Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 1xJKD3f9Aw1+PoUs4FRgN4SYwI7lUt5YWfERlRQX3yg=
Subject key identifier: CA:D9:25:74:D0:34:32:15:1A:EB:40:1F:FE:E4:38:A7:35:74:B7:BD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E63CAAD57119DE494678EC3F4D98DD831A6762C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:57 +0000
ROA not before: Fri 20 Oct 2023 13:36:57 +0000
ROA not after: Fri 18 Oct 2024 13:41:57 +0000
asID: 136787
IP address blocks: 185.199.103.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:63:ca:ad:57:11:9d:e4:94:67:8e:c3:f4:d9:8d:d8:31:a6:76:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:57 2023 GMT
Not After : Oct 18 13:41:57 2024 GMT
Subject: CN=CAD92574D03432151AEB401FFEE438A73574B7BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7b:1d:2d:c6:3d:04:a3:8c:72:40:e5:da:89:
39:51:6a:c9:8d:fe:82:bb:c6:ed:5a:f5:16:9c:ec:
e6:a9:52:91:48:28:02:b1:4d:8e:b5:aa:86:48:68:
91:bc:2f:56:1e:e7:0c:59:44:21:4e:c3:f6:70:25:
0c:51:4b:0e:44:ac:be:2b:23:c3:e4:6a:e8:40:69:
96:d8:2f:97:11:8a:14:d0:94:c3:20:84:31:0c:f4:
fd:63:dc:8a:fc:43:d1:f9:01:25:20:80:92:1c:44:
94:be:1b:c8:80:2d:4e:35:b1:58:a1:45:c8:c6:96:
02:47:7b:c7:94:50:8d:04:a5:9f:a9:2d:8b:68:0b:
96:db:d5:8c:61:a5:f9:cf:b2:13:ec:49:17:17:d8:
42:57:5c:29:41:98:b4:97:ed:3c:6b:a0:02:e1:51:
a0:09:77:cb:97:40:14:36:4e:0f:3b:25:07:8c:57:
be:34:d7:22:0c:d6:fe:81:34:e5:91:61:0e:3e:b6:
43:2a:9a:03:44:64:51:ee:d7:10:2c:cc:90:c7:4a:
80:a5:8d:4e:ee:aa:55:30:9b:c9:48:81:a6:dd:9b:
22:3e:83:95:4b:07:0a:6c:57:f3:04:d1:39:ae:7b:
31:ea:35:71:ed:c2:fa:f8:66:42:98:08:38:bf:2c:
25:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D9:25:74:D0:34:32:15:1A:EB:40:1F:FE:E4:38:A7:35:74:B7:BD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130332e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.103.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f3:4c:ab:9e:1c:1e:92:c4:76:eb:2a:90:47:ae:87:76:f5:
2f:5e:a3:c9:01:80:92:84:5d:50:db:e8:b9:53:c5:70:f0:08:
71:5e:0a:43:65:43:a7:6b:40:b1:a4:10:83:56:d9:8b:48:90:
44:50:68:d9:79:e2:cd:68:c7:07:84:2e:a3:5f:39:85:66:32:
40:da:51:84:12:f3:ea:89:d3:77:2e:3c:63:58:17:7b:72:20:
cb:8a:49:c2:6d:37:c6:83:94:70:f2:83:9a:7f:bf:2e:8a:50:
ad:d5:10:0e:b0:e5:97:d8:77:9b:6f:74:cc:cb:d5:c7:35:8d:
6a:b6:5e:39:df:08:41:b3:db:68:14:01:6d:2d:75:84:3c:a6:
15:d9:5a:38:4c:ac:cc:9b:04:26:41:36:b3:4a:b7:ad:65:87:
1d:ca:14:c1:e2:26:cc:f6:a0:e4:2d:cb:b1:b8:e1:5e:97:f3:
25:8c:b7:c4:d3:b8:a2:9a:bf:aa:2b:29:52:ae:e0:f9:1b:fb:
da:e3:84:24:7b:f9:b9:de:a9:17:78:d6:4a:a2:c1:bf:99:30:
ce:2b:fa:66:12:5a:ea:e6:69:32:d5:34:d9:3d:81:e8:ec:d7:
f5:a7:71:dd:7b:12:e0:9c:db:04:c1:3a:59:3f:c7:b1:ab:62:
b0:21:c5:14
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTmPKrVcRneSUZ47D9NmN2DGmdiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTdaFw0yNDEwMTgxMzQxNTdaMDMxMTAvBgNV
BAMTKENBRDkyNTc0RDAzNDMyMTUxQUVCNDAxRkZFRTQzOEE3MzU3NEI3QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ex0txj0Eo4xyQOXaiTlRasmN
/oK7xu1a9Rac7OapUpFIKAKxTY61qoZIaJG8L1Ye5wxZRCFOw/ZwJQxRSw5ErL4r
I8PkauhAaZbYL5cRihTQlMMghDEM9P1j3Ir8Q9H5ASUggJIcRJS+G8iALU41sVih
RcjGlgJHe8eUUI0EpZ+pLYtoC5bb1YxhpfnPshPsSRcX2EJXXClBmLSX7TxroALh
UaAJd8uXQBQ2Tg87JQeMV7401yIM1v6BNOWRYQ4+tkMqmgNEZFHu1xAszJDHSoCl
jU7uqlUwm8lIgabdmyI+g5VLBwpsV/ME0TmuezHqNXHtwvr4ZkKYCDi/LCUbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUytkldNA0MhUa60Af/uQ4pzV0t70wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZzANBgkqhkiG9w0BAQsFAAOCAQEAJfNMq54cHpLEdusqkEeuh3b1L16j
yQGAkoRdUNvouVPFcPAIcV4KQ2VDp2tAsaQQg1bZi0iQRFBo2XnizWjHB4Quo185
hWYyQNpRhBLz6onTdy48Y1gXe3Igy4pJwm03xoOUcPKDmn+/LopQrdUQDrDll9h3
m290zMvVxzWNarZeOd8IQbPbaBQBbS11hDymFdlaOEyszJsEJkE2s0q3rWWHHcoU
weImzPag5C3LsbjhXpfzJYy3xNO4opq/qispUq7g+Rv72uOEJHv5ud6pF3jWSqLB
v5kwziv6ZhJa6uZpMtU02T2B6OzX9adx3XsS4JzbBME6WT/HsatisCHFFA==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org