Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139372e3234382e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: KBRxWiCb2BteYv0GIn4wzZ/LnVlQIiS6LbJcio8F9fY=
Subject key identifier: 40:54:03:FF:00:61:B1:52:A5:DA:24:C1:DB:0E:1F:89:08:69:03:49
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 46751936BFEFE8AA2306036463F8425FD9AF305A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:03 +0000
ROA not before: Mon 26 Feb 2024 08:48:03 +0000
ROA not after: Mon 24 Feb 2025 08:53:03 +0000
asID: 136787
IP address blocks: 185.197.248.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:75:19:36:bf:ef:e8:aa:23:06:03:64:63:f8:42:5f:d9:af:30:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:03 2024 GMT
Not After : Feb 24 08:53:03 2025 GMT
Subject: CN=405403FF0061B152A5DA24C1DB0E1F8908690349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:34:d8:6c:7a:77:3f:24:3c:45:3a:25:46:
96:9a:65:1c:da:57:eb:70:fd:86:a2:85:bf:42:86:
e0:38:0a:d2:0a:d6:87:6d:99:bb:e5:26:a8:06:c8:
ed:19:f9:11:95:9d:d5:a5:fd:78:17:e2:a2:14:1a:
80:9a:9c:17:1a:e5:ef:ed:92:3d:bf:50:89:f6:cf:
f6:92:58:fa:1e:bd:bc:4c:e1:6a:67:91:7a:29:a3:
d1:78:69:c1:a6:d8:cd:a8:e2:99:f1:9b:1d:69:40:
64:e7:60:14:cf:a3:4d:98:d9:ec:20:e6:70:d9:cc:
75:10:6f:8b:17:34:f9:7d:d1:6b:6c:2e:9b:15:97:
f9:5a:f8:45:6e:55:22:d4:36:8e:42:06:14:44:00:
2a:cd:f2:f6:55:81:57:a2:66:e2:21:e9:bd:f8:7f:
3c:6d:d2:00:25:7c:8d:02:0e:5f:6a:30:9c:36:13:
17:b7:99:46:88:e9:81:73:f7:58:cf:6b:0a:4b:a7:
8e:6b:82:73:81:cd:27:2c:69:e1:6e:18:91:20:86:
cc:c6:b5:41:c5:fb:0e:57:5e:ea:95:fc:bf:dc:13:
3e:7d:0d:ae:45:74:02:c3:9b:8d:f6:a0:91:4f:26:
76:32:e6:3f:75:4a:5f:d6:67:fc:74:3a:ec:7e:78:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:54:03:FF:00:61:B1:52:A5:DA:24:C1:DB:0E:1F:89:08:69:03:49
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.248.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ed:0b:82:76:ce:62:b6:80:6f:3f:45:d6:98:8f:9d:fc:64:
eb:b2:6b:97:d9:4a:ce:5c:64:cc:77:87:73:f6:36:c7:01:f2:
99:d4:db:37:ff:bb:d4:34:8c:85:f0:6b:1f:00:ec:69:de:88:
36:1b:97:89:6e:a8:9a:19:9d:59:7e:f6:a0:fa:ed:29:43:ba:
87:d7:18:91:b4:db:b2:a4:ae:9b:5d:d3:c0:bb:4f:76:fd:00:
f4:13:85:ea:ab:9a:d8:6e:3d:b3:f4:04:81:c5:5f:53:31:90:
48:3a:b3:c6:96:93:87:e9:b7:67:e5:f9:48:f5:41:83:ef:60:
85:51:1f:5f:0f:b9:89:4d:e8:80:6e:da:f7:77:a7:ab:ff:bf:
48:22:c9:2f:93:60:4c:2b:0c:83:e2:6c:55:8d:bf:97:8d:72:
54:79:68:60:e5:27:d4:38:b7:32:9f:57:ce:5e:74:0f:a5:ad:
96:79:02:5a:d0:d4:3a:c9:07:7a:16:ef:6c:b0:85:e4:47:40:
cf:85:81:9d:65:3e:34:2f:dc:bf:d0:29:02:1c:d0:a3:48:0b:
d3:16:ba:cc:9f:c4:01:49:d6:ae:09:45:7c:6c:2b:bb:ab:f7:
97:0f:04:6f:63:65:30:1f:47:0a:4b:1e:f3:23:75:c1:d0:32:
86:15:cb:3b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURnUZNr/v6KojBgNkY/hCX9mvMFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDNaFw0yNTAyMjQwODUzMDNaMDMxMTAvBgNV
BAMTKDQwNTQwM0ZGMDA2MUIxNTJBNURBMjRDMURCMEUxRjg5MDg2OTAzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR3jTYbHp3PyQ8RTolRpaaZRza
V+tw/Yaihb9ChuA4CtIK1odtmbvlJqgGyO0Z+RGVndWl/XgX4qIUGoCanBca5e/t
kj2/UIn2z/aSWPoevbxM4WpnkXopo9F4acGm2M2o4pnxmx1pQGTnYBTPo02Y2ewg
5nDZzHUQb4sXNPl90WtsLpsVl/la+EVuVSLUNo5CBhREACrN8vZVgVeiZuIh6b34
fzxt0gAlfI0CDl9qMJw2Exe3mUaI6YFz91jPawpLp45rgnOBzScsaeFuGJEghszG
tUHF+w5XXuqV/L/cEz59Da5FdALDm432oJFPJnYy5j91Sl/WZ/x0Oux+eGULAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQFQD/wBhsVKl2iTB2w4fiQhpA0kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMy
MzQzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnF+DANBgkqhkiG9w0BAQsFAAOCAQEAIu0LgnbOYraAbz9F1piPnfxk67Jr
l9lKzlxkzHeHc/Y2xwHymdTbN/+71DSMhfBrHwDsad6INhuXiW6omhmdWX72oPrt
KUO6h9cYkbTbsqSum13TwLtPdv0A9BOF6qua2G49s/QEgcVfUzGQSDqzxpaTh+m3
Z+X5SPVBg+9ghVEfXw+5iU3ogG7a93enq/+/SCLJL5NgTCsMg+JsVY2/l41yVHlo
YOUn1Di3Mp9Xzl50D6WtlnkCWtDUOskHehbvbLCF5EdAz4WBnWU+NC/cv9ApAhzQ
o0gL0xa6zJ/EAUnWrglFfGwru6v3lw8Eb2NlMB9HCkse8yN1wdAyhhXLOw==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org