Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
File: 3138352e3138352e38312e302f32342d3332203d3e203536383736.roa (raw, json)
Hash identifier: 8vDAAgqVm2U656uVox5/Wggjwp2RTS+Lqi1TRxbT/w4=
Subject key identifier: A5:56:F6:C5:0E:55:33:93:B8:A0:45:01:0E:AB:EC:3C:38:4E:47:88
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 43166AEE803585B71502E66AF21DF9CE1716AD10
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
Signing time: Mon 26 Feb 2024 08:53:22 +0000
ROA not before: Mon 26 Feb 2024 08:48:22 +0000
ROA not after: Mon 24 Feb 2025 08:53:22 +0000
asID: 56876
IP address blocks: 185.185.81.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:16:6a:ee:80:35:85:b7:15:02:e6:6a:f2:1d:f9:ce:17:16:ad:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:22 2024 GMT
Not After : Feb 24 08:53:22 2025 GMT
Subject: CN=A556F6C50E553393B8A045010EABEC3C384E4788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:92:4b:28:bb:f3:e3:b2:70:93:31:e4:fd:11:
44:82:58:95:26:0a:eb:0e:80:e5:63:a9:4f:b9:a2:
7d:58:a7:da:50:dc:5d:54:09:6f:e6:d0:58:a7:42:
42:40:c0:e1:9a:34:9f:0a:53:af:5d:07:45:c0:d3:
0b:69:96:c5:34:d8:42:93:e9:21:13:9b:f2:a5:62:
39:48:87:ad:2b:ed:34:44:41:60:f6:01:6b:28:ff:
22:8c:92:89:bb:be:ac:b6:0d:87:2d:fb:87:54:87:
8b:80:a7:81:90:5c:c8:67:c2:05:9f:04:6c:93:7f:
d5:b3:af:20:d0:99:7d:54:9e:9d:be:90:bd:5e:b6:
6a:ee:ee:39:e1:70:3c:52:1e:29:1f:82:da:a1:f7:
ee:73:6b:1e:38:e5:99:9f:bb:33:46:b6:42:ff:76:
23:aa:98:57:fe:ea:97:09:74:42:29:8f:ab:ac:e1:
71:a8:db:a5:79:6c:24:e9:a1:12:47:c1:b8:ad:6f:
1b:1f:66:83:09:c3:03:46:e5:c8:91:37:f3:9c:b1:
95:9c:e7:44:4d:fd:d0:b4:83:ee:16:cd:bb:70:0e:
9f:4f:b4:97:6c:99:69:eb:0b:ed:6f:04:ef:02:52:
98:e1:55:51:d2:43:37:15:8e:86:20:c9:17:5e:03:
49:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:56:F6:C5:0E:55:33:93:B8:A0:45:01:0E:AB:EC:3C:38:4E:47:88
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138352e38312e302f32342d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:76:dc:7b:59:92:38:1d:9e:8f:1e:df:6e:7e:d3:ba:76:5e:
ea:ee:54:a8:d4:02:db:17:87:66:cf:ff:88:31:8f:16:b4:11:
b2:b0:36:4c:9e:fa:62:58:54:96:c2:ee:d4:0e:ba:fc:8b:43:
ad:d3:de:98:ca:e8:ef:76:ac:36:85:f4:f6:7d:b9:b4:69:73:
50:d6:16:94:3b:28:fc:66:48:d3:a2:a0:b1:2e:43:6e:8f:d7:
31:71:15:56:8e:96:7e:e6:66:e1:2d:d0:96:60:b8:cf:04:89:
bc:5a:e5:cd:c1:fd:51:9b:36:31:13:36:3b:18:95:85:f5:90:
6b:8d:d0:41:7c:98:d8:60:ad:a7:f9:6d:02:30:bf:bd:d4:71:
69:73:a1:ef:89:a0:98:6b:17:3a:72:6a:36:0e:c4:33:83:71:
44:7d:3e:4b:57:4e:e3:91:47:be:4e:52:16:35:42:f6:1f:6b:
a1:03:eb:57:e2:5e:d4:be:09:66:f9:fd:19:51:2f:85:68:dc:
58:5a:57:7a:d7:e4:5c:d1:2f:3e:02:2b:b5:ee:c8:ed:fd:ea:
af:eb:a9:78:24:83:44:58:b4:72:db:eb:1e:07:5b:94:bb:30:
8d:7f:7e:7d:7d:fb:bf:cd:de:76:4e:63:39:a8:2f:45:cb:e5:
77:e5:67:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQxZq7oA1hbcVAuZq8h35zhcWrRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjJaFw0yNTAyMjQwODUzMjJaMDMxMTAvBgNV
BAMTKEE1NTZGNkM1MEU1NTMzOTNCOEEwNDUwMTBFQUJFQzNDMzg0RTQ3ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmkksou/PjsnCTMeT9EUSCWJUm
CusOgOVjqU+5on1Yp9pQ3F1UCW/m0FinQkJAwOGaNJ8KU69dB0XA0wtplsU02EKT
6SETm/KlYjlIh60r7TREQWD2AWso/yKMkom7vqy2DYct+4dUh4uAp4GQXMhnwgWf
BGyTf9WzryDQmX1Unp2+kL1etmru7jnhcDxSHikfgtqh9+5zax445ZmfuzNGtkL/
diOqmFf+6pcJdEIpj6us4XGo26V5bCTpoRJHwbitbxsfZoMJwwNG5ciRN/OcsZWc
50RN/dC0g+4WzbtwDp9PtJdsmWnrC+1vBO8CUpjhVVHSQzcVjoYgyRdeA0m/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpVb2xQ5VM5O4oEUBDqvsPDhOR4gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTM2MzgzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ublRMA0GCSqGSIb3DQEBCwUAA4IBAQAfdtx7WZI4HZ6PHt9uftO6dl7q7lSo1ALb
F4dmz/+IMY8WtBGysDZMnvpiWFSWwu7UDrr8i0Ot096Yyujvdqw2hfT2fbm0aXNQ
1haUOyj8ZkjToqCxLkNuj9cxcRVWjpZ+5mbhLdCWYLjPBIm8WuXNwf1RmzYxEzY7
GJWF9ZBrjdBBfJjYYK2n+W0CML+91HFpc6HviaCYaxc6cmo2DsQzg3FEfT5LV07j
kUe+TlIWNUL2H2uhA+tX4l7Uvglm+f0ZUS+FaNxYWld61+Rc0S8+Aiu17sjt/eqv
66l4JINEWLRy2+seB1uUuzCNf359ffu/zd52TmM5qC9Fy+V35WfS
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:24 2024 by rpki-client on console-ams.rpki-client.org