Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137372e3131372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OyV5uKwqR3Q14jOzymZHX+JOTtlttuHryGC8xrV78vs=
Subject key identifier: 09:22:C4:58:C6:6E:85:69:25:4F:25:7A:6D:BE:AF:90:A5:F4:FE:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 789E43F2751F3774B0874937BEB628C248119BD0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:00:29 +0000
ROA not before: Sun 11 Jun 2023 10:55:29 +0000
ROA not after: Sun 09 Jun 2024 11:00:29 +0000
asID: 136787
IP address blocks: 185.177.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:9e:43:f2:75:1f:37:74:b0:87:49:37:be:b6:28:c2:48:11:9b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:55:29 2023 GMT
Not After : Jun 9 11:00:29 2024 GMT
Subject: CN=0922C458C66E8569254F257A6DBEAF90A5F4FE72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:90:98:e0:a1:3d:1e:2e:a1:d1:2f:e5:27:
b1:d8:7f:1e:7d:f9:60:0d:ac:2b:ad:22:43:c7:8e:
b3:2d:92:e9:d5:d5:ed:61:fe:45:e8:94:3b:fa:fa:
57:7f:eb:86:ca:a5:9a:49:1a:ec:2d:aa:35:e9:74:
a9:9f:df:a3:be:aa:61:36:bd:f5:f8:e4:50:9e:aa:
2f:fd:9f:45:20:31:b9:db:1c:ba:46:4a:d9:4a:b2:
7f:dc:0f:b1:5a:cd:b0:6e:2a:bb:c6:ea:b5:f7:9f:
73:8c:74:21:5b:1b:c2:b1:f2:32:98:16:55:41:21:
1a:6c:ed:2d:82:2f:fb:18:a8:76:60:3c:3f:45:a2:
3a:24:7a:30:fa:e6:d4:8d:08:5b:50:80:fa:8b:e7:
42:98:5f:23:60:fa:fb:3e:36:90:32:85:75:93:2f:
4e:86:13:df:75:5a:90:64:d2:76:8a:62:ec:72:c4:
e7:b4:53:73:ce:f9:89:04:96:bf:e1:96:f5:60:93:
a8:e8:50:30:1f:2b:d6:b9:b7:82:14:4c:da:0e:92:
17:31:e2:af:06:07:0b:02:08:02:cd:a5:3f:f0:2d:
01:af:de:89:b5:c7:d9:f8:73:47:c5:25:98:76:32:
2c:1f:b6:88:20:65:d0:32:f6:52:a5:e3:78:91:d0:
24:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:22:C4:58:C6:6E:85:69:25:4F:25:7A:6D:BE:AF:90:A5:F4:FE:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.117.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:21:aa:6c:11:39:89:f5:ae:ce:b5:d8:f7:5e:d8:2c:ff:a6:
cf:24:5a:d2:16:42:96:4f:01:b2:2b:91:ca:5f:2b:97:2e:07:
a0:3f:7d:55:03:58:5b:ce:4a:8f:0f:ad:c4:13:41:f4:cf:6d:
36:5a:6a:dd:f9:99:03:1d:79:6b:47:c9:a0:51:fb:0c:18:ea:
9e:4d:cf:83:50:73:3e:f8:98:7f:58:9d:aa:00:07:57:8d:46:
d0:ab:0a:5e:16:4d:08:79:37:a8:9a:13:80:40:b6:f4:8e:18:
90:22:ef:52:56:85:3b:02:60:bf:ce:5a:a7:cf:67:5c:73:61:
88:3c:a7:ea:b2:2d:dd:ca:b2:ea:8f:d1:33:00:3f:cb:cc:40:
97:21:78:35:8d:55:55:27:86:36:60:de:0e:04:c6:fa:ca:31:
c3:3a:3a:be:a4:57:be:c7:40:c5:45:b6:3e:1c:6f:c2:8f:b3:
2e:07:a4:4f:97:93:8b:4a:d9:fa:02:22:b8:1d:bb:b5:07:ff:
d2:32:df:cf:3a:5c:04:82:f7:5c:ca:f2:dd:d8:92:9a:50:7d:
db:72:18:54:73:35:94:cb:f1:37:9e:91:6e:64:87:69:be:8c:
4a:ea:aa:3a:b4:da:d6:6a:84:8e:0e:73:e4:08:33:70:d9:74:
da:d4:ba:7c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeJ5D8nUfN3Swh0k3vrYowkgRm9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU1MjlaFw0yNDA2MDkxMTAwMjlaMDMxMTAvBgNV
BAMTKDA5MjJDNDU4QzY2RTg1NjkyNTRGMjU3QTZEQkVBRjkwQTVGNEZFNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz8pCY4KE9Hi6h0S/lJ7HYfx59
+WANrCutIkPHjrMtkunV1e1h/kXolDv6+ld/64bKpZpJGuwtqjXpdKmf36O+qmE2
vfX45FCeqi/9n0UgMbnbHLpGStlKsn/cD7FazbBuKrvG6rX3n3OMdCFbG8Kx8jKY
FlVBIRps7S2CL/sYqHZgPD9FojokejD65tSNCFtQgPqL50KYXyNg+vs+NpAyhXWT
L06GE991WpBk0naKYuxyxOe0U3PO+YkElr/hlvVgk6joUDAfK9a5t4IUTNoOkhcx
4q8GBwsCCALNpT/wLQGv3om1x9n4c0fFJZh2MiwftoggZdAy9lKl43iR0CRlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUCSLEWMZuhWklTyV6bb6vkKX0/nIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzcyZTMx
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmxdTANBgkqhkiG9w0BAQsFAAOCAQEAPSGqbBE5ifWuzrXY917YLP+mzyRa
0hZClk8BsiuRyl8rly4HoD99VQNYW85Kjw+txBNB9M9tNlpq3fmZAx15a0fJoFH7
DBjqnk3Pg1BzPviYf1idqgAHV41G0KsKXhZNCHk3qJoTgEC29I4YkCLvUlaFOwJg
v85ap89nXHNhiDyn6rIt3cqy6o/RMwA/y8xAlyF4NY1VVSeGNmDeDgTG+soxwzo6
vqRXvsdAxUW2Phxvwo+zLgekT5eTi0rZ+gIiuB27tQf/0jLfzzpcBIL3XMry3diS
mlB923IYVHM1lMvxN56RbmSHab6MSuqqOrTa1mqEjg5z5AgzcNl02tS6fA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org