Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131362e302f32342d3332203d3e203531313637.roa
File: 3138352e3137372e3131362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: /zwFbdSlxO2NGFk5jYjI0jVS7+M/vjNomgH7MmJMY6Y=
Subject key identifier: D0:5D:34:89:0D:D5:BE:3D:83:13:9D:EA:C4:22:F2:5E:EF:29:D5:8A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F9774C72910CB365BA4FB10C2F22E995259C3D9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131362e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:27 +0000
ROA not before: Mon 27 Jan 2025 09:40:27 +0000
ROA not after: Mon 26 Jan 2026 09:45:27 +0000
asID: 51167
IP address blocks: 185.177.116.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:97:74:c7:29:10:cb:36:5b:a4:fb:10:c2:f2:2e:99:52:59:c3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:27 2025 GMT
Not After : Jan 26 09:45:27 2026 GMT
Subject: CN=D05D34890DD5BE3D83139DEAC422F25EEF29D58A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d5:dc:b9:9e:95:2f:3b:88:cd:6f:50:9f:33:
e2:9c:85:0c:a1:6b:69:bb:6d:8c:f5:a2:e5:1e:a0:
a1:b9:ec:da:2f:3d:21:ce:0a:a5:32:df:be:d9:af:
77:b6:04:87:e6:2a:ae:87:a7:c3:b4:1f:f2:e8:9d:
96:8e:a9:be:9d:1d:fc:50:d2:75:7b:39:78:16:53:
65:e3:a5:f3:6b:12:c7:58:57:2a:df:e4:f0:ff:69:
93:75:99:b7:a2:b8:17:15:da:29:54:c1:75:67:6d:
01:a1:fa:bd:b4:63:05:20:5c:16:5f:6b:46:84:7a:
42:6a:98:56:a8:f1:2b:07:97:8c:71:c6:e9:95:b3:
1a:00:73:27:30:00:ed:c7:72:e2:f8:67:2d:98:43:
44:1e:ae:8d:d4:cc:3c:9d:4b:77:60:7b:a6:c6:94:
42:4e:b7:88:13:c8:c1:c3:11:15:7e:8c:4b:fd:53:
97:93:ff:6a:b8:61:aa:2e:b4:15:80:b6:9f:05:c3:
24:2a:bb:30:b7:82:b0:03:56:a4:37:11:b2:b3:1d:
fa:1d:fe:52:9f:c9:25:b9:a7:d1:c2:1f:e6:8e:d5:
c2:15:63:59:25:fd:da:59:87:66:8d:7c:df:ea:23:
27:5b:f6:35:50:3a:fc:2d:69:48:e2:1c:62:b2:6c:
8d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5D:34:89:0D:D5:BE:3D:83:13:9D:EA:C4:22:F2:5E:EF:29:D5:8A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.116.0/24
Signature Algorithm: sha256WithRSAEncryption
46:27:31:11:b9:f0:f1:c3:3f:1f:75:56:56:47:28:bd:d5:18:
2d:fc:7e:09:dd:3e:4d:9b:a6:7d:17:14:78:65:4c:fb:f3:cc:
3b:40:a0:7c:bb:cc:36:da:22:e3:4d:53:9f:90:72:89:db:e3:
f7:d8:98:66:ed:cd:b6:e5:d7:c7:3d:52:33:06:fb:09:a1:8b:
90:1d:c2:bd:e3:ae:f6:29:c4:86:75:01:ff:f5:5a:0a:b8:4e:
65:e0:ae:46:f5:fa:46:8f:01:ad:43:56:a2:f9:b5:4c:99:d3:
77:de:ae:58:50:fc:3d:c7:02:c9:22:d8:9b:64:b8:ef:78:7e:
f5:aa:fb:02:62:f6:08:d0:ab:55:7d:01:cd:e4:19:af:89:85:
78:33:21:9c:fe:f7:97:95:b5:aa:d4:2b:d8:24:8c:10:51:e6:
36:a0:41:d2:59:85:b1:11:83:52:ac:de:91:9b:f8:d2:73:c9:
e3:9f:e8:09:a2:61:64:6f:3f:6b:b0:f0:0a:94:b3:c0:a4:f6:
a5:b5:ee:a6:a8:36:72:a1:6b:f8:a9:ab:4c:0b:53:e5:84:a9:
6a:a0:b9:e4:57:12:7b:c3:69:6c:d9:0c:bb:af:91:40:0d:07:
7d:f4:f4:ad:ab:2c:cf:16:3a:eb:ac:c0:55:99:ed:10:af:dd:
d0:eb:47:0a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL5d0xykQyzZbpPsQwvIumVJZw9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjdaFw0yNjAxMjYwOTQ1MjdaMDMxMTAvBgNV
BAMTKEQwNUQzNDg5MERENUJFM0Q4MzEzOURFQUM0MjJGMjVFRUYyOUQ1OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn1dy5npUvO4jNb1CfM+KchQyh
a2m7bYz1ouUeoKG57NovPSHOCqUy377Zr3e2BIfmKq6Hp8O0H/LonZaOqb6dHfxQ
0nV7OXgWU2XjpfNrEsdYVyrf5PD/aZN1mbeiuBcV2ilUwXVnbQGh+r20YwUgXBZf
a0aEekJqmFao8SsHl4xxxumVsxoAcycwAO3HcuL4Zy2YQ0Qero3UzDydS3dge6bG
lEJOt4gTyMHDERV+jEv9U5eT/2q4YaoutBWAtp8FwyQquzC3grADVqQ3EbKzHfod
/lKfySW5p9HCH+aO1cIVY1kl/dpZh2aNfN/qIydb9jVQOvwtaUjiHGKybI1PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0F00iQ3Vvj2DE53qxCLyXu8p1YowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzcyZTMx
MzEzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5sXQwDQYJKoZIhvcNAQELBQADggEBAEYnMRG58PHDPx91VlZHKL3VGC38fgnd
Pk2bpn0XFHhlTPvzzDtAoHy7zDbaIuNNU5+Qconb4/fYmGbtzbbl18c9UjMG+wmh
i5Adwr3jrvYpxIZ1Af/1Wgq4TmXgrkb1+kaPAa1DVqL5tUyZ03ferlhQ/D3HAski
2JtkuO94fvWq+wJi9gjQq1V9Ac3kGa+JhXgzIZz+95eVtarUK9gkjBBR5jagQdJZ
hbERg1Ks3pGb+NJzyeOf6AmiYWRvP2uw8AqUs8Ck9qW17qaoNnKha/ipq0wLU+WE
qWqgueRXEnvDaWzZDLuvkUANB3309K2rLM8WOuuswFWZ7RCv3dDrRwo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:27 2025 by rpki-client