:2e:15:c4:95:57:
82:0e:d6:93:91:63:81:86:d7:fb:0a:43:f6:6c:0e:
a8:ec:14:5e:f7:88:70:29:85:44:d2:99:e7:59:3b:
39:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AD:DE:FD:AD:6B:AA:C8:1F:E4:F0:0B:13:87:D1:4A:5D:49:1C:C6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.48.4.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:e7:4d:a3:2e:54:94:7b:21:42:3d:96:10:fc:60:b8:99:91:
85:f6:c8:c1:a1:9f:35:05:b5:ef:51:f9:be:79:2c:83:09:49:
df:cb:8a:ac:cb:1f:f8:62:36:ca:e3:0d:d0:13:56:1d:a1:36:
05:72:6c:96:35:ff:a9:e7:9f:1b:0a:e9:5c:52:ae:60:e5:3b:
1d:07:7e:09:ce:15:49:9f:bf:b2:1c:7c:17:bf:eb:d0:ea:b3:
ad:7a:4b:43:8a:48:6c:de:1a:79:9b:6f:a5:ad:71:67:4a:68:
f3:a8:65:c8:f0:91:86:a5:99:c9:4c:4e:1d:9a:47:5e:3d:c2:
48:90:13:da:0b:cf:96:f6:0f:1a:45:e1:96:ad:eb:f6:59:a6:
70:58:37:c9:20:38:b1:ef:76:d5:b3:62:15:65:84:36:5f:4c:
e3:e5:a4:04:ee:46:39:83:82:4c:c8:de:f9:e9:b5:a9:79:57:
75:cf:f5:d8:1e:04:79:6b:6d:43:4a:ed:09:3e:4c:b0:33:aa:
52:2f:3a:7d:f8:94:f9:4b:17:62:ab:54:40:a1:91:09:aa:83:
20:18:5a:5c:03:50:05:7d:a5:be:db:de:84:2a:7e:a1:ee:2e:
45:69:89:09:4b:17:99:0a:c6:0d:e4:0b:f6:20:81:ab:ae:bf:
d7:95:e7:f5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUYOrqXB9lDY4JM9u5VlXevkjAjaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjJaFw0yNTAyMjQwODUzMjJaMDMxMTAvBgNV
BAMTKDMxQURERUZEQUQ2QkFBQzgxRkU0RjAwQjEzODdEMTRBNUQ0OTFDQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDks2fOTxj1YzFyLn4CwF/9j2g1
mMwXbF9Z8bn5TL6tsO48Acz0KZzHU/SvoQ7ORVSe3brLAE9ZWRgdA/i8E9qHqtyF
c8kfLhUqe3+NIJ7Jd7ACuiEVKIqlyQ/FAeqNrz+sdmFFoMSoCLIBkVkfaCanjWrr
YTEIXBp2jUwlPrcg4DsFy95bccHEqozcVzA49BGHg8XoEApgfCcpRUm3A+HrqZus
N+OPq4Qjip5T7s5tIytcrAkWcoAPgWGDPzQUm2GkeLkYeu1aoNIZran1KVNJ9zie
891bKfE6qPouFcSVV4IO1pORY4GG1/sKQ/ZsDqjsFF73iHAphUTSmedZOznPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUMa3e/a1rqsgf5PALE4fRSl1JHMYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM5MmUzNDM4MmUzNDJl
MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAp8w
BDANBgkqhkiG9w0BAQsFAAOCAQEAn+dNoy5UlHshQj2WEPxguJmRhfbIwaGfNQW1
71H5vnksgwlJ38uKrMsf+GI2yuMN0BNWHaE2BXJsljX/qeefGwrpXFKuYOU7HQd+
Cc4VSZ+/shx8F7/r0OqzrXpLQ4pIbN4aeZtvpa1xZ0po86hlyPCRhqWZyUxOHZpH
Xj3CSJAT2gvPlvYPGkXhlq3r9lmmcFg3ySA4se921bNiFWWENl9M4+WkBO5GOYOC
TMje+em1qXlXdc/12B4EeWttQ0rtCT5MsDOqUi86ffiU+UsXYqtUQKGRCaqDIBha
XANQBX2lvtvehCp+oe4uRWmJCUsXmQrGDeQL9iCBq66/15Xn9Q==
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:23 2024 by rpki-client on console-ams.rpki-client.org