Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
File: 3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: z8ypRhrrfngALeTlpc54u/4MkeOopMiC94+Umq830wI=
Subject key identifier: 0D:7C:36:76:2B:53:A5:06:12:27:D7:03:EA:51:F4:AA:24:BE:86:7F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A161B4E11A11C4EA1A962937A72F7E322646E77
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 26 Apr 2024 13:38:58 +0000
ROA not before: Fri 26 Apr 2024 13:33:58 +0000
ROA not after: Fri 25 Apr 2025 13:38:58 +0000
asID: 207137
IP address blocks: 185.161.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:16:1b:4e:11:a1:1c:4e:a1:a9:62:93:7a:72:f7:e3:22:64:6e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 26 13:33:58 2024 GMT
Not After : Apr 25 13:38:58 2025 GMT
Subject: CN=0D7C36762B53A5061227D703EA51F4AA24BE867F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b9:ea:3b:50:ae:5e:3b:09:c4:df:6b:59:dc:
a6:a7:4f:f6:59:21:41:fa:6d:5a:06:bf:b1:24:03:
23:d9:e5:ba:fa:64:e1:9d:39:dd:72:29:72:35:67:
05:44:f7:c1:36:0d:f9:9b:2a:fd:a1:dd:4c:1d:92:
1b:f3:c1:71:be:4c:76:5c:e1:38:b6:94:69:7a:df:
c2:57:c5:e8:9b:bd:ff:e0:bc:21:13:87:b5:64:68:
3f:e7:d6:d0:d9:b5:0d:53:7a:ce:50:93:e9:50:c4:
ce:a3:7b:a9:d2:db:1c:7e:c7:35:93:27:a3:6f:82:
9e:07:ed:7d:a4:00:ba:33:5a:78:6c:29:f5:26:20:
53:7c:39:1a:55:dd:82:25:c5:d4:29:15:4f:99:06:
cf:c5:25:0c:94:0b:46:33:05:a5:3a:24:75:fb:a9:
ac:e5:6d:55:a9:38:3c:b9:27:b1:5f:c1:f7:16:64:
0b:83:2d:0b:0d:a5:4d:96:9b:af:b4:1d:13:b0:c9:
57:d3:b0:4b:85:94:fa:51:01:85:f4:8f:c3:3f:46:
63:80:d2:ec:78:d9:22:ad:fe:d9:32:3d:c3:ab:de:
fc:ac:cf:26:65:e5:69:dc:f9:ec:a8:c0:38:5d:e8:
2a:8e:ec:df:d5:19:7f:04:5a:51:76:08:cb:dd:bb:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7C:36:76:2B:53:A5:06:12:27:D7:03:EA:51:F4:AA:24:BE:86:7F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.203.0/24
Signature Algorithm: sha256WithRSAEncryption
70:3c:f9:a7:33:4e:18:8d:48:56:10:3a:b7:3d:18:69:69:e4:
b1:2e:b3:97:5a:55:de:81:98:77:ab:12:0f:29:b0:5f:77:5e:
d6:cd:e5:38:7b:87:14:04:c3:e8:4d:2e:a5:33:f8:da:00:b7:
01:31:a4:f2:f8:80:2e:57:6d:58:a7:b6:ad:67:07:59:7f:0a:
d6:e9:d6:2c:fa:e8:f4:97:0c:ba:90:87:25:4f:5b:81:bb:fc:
3d:0a:c6:2a:c4:da:70:ff:91:34:39:59:87:45:84:9c:5d:63:
2e:59:02:cf:ef:fa:26:2a:92:8c:a0:3f:e2:ab:2c:14:ce:d8:
c0:9a:a4:2e:3b:bb:31:ae:22:1a:a5:25:71:f5:4a:98:60:b5:
13:03:3f:d0:fe:ce:6f:dd:9d:2c:ba:3d:7d:1b:4d:14:f4:e2:
5e:f4:a1:48:f3:29:4c:43:c3:e5:05:8e:2b:c0:bd:87:5a:e1:
52:05:78:10:45:24:75:67:a6:dd:fe:b8:d5:a5:9f:ee:f4:b2:
2d:c0:88:bb:a2:be:5b:c0:a7:25:08:f6:54:f7:01:3b:ac:30:
cc:42:28:05:07:3f:23:a0:c0:a4:c1:4b:4b:4d:94:47:53:1c:
a9:ab:51:27:66:7a:0e:9e:36:a2:4b:78:f7:03:8d:cd:b9:78:
bb:05:39:1e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGhYbThGhHE6hqWKTenL34yJkbncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MjYxMzMzNThaFw0yNTA0MjUxMzM4NThaMDMxMTAvBgNV
BAMTKDBEN0MzNjc2MkI1M0E1MDYxMjI3RDcwM0VBNTFGNEFBMjRCRTg2N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ueo7UK5eOwnE32tZ3KanT/ZZ
IUH6bVoGv7EkAyPZ5br6ZOGdOd1yKXI1ZwVE98E2DfmbKv2h3UwdkhvzwXG+THZc
4Ti2lGl638JXxeibvf/gvCETh7VkaD/n1tDZtQ1Tes5Qk+lQxM6je6nS2xx+xzWT
J6Nvgp4H7X2kALozWnhsKfUmIFN8ORpV3YIlxdQpFU+ZBs/FJQyUC0YzBaU6JHX7
qazlbVWpODy5J7FfwfcWZAuDLQsNpU2Wm6+0HROwyVfTsEuFlPpRAYX0j8M/RmOA
0ux42SKt/tkyPcOr3vyszyZl5Wnc+eyowDhd6CqO7N/VGX8EWlF2CMvduzsZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDXw2ditTpQYSJ9cD6lH0qiS+hn8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzEyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmhyzANBgkqhkiG9w0BAQsFAAOCAQEAcDz5pzNOGI1IVhA6tz0YaWnksS6z
l1pV3oGYd6sSDymwX3de1s3lOHuHFATD6E0upTP42gC3ATGk8viALldtWKe2rWcH
WX8K1unWLPro9JcMupCHJU9bgbv8PQrGKsTacP+RNDlZh0WEnF1jLlkCz+/6JiqS
jKA/4qssFM7YwJqkLju7Ma4iGqUlcfVKmGC1EwM/0P7Ob92dLLo9fRtNFPTiXvSh
SPMpTEPD5QWOK8C9h1rhUgV4EEUkdWem3f641aWf7vSyLcCIu6K+W8CnJQj2VPcB
O6wwzEIoBQc/I6DApMFLS02UR1McqatRJ2Z6Dp42okt49wONzbl4uwU5Hg==
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org