Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136362e3138382e302f32342d3234203d3e203437353833.roa
File: 3138352e3136362e3138382e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: kkuymIZNTku63PyZ2H3K3xdZXJQvPp95ur+2OP/4e00=
Subject key identifier: F1:BD:93:E5:2C:14:A6:1B:63:B2:B6:2E:79:83:52:F3:D2:47:0E:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6A30D35746BD2E8CBA9885D710F7CA35883D798A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136362e3138382e302f32342d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:44:56 +0000
ROA not before: Mon 27 Jan 2025 09:39:56 +0000
ROA not after: Mon 26 Jan 2026 09:44:56 +0000
asID: 47583
IP address blocks: 185.166.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:30:d3:57:46:bd:2e:8c:ba:98:85:d7:10:f7:ca:35:88:3d:79:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:56 2025 GMT
Not After : Jan 26 09:44:56 2026 GMT
Subject: CN=F1BD93E52C14A61B63B2B62E798352F3D2470E7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b5:38:28:09:1b:54:64:39:69:80:01:23:4f:
a3:b0:c8:5e:70:c9:94:5f:86:d0:1a:ce:4c:cd:9d:
97:c9:79:59:f1:45:12:9e:d9:42:2b:58:8f:91:1a:
63:d3:79:7a:81:7a:f0:51:a9:5c:28:f6:e4:e5:35:
ec:66:e4:25:e7:31:1c:dc:e6:6c:b4:16:c2:95:0a:
a7:74:86:a8:eb:99:46:39:2c:e3:58:4c:1f:67:39:
81:2f:b0:c8:8e:d1:63:ee:46:86:f5:b5:7c:f9:53:
1a:b4:67:4d:81:6e:85:46:cf:94:68:42:aa:4e:8e:
f3:ac:f4:54:eb:4f:05:7a:8c:68:8e:63:36:f9:6e:
2a:1c:ee:fc:a0:07:6c:3f:49:b9:0a:e3:ea:1c:25:
cd:24:79:b5:68:8e:d9:cf:d2:35:f4:6b:22:72:fe:
0c:2e:00:16:68:02:2b:da:4e:9b:41:3e:f9:02:cb:
d0:5a:80:bd:d6:f4:f4:63:6a:03:b4:c6:9a:dc:37:
72:76:44:4a:e4:e8:bb:fb:96:25:e0:f3:a9:ce:87:
48:1e:77:50:9d:4c:e9:2b:55:e6:d4:d8:3a:4b:3a:
c3:9e:0b:a2:95:53:d7:9c:13:d2:dd:84:c2:2d:80:
a9:94:ba:1a:01:45:fa:10:98:ab:7b:01:36:e3:d7:
1f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BD:93:E5:2C:14:A6:1B:63:B2:B6:2E:79:83:52:F3:D2:47:0E:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136362e3138382e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.188.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:3c:81:1d:f6:14:e5:89:10:69:2e:ea:bd:2b:ec:e1:19:e9:
68:22:2d:c4:8c:98:cf:c5:15:c9:8a:58:2c:ab:50:c2:2b:ec:
6e:56:74:f4:e0:b3:f8:c0:78:39:65:c0:01:b4:a6:86:3a:32:
72:c7:9c:ff:ae:87:36:3f:d4:8f:75:bc:7d:f2:25:2c:ec:2a:
42:cf:98:b9:03:e0:03:85:c7:7d:4c:c4:34:e6:86:10:7a:33:
e0:c2:04:98:26:84:a2:cb:f6:26:02:af:3c:20:7e:00:97:d6:
56:e8:ab:98:c5:69:df:53:d5:23:f2:dc:d4:d5:55:c7:c6:9f:
b6:82:17:7f:62:d4:a4:02:f8:47:8e:c7:1f:65:02:74:a4:f1:
c2:4e:ad:64:ee:54:2f:e4:43:c5:38:dc:cc:a3:4a:c4:33:d0:
82:cf:8b:f1:8e:51:21:a2:bd:0b:26:b4:dc:84:1a:91:45:2d:
e5:84:49:cb:e9:09:8e:8b:ed:6d:50:d6:35:d4:f5:7b:76:be:
fe:60:7f:77:50:d8:30:07:b2:2c:a4:48:6f:24:3e:2b:1c:5a:
50:c1:57:3d:5f:fb:6d:a1:79:4e:a8:3f:c2:fa:32:e3:1d:81:
9a:1a:49:b5:29:b8:11:73:27:84:8a:75:bd:0e:2c:1e:9f:60:
73:89:c8:1f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUajDTV0a9Loy6mIXXEPfKNYg9eYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTZaFw0yNjAxMjYwOTQ0NTZaMDMxMTAvBgNV
BAMTKEYxQkQ5M0U1MkMxNEE2MUI2M0IyQjYyRTc5ODM1MkYzRDI0NzBFN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9tTgoCRtUZDlpgAEjT6OwyF5w
yZRfhtAazkzNnZfJeVnxRRKe2UIrWI+RGmPTeXqBevBRqVwo9uTlNexm5CXnMRzc
5my0FsKVCqd0hqjrmUY5LONYTB9nOYEvsMiO0WPuRob1tXz5Uxq0Z02BboVGz5Ro
QqpOjvOs9FTrTwV6jGiOYzb5bioc7vygB2w/SbkK4+ocJc0kebVojtnP0jX0ayJy
/gwuABZoAivaTptBPvkCy9BagL3W9PRjagO0xprcN3J2RErk6Lv7liXg86nOh0ge
d1CdTOkrVebU2DpLOsOeC6KVU9ecE9LdhMItgKmUuhoBRfoQmKt7ATbj1x9pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8b2T5SwUphtjsrYueYNS89JHDnwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzYyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5prwwDQYJKoZIhvcNAQELBQADggEBAF48gR32FOWJEGku6r0r7OEZ6WgiLcSM
mM/FFcmKWCyrUMIr7G5WdPTgs/jAeDllwAG0poY6MnLHnP+uhzY/1I91vH3yJSzs
KkLPmLkD4AOFx31MxDTmhhB6M+DCBJgmhKLL9iYCrzwgfgCX1lboq5jFad9T1SPy
3NTVVcfGn7aCF39i1KQC+EeOxx9lAnSk8cJOrWTuVC/kQ8U43MyjSsQz0ILPi/GO
USGivQsmtNyEGpFFLeWEScvpCY6L7W1Q1jXU9Xt2vv5gf3dQ2DAHsiykSG8kPisc
WlDBVz1f+22heU6oP8L6MuMdgZoaSbUpuBFzJ4SKdb0OLB6fYHOJyB8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:00:51 2025 by rpki-client