Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: BwF4kS90KssFEJTfn15JV2DV68wUzm7MOtCjNERqdGg=
Subject key identifier: D5:AA:7A:68:98:24:00:27:83:0B:14:58:BB:DB:C2:6A:02:FA:07:7B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 043088DD724280900E7A2996EF2174D396F633D0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:52 +0000
ROA not before: Fri 20 Oct 2023 13:36:52 +0000
ROA not after: Fri 18 Oct 2024 13:41:52 +0000
asID: 136787
IP address blocks: 185.199.102.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:30:88:dd:72:42:80:90:0e:7a:29:96:ef:21:74:d3:96:f6:33:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:52 2023 GMT
Not After : Oct 18 13:41:52 2024 GMT
Subject: CN=D5AA7A6898240027830B1458BBDBC26A02FA077B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7a:f3:f8:74:9f:36:77:26:5c:86:cf:8b:9e:
c6:14:15:9f:1a:70:05:96:bb:53:f4:ad:f8:89:79:
52:89:77:a4:0c:db:f4:95:d8:0f:92:c5:5e:29:6a:
e1:8c:08:29:9b:22:bc:cc:15:61:0c:27:20:55:18:
2f:8d:fa:d7:cc:05:b9:2e:94:ec:75:69:7c:f8:ec:
c0:62:5f:9f:2f:7c:2d:69:0b:f1:e4:64:4e:56:67:
bd:6b:fc:b9:1f:98:7b:9d:46:c3:13:8e:12:f9:0c:
7b:a0:97:40:12:f3:32:4c:6c:2f:96:3c:59:b3:b1:
d0:3f:9a:09:cb:15:f8:46:cb:1d:4f:79:df:76:40:
e9:0a:81:89:46:92:76:84:fa:9a:fc:21:15:1a:b8:
f7:e2:75:2e:19:9f:91:1c:f7:db:cb:76:f6:29:4a:
06:12:e4:4e:33:9d:36:c5:0a:2e:37:12:d3:fd:a5:
52:b1:83:52:2d:c9:67:50:bb:5d:3c:2b:ce:db:72:
3e:6c:d4:e9:c8:4c:65:27:81:f2:cc:2a:1e:af:0b:
14:df:ab:63:82:81:43:d7:3a:c6:ac:b0:67:73:f3:
d4:ca:dc:01:dc:ba:72:c7:02:ed:80:df:35:b5:27:
67:07:21:f8:8e:7a:7a:2a:31:18:a5:ea:50:b0:21:
84:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AA:7A:68:98:24:00:27:83:0B:14:58:BB:DB:C2:6A:02:FA:07:7B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:bd:9c:0f:37:a2:91:0f:6e:ff:fc:a2:ac:76:cf:75:28:9e:
b1:d6:2b:ce:23:ee:a2:ed:1c:01:20:af:fe:b3:82:55:31:2d:
50:3f:c1:50:02:6f:d3:05:fc:bb:e4:bd:19:3c:75:00:b3:44:
93:bf:b7:76:4d:55:9a:13:1e:b8:c7:51:d3:39:52:d2:4a:78:
b8:ba:f5:00:6d:2b:b2:08:16:e3:a1:08:94:6b:f2:f4:77:c1:
c2:c9:c6:74:85:a9:a8:aa:00:b4:c3:35:32:89:ed:46:44:17:
e5:71:66:4d:41:aa:3b:6f:48:9f:9d:69:18:85:91:db:a2:da:
42:6b:b0:99:f6:4c:10:89:55:10:35:9c:9b:54:a9:f8:4e:89:
07:92:0b:43:81:f6:b7:dc:3c:a0:0b:bc:b8:9d:eb:d6:d9:4c:
94:1f:31:83:26:b3:b5:c3:a7:9a:2a:82:2a:af:77:e7:03:79:
b9:6c:7b:1d:1d:63:00:b5:dd:e5:f8:98:00:de:fd:b2:b6:81:
1f:30:66:81:53:b7:a8:99:0b:19:4a:f8:1d:03:31:05:10:8c:
38:90:15:93:e0:43:31:84:fe:bf:3e:94:52:e9:0b:87:3a:d3:
34:5d:89:4a:fc:34:78:20:3a:67:8a:74:cf:01:50:9b:0f:af:
0a:49:9e:90
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBDCI3XJCgJAOeimW7yF005b2M9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTJaFw0yNDEwMTgxMzQxNTJaMDMxMTAvBgNV
BAMTKEQ1QUE3QTY4OTgyNDAwMjc4MzBCMTQ1OEJCREJDMjZBMDJGQTA3N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfevP4dJ82dyZchs+LnsYUFZ8a
cAWWu1P0rfiJeVKJd6QM2/SV2A+SxV4pauGMCCmbIrzMFWEMJyBVGC+N+tfMBbku
lOx1aXz47MBiX58vfC1pC/HkZE5WZ71r/LkfmHudRsMTjhL5DHugl0AS8zJMbC+W
PFmzsdA/mgnLFfhGyx1Ped92QOkKgYlGknaE+pr8IRUauPfidS4Zn5Ec99vLdvYp
SgYS5E4znTbFCi43EtP9pVKxg1ItyWdQu108K87bcj5s1OnITGUngfLMKh6vCxTf
q2OCgUPXOsassGdz89TK3AHcunLHAu2A3zW1J2cHIfiOenoqMRil6lCwIYSPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1ap6aJgkACeDCxRYu9vCagL6B3swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZjANBgkqhkiG9w0BAQsFAAOCAQEAar2cDzeikQ9u//yirHbPdSiesdYr
ziPuou0cASCv/rOCVTEtUD/BUAJv0wX8u+S9GTx1ALNEk7+3dk1VmhMeuMdR0zlS
0kp4uLr1AG0rsggW46EIlGvy9HfBwsnGdIWpqKoAtMM1MontRkQX5XFmTUGqO29I
n51pGIWR26LaQmuwmfZMEIlVEDWcm1Sp+E6JB5ILQ4H2t9w8oAu8uJ3r1tlMlB8x
gyaztcOnmiqCKq935wN5uWx7HR1jALXd5fiYAN79sraBHzBmgVO3qJkLGUr4HQMx
BRCMOJAVk+BDMYT+vz6UUukLhzrTNF2JSvw0eCA6Z4p0zwFQmw+vCkmekA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org