Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: 6sXUcmXM47+hgBV+fbvdz4EN9p9AmrZxoQ2npo5J6H8=
Subject key identifier: 9C:BD:2E:4A:99:13:7D:E5:4F:41:FE:55:49:CA:54:2B:14:4F:B0:F2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 500969B3F0ABD8B57EAF588D01B0136880B8CDCA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 20 Oct 2023 13:41:56 +0000
ROA not before: Fri 20 Oct 2023 13:36:56 +0000
ROA not after: Fri 18 Oct 2024 13:41:56 +0000
asID: 141039
IP address blocks: 185.202.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:09:69:b3:f0:ab:d8:b5:7e:af:58:8d:01:b0:13:68:80:b8:cd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:56 2023 GMT
Not After : Oct 18 13:41:56 2024 GMT
Subject: CN=9CBD2E4A99137DE54F41FE5549CA542B144FB0F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:63:18:f3:34:65:af:1a:87:a9:80:ec:66:20:
4a:ff:9d:ec:24:38:a1:ef:7d:d0:cd:34:87:27:64:
d4:6d:d2:7b:99:56:e6:13:b5:69:41:94:24:d8:e7:
c3:8f:7a:be:4b:8b:d2:47:c9:a1:9f:b1:63:06:23:
b4:9a:7f:0c:5a:26:ca:38:60:22:96:31:2f:0f:06:
d8:82:07:8a:7c:82:bd:5c:bc:fc:b7:8e:54:a9:c5:
ce:22:47:4b:90:ba:6e:42:75:9a:3f:45:bb:55:fe:
d2:84:e8:4b:75:08:71:e1:c5:e9:38:11:2c:7a:49:
ad:d4:14:63:cc:eb:5b:88:73:f6:9e:32:9a:44:79:
aa:8a:e2:0e:ba:6c:f0:19:6a:8a:96:12:c1:da:fc:
82:65:e0:4b:da:15:75:93:1f:a5:98:c0:67:2f:f3:
3f:b3:ac:4e:60:64:61:0f:ae:81:48:41:6c:30:fa:
0d:72:17:13:fa:fb:fa:98:b4:a5:f4:d2:44:b7:ee:
76:7d:dc:e3:4b:4c:a2:88:bb:58:9e:db:9d:b8:83:
7a:a0:d9:ee:1b:a7:1d:8e:06:32:05:ec:b7:7c:0b:
ce:3c:4d:95:7c:e3:48:1b:18:45:08:6c:db:3a:6f:
a1:9e:59:b1:af:3e:b3:4c:b1:9b:17:f6:75:b4:18:
f8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BD:2E:4A:99:13:7D:E5:4F:41:FE:55:49:CA:54:2B:14:4F:B0:F2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232302e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.220.0/24
Signature Algorithm: sha256WithRSAEncryption
97:4d:01:e0:c0:d5:31:bc:55:8d:bf:b4:ba:20:a9:3e:10:8d:
63:b8:c5:d5:b2:e1:98:0a:a8:f1:cd:d4:2c:81:43:3a:1d:ca:
6b:1a:80:89:d3:30:2d:45:fc:9b:34:dc:93:6a:28:15:37:13:
5d:57:5b:5e:21:ee:27:6f:b6:f6:1c:9e:ff:4f:6c:25:1d:4b:
09:f9:98:9a:5a:ae:bf:a1:47:85:00:0c:f4:e7:46:3e:7f:ea:
4b:6d:18:d3:ae:35:26:ce:18:c4:20:66:a7:d9:ae:b8:5a:8a:
cd:70:31:15:4c:0f:3c:88:d4:31:06:d7:e1:65:56:dd:a6:87:
f2:99:22:e1:70:ad:59:14:10:1e:09:e9:fe:15:8f:34:61:93:
eb:40:44:cb:ad:4a:24:22:68:27:5b:88:b1:4c:7f:15:d5:dc:
13:eb:18:44:c8:8b:f7:76:15:39:02:9c:79:70:9e:9c:b8:dc:
43:c3:17:7a:26:fb:2d:74:73:42:51:68:b6:59:e7:87:11:6e:
ad:6f:27:be:4b:72:fd:b8:8e:ec:82:d2:0e:c2:c0:33:30:de:
35:d2:44:8a:f1:f9:e2:d7:d8:a0:b5:fd:f2:e1:c2:a1:8a:90:
5f:b6:78:99:62:d8:df:17:4f:62:dc:28:71:e5:3c:74:c5:da:
4a:e9:44:3e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUAlps/Cr2LV+r1iNAbATaIC4zcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTZaFw0yNDEwMTgxMzQxNTZaMDMxMTAvBgNV
BAMTKDlDQkQyRTRBOTkxMzdERTU0RjQxRkU1NTQ5Q0E1NDJCMTQ0RkIwRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpYxjzNGWvGoepgOxmIEr/newk
OKHvfdDNNIcnZNRt0nuZVuYTtWlBlCTY58OPer5Li9JHyaGfsWMGI7SafwxaJso4
YCKWMS8PBtiCB4p8gr1cvPy3jlSpxc4iR0uQum5CdZo/RbtV/tKE6Et1CHHhxek4
ESx6Sa3UFGPM61uIc/aeMppEeaqK4g66bPAZaoqWEsHa/IJl4EvaFXWTH6WYwGcv
8z+zrE5gZGEProFIQWww+g1yFxP6+/qYtKX00kS37nZ93ONLTKKIu1ie2524g3qg
2e4bpx2OBjIF7Ld8C848TZV840gbGEUIbNs6b6GeWbGvPrNMsZsX9nW0GPiRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnL0uSpkTfeVPQf5VScpUKxRPsPIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnK3DANBgkqhkiG9w0BAQsFAAOCAQEAl00B4MDVMbxVjb+0uiCpPhCNY7jF
1bLhmAqo8c3ULIFDOh3KaxqAidMwLUX8mzTck2ooFTcTXVdbXiHuJ2+29hye/09s
JR1LCfmYmlquv6FHhQAM9OdGPn/qS20Y0641Js4YxCBmp9muuFqKzXAxFUwPPIjU
MQbX4WVW3aaH8pki4XCtWRQQHgnp/hWPNGGT60BEy61KJCJoJ1uIsUx/FdXcE+sY
RMiL93YVOQKceXCenLjcQ8MXeib7LXRzQlFotlnnhxFurW8nvkty/biO7ILSDsLA
MzDeNdJEivH54tfYoLX98uHCoYqQX7Z4mWLY3xdPYtwoceU8dMXaSulEPg==
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org