Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FvL+RGEt4dArn5NLuxHjSNaEDvyAloE8Cn2Anv0DF1Y=
Subject key identifier: 4E:09:87:9A:6E:2E:3B:F7:91:C3:AB:3B:BA:9E:75:7A:C0:0B:00:43
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 34FBA7CAAAE99C42ED332663F018E1705378187C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:29 +0000
ROA not before: Mon 26 Feb 2024 08:48:29 +0000
ROA not after: Mon 24 Feb 2025 08:53:29 +0000
asID: 136787
IP address blocks: 185.187.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:fb:a7:ca:aa:e9:9c:42:ed:33:26:63:f0:18:e1:70:53:78:18:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:29 2024 GMT
Not After : Feb 24 08:53:29 2025 GMT
Subject: CN=4E09879A6E2E3BF791C3AB3BBA9E757AC00B0043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:18:64:c6:98:bd:57:f6:ac:24:e0:6d:a3:
82:ce:62:27:ef:89:01:b5:2b:d0:90:28:46:78:67:
64:45:f7:3d:a4:ed:68:1a:d9:1b:56:ed:93:b8:94:
aa:db:a9:21:a4:70:a5:0b:61:64:49:bd:97:04:b2:
11:e5:a8:d2:c4:10:ab:7a:d8:50:2f:1d:8f:fc:4d:
17:5f:3e:7d:db:04:f7:24:88:18:69:fc:32:13:05:
50:44:39:c7:d9:c2:03:ac:33:23:1d:3a:1f:2b:6f:
78:8a:1c:d9:da:c2:3a:64:bb:6d:41:cc:f2:d7:23:
06:86:88:b6:f1:a3:65:05:6d:d2:fb:61:fa:4d:66:
f2:0e:d4:be:2c:a6:33:3a:3e:5b:0a:24:d5:91:d2:
5d:1b:13:84:5d:85:84:7a:6d:19:91:88:db:e5:54:
69:9c:33:6e:e7:6a:69:55:d7:f1:ce:d5:74:24:0d:
08:dd:3d:b3:1b:9b:6c:67:40:f9:6b:bc:a1:a8:40:
c5:47:d6:25:fe:f8:8d:c5:53:16:e1:0b:ae:b8:62:
28:83:94:a4:bf:30:d0:4f:5d:2e:91:af:ff:2c:01:
1b:b9:46:cf:13:a7:ed:21:69:51:95:c2:71:52:20:
ec:0f:90:98:e5:b9:2b:7d:55:2a:08:70:6a:4e:a1:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:09:87:9A:6E:2E:3B:F7:91:C3:AB:3B:BA:9E:75:7A:C0:0B:00:43
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.168.0/24
Signature Algorithm: sha256WithRSAEncryption
63:99:76:21:99:35:7f:ea:25:c1:cd:12:00:56:11:1c:62:cc:
4b:c5:a8:f4:e4:25:e1:da:ca:25:9f:7c:bc:bf:6d:67:f7:fd:
8d:91:ff:25:f2:77:bc:86:3b:81:3f:9e:b7:ad:bd:a0:bd:a7:
c0:9a:04:a4:8b:2f:2a:d9:3c:91:37:52:de:13:60:a6:ee:e0:
92:c3:70:33:74:39:cc:e1:a1:aa:90:be:d7:e9:be:89:f1:15:
00:8c:49:f3:9b:be:c9:20:18:08:3d:72:dd:88:1f:32:fc:b5:
1f:bb:9b:8b:92:20:ad:7c:57:4e:75:a7:d7:ef:12:09:79:46:
33:f2:03:ef:30:36:20:a6:62:84:56:9d:48:fc:b3:09:d7:c4:
3a:2a:da:06:4b:6e:58:2a:1e:2c:bd:31:f6:31:55:1c:c1:bc:
c0:1e:83:7d:9f:2c:72:c5:38:9d:73:3e:43:f7:e2:e4:0e:e6:
6f:9d:66:4d:cd:06:28:c4:6c:b4:22:48:d5:ca:b6:d3:ce:e0:
33:bd:a7:df:57:df:30:59:c2:7c:73:f6:f9:dd:5d:f8:5d:9a:
53:3c:98:70:71:19:9d:03:70:60:32:d2:d0:51:a5:10:0c:5e:
43:16:7c:72:9c:76:d7:9a:02:b5:4b:be:d5:c0:d3:b4:48:81:
85:22:99:05
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNPunyqrpnELtMyZj8BjhcFN4GHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjlaFw0yNTAyMjQwODUzMjlaMDMxMTAvBgNV
BAMTKDRFMDk4NzlBNkUyRTNCRjc5MUMzQUIzQkJBOUU3NTdBQzAwQjAwNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ehhkxpi9V/asJOBto4LOYifv
iQG1K9CQKEZ4Z2RF9z2k7Wga2RtW7ZO4lKrbqSGkcKULYWRJvZcEshHlqNLEEKt6
2FAvHY/8TRdfPn3bBPckiBhp/DITBVBEOcfZwgOsMyMdOh8rb3iKHNnawjpku21B
zPLXIwaGiLbxo2UFbdL7YfpNZvIO1L4spjM6PlsKJNWR0l0bE4RdhYR6bRmRiNvl
VGmcM27namlV1/HO1XQkDQjdPbMbm2xnQPlrvKGoQMVH1iX++I3FUxbhC664YiiD
lKS/MNBPXS6Rr/8sARu5Rs8Tp+0haVGVwnFSIOwPkJjluSt9VSoIcGpOoYd3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTgmHmm4uO/eRw6s7up51esALAEMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm7qDANBgkqhkiG9w0BAQsFAAOCAQEAY5l2IZk1f+olwc0SAFYRHGLMS8Wo
9OQl4drKJZ98vL9tZ/f9jZH/JfJ3vIY7gT+et629oL2nwJoEpIsvKtk8kTdS3hNg
pu7gksNwM3Q5zOGhqpC+1+m+ifEVAIxJ85u+ySAYCD1y3YgfMvy1H7ubi5IgrXxX
TnWn1+8SCXlGM/ID7zA2IKZihFadSPyzCdfEOiraBktuWCoeLL0x9jFVHMG8wB6D
fZ8scsU4nXM+Q/fi5A7mb51mTc0GKMRstCJI1cq2087gM72n31ffMFnCfHP2+d1d
+F2aUzyYcHEZnQNwYDLS0FGlEAxeQxZ8cpx215oCtUu+1cDTtEiBhSKZBQ==
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org