Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa (raw, json)
Hash identifier: 18BCkZHdkYbSvvA5FFHkMXijy0fU8qDKCjrqEh6Q2+0=
Subject key identifier: 68:B9:2A:BB:B2:4E:D3:16:75:47:50:57:52:CC:95:43:50:6F:A8:88
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0358C70744A4A071B5AF17777C6C4213177A7E05
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
Signing time: Fri 20 Oct 2023 13:41:44 +0000
ROA not before: Fri 20 Oct 2023 13:36:44 +0000
ROA not after: Fri 18 Oct 2024 13:41:44 +0000
asID: 212053
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:58:c7:07:44:a4:a0:71:b5:af:17:77:7c:6c:42:13:17:7a:7e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:44 2023 GMT
Not After : Oct 18 13:41:44 2024 GMT
Subject: CN=68B92ABBB24ED3167547505752CC9543506FA888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:05:7f:e9:90:cd:d4:5f:86:6f:70:9c:5f:
32:85:88:12:de:97:e5:41:63:2d:31:e7:08:65:d8:
49:5b:e4:10:19:b0:c7:35:04:9b:fb:fc:90:f4:82:
25:26:13:3d:5c:06:50:35:ac:86:c6:85:b4:b6:41:
34:76:3e:5c:af:34:c9:63:08:c5:6d:2c:a9:b3:ee:
56:10:fe:01:26:17:09:fa:a6:99:9a:1c:c2:9c:fe:
94:ee:96:df:e0:91:32:0e:02:34:ba:04:8c:4d:da:
40:0a:8e:71:a6:f5:53:f4:27:b3:e7:03:c3:76:91:
6e:19:2a:0b:59:81:73:69:56:b7:db:d3:51:78:a0:
0f:b4:79:0a:ea:7c:cd:e9:70:52:0f:35:1b:fb:c2:
11:d2:54:2b:85:92:bc:94:e0:80:89:f7:1c:34:fd:
a3:26:fc:27:4a:ac:79:11:32:e4:00:04:90:63:50:
30:cb:ea:0b:25:6c:ab:ee:ad:e1:9f:71:86:8d:cb:
18:17:99:a2:82:57:b9:fe:84:57:04:1a:22:f4:7e:
d8:e4:f3:2c:be:91:d0:14:e2:0a:b2:26:91:f6:64:
24:7e:17:7c:1b:42:5b:49:b6:b8:72:8f:d4:05:21:
3e:cf:42:02:89:12:b2:0d:07:0a:2c:dc:01:a2:99:
9b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B9:2A:BB:B2:4E:D3:16:75:47:50:57:52:CC:95:43:50:6F:A8:88
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20323132303533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
98:07:08:a9:8b:44:5e:9c:34:07:dd:e1:e7:08:4a:8a:92:49:
c0:ab:90:31:37:37:98:59:e4:c7:91:f4:c3:1f:5a:75:bc:44:
2c:a5:26:37:87:bb:61:f2:4f:30:b4:56:69:ab:f1:46:5f:2a:
06:44:94:e9:be:a7:45:ad:2c:15:8e:9a:a6:2d:9c:08:62:91:
62:47:22:10:94:97:1c:01:a1:22:29:14:7e:2a:09:23:25:3d:
19:86:19:8b:ab:64:ac:b8:e5:3b:bd:7c:1b:cc:90:e7:94:3e:
e8:9b:e5:01:77:6d:5f:55:a8:cf:a6:da:c9:21:ce:a5:82:35:
50:30:74:ee:1a:71:be:8c:d8:c5:62:a4:00:9a:90:6c:ff:c0:
bf:b6:c8:30:95:d3:81:ef:d4:f4:c9:6f:40:4c:80:33:7d:1a:
63:fa:8e:49:9d:cd:67:bc:dd:75:59:bd:13:39:30:14:ff:5a:
6c:de:74:86:60:e9:a4:70:c5:0d:1b:ac:f6:cf:56:87:8f:c1:
a5:43:4c:bb:1c:b0:dd:af:34:e5:ee:8b:ed:af:c1:85:1d:11:
7f:c5:1e:f1:dd:39:f7:1a:f1:0c:70:bb:58:5e:27:90:2e:39:
d1:ea:b6:59:05:53:a5:3e:8e:0b:23:2a:72:19:4d:50:81:df:
47:65:e8:a3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUA1jHB0SkoHG1rxd3fGxCExd6fgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDRaFw0yNDEwMTgxMzQxNDRaMDMxMTAvBgNV
BAMTKDY4QjkyQUJCQjI0RUQzMTY3NTQ3NTA1NzUyQ0M5NTQzNTA2RkE4ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO9QV/6ZDN1F+Gb3CcXzKFiBLe
l+VBYy0x5whl2Elb5BAZsMc1BJv7/JD0giUmEz1cBlA1rIbGhbS2QTR2PlyvNMlj
CMVtLKmz7lYQ/gEmFwn6ppmaHMKc/pTult/gkTIOAjS6BIxN2kAKjnGm9VP0J7Pn
A8N2kW4ZKgtZgXNpVrfb01F4oA+0eQrqfM3pcFIPNRv7whHSVCuFkryU4ICJ9xw0
/aMm/CdKrHkRMuQABJBjUDDL6gslbKvureGfcYaNyxgXmaKCV7n+hFcEGiL0ftjk
8yy+kdAU4gqyJpH2ZCR+F3wbQltJtrhyj9QFIT7PQgKJErINBwos3AGimZtFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaLkqu7JO0xZ1R1BXUsyVQ1BvqIgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMwMzUzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm76jANBgkqhkiG9w0BAQsFAAOCAQEAmAcIqYtEXpw0B93h5whKipJJwKuQ
MTc3mFnkx5H0wx9adbxELKUmN4e7YfJPMLRWaavxRl8qBkSU6b6nRa0sFY6api2c
CGKRYkciEJSXHAGhIikUfioJIyU9GYYZi6tkrLjlO718G8yQ55Q+6JvlAXdtX1Wo
z6baySHOpYI1UDB07hpxvozYxWKkAJqQbP/Av7bIMJXTge/U9MlvQEyAM30aY/qO
SZ3NZ7zddVm9EzkwFP9abN50hmDppHDFDRus9s9Wh4/BpUNMuxyw3a805e6L7a/B
hR0Rf8Ue8d059xrxDHC7WF4nkC450eq2WQVTpT6OCyMqchlNUIHfR2Xoow==
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org