Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235312e302f32342d3332203d3e203531313637.roa
File: 3138352e3230372e3235312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 2KphZj6LQil+50dwjs/gqhbqj12LmnCiJ6+HubhYiMs=
Subject key identifier: A3:A7:C0:59:A9:82:58:76:63:31:0E:B9:04:72:42:65:83:54:1A:D7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 221D3B615A95E9169EE25F0E046A32D13B3E89EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235312e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:51 +0000
ROA not before: Fri 20 Oct 2023 13:36:51 +0000
ROA not after: Fri 18 Oct 2024 13:41:51 +0000
asID: 51167
IP address blocks: 185.207.251.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:1d:3b:61:5a:95:e9:16:9e:e2:5f:0e:04:6a:32:d1:3b:3e:89:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:51 2023 GMT
Not After : Oct 18 13:41:51 2024 GMT
Subject: CN=A3A7C059A982587663310EB90472426583541AD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a1:a3:a9:95:92:25:96:54:f3:a9:7e:ff:86:
fb:4a:b4:0b:76:9a:12:1d:c4:db:a3:2e:95:cb:67:
76:87:d1:d7:06:6f:ba:00:21:b5:d3:4f:5b:95:b4:
6b:15:7f:74:20:73:24:68:17:14:93:2d:9d:c9:92:
07:8a:d9:bf:10:d6:d2:cc:98:42:dd:78:8c:9c:f4:
22:de:89:46:ab:27:94:97:b5:de:ab:e5:82:88:68:
dc:e1:e3:9a:f2:01:ba:39:31:24:19:14:72:94:d5:
74:07:df:d2:08:12:29:a0:6d:46:ff:cf:de:86:f5:
d3:67:34:ad:ef:3d:95:65:ee:6f:8b:1e:34:7f:3c:
54:fe:81:f7:f6:48:f9:74:ab:9d:4f:12:1a:12:bf:
71:32:db:1d:b6:d8:6f:f0:58:79:6a:42:28:27:44:
d4:5e:15:56:4d:79:e8:ff:39:78:20:2e:4b:e6:87:
a7:e3:7e:64:c2:f0:44:9a:8f:78:ca:cf:18:80:c7:
b2:7c:78:a3:f0:d9:af:6a:64:20:ae:9e:30:35:61:
a4:59:9d:d7:be:30:7a:0e:0c:73:ad:90:c8:99:f5:
39:ff:85:86:d5:c1:bf:ea:69:04:6e:5a:8c:c3:2c:
af:9b:4d:66:a7:c7:de:5f:c6:11:ea:a6:85:5a:0c:
93:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A7:C0:59:A9:82:58:76:63:31:0E:B9:04:72:42:65:83:54:1A:D7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230372e3235312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.251.0/24
Signature Algorithm: sha256WithRSAEncryption
40:16:0e:29:1d:8a:a8:6c:42:fa:f0:f1:1c:db:d5:af:0d:38:
2f:34:81:d1:e1:ce:25:d5:47:b5:a3:ed:bb:cf:b9:ca:5d:bd:
47:be:3d:fb:c7:0a:dd:b5:42:9a:46:77:98:ba:1c:d8:6c:6d:
83:d2:98:4c:74:b8:d8:83:9c:7e:e8:2b:89:02:30:5f:1a:c7:
31:d1:d1:25:60:82:1a:f2:61:cc:ed:95:fd:15:4b:29:7b:79:
50:d3:44:bf:71:b0:2e:9d:29:80:cb:ef:d4:98:66:d3:47:13:
14:9b:87:01:c1:a2:5b:d1:5b:8f:e5:26:1a:45:22:9b:31:1d:
4c:f0:ca:01:70:0c:8e:72:ed:03:4a:de:bb:fb:af:c1:a6:cb:
96:14:a2:0f:2a:ad:55:3c:d2:d1:77:34:d5:b7:9f:3e:bf:d5:
52:ea:0a:98:46:cd:e0:82:df:d8:34:dd:f6:c3:f6:6e:c7:d6:
0a:68:7b:0e:91:65:80:c5:83:a3:bd:86:70:e1:68:9e:88:2d:
f6:d2:6a:53:2f:a1:66:3e:de:f4:88:3f:2a:07:8f:5e:a9:be:
4b:70:56:e2:70:c5:4d:25:0c:2b:ca:b4:e3:bf:31:d8:a7:95:
55:78:02:8a:80:7b:a9:ef:8a:8e:a6:7c:e8:e9:d8:78:6f:a5:
ca:cb:cb:f6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIh07YVqV6Rae4l8OBGoy0Ts+ieswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTFaFw0yNDEwMTgxMzQxNTFaMDMxMTAvBgNV
BAMTKEEzQTdDMDU5QTk4MjU4NzY2MzMxMEVCOTA0NzI0MjY1ODM1NDFBRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeoaOplZIlllTzqX7/hvtKtAt2
mhIdxNujLpXLZ3aH0dcGb7oAIbXTT1uVtGsVf3QgcyRoFxSTLZ3JkgeK2b8Q1tLM
mELdeIyc9CLeiUarJ5SXtd6r5YKIaNzh45ryAbo5MSQZFHKU1XQH39IIEimgbUb/
z96G9dNnNK3vPZVl7m+LHjR/PFT+gff2SPl0q51PEhoSv3Ey2x222G/wWHlqQign
RNReFVZNeej/OXggLkvmh6fjfmTC8ESaj3jKzxiAx7J8eKPw2a9qZCCunjA1YaRZ
nde+MHoODHOtkMiZ9Tn/hYbVwb/qaQRuWozDLK+bTWanx95fxhHqpoVaDJMZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUo6fAWamCWHZjMQ65BHJCZYNUGtcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzcyZTMy
MzUzMTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5z/swDQYJKoZIhvcNAQELBQADggEBAEAWDikdiqhsQvrw8Rzb1a8NOC80gdHh
ziXVR7Wj7bvPucpdvUe+PfvHCt21QppGd5i6HNhsbYPSmEx0uNiDnH7oK4kCMF8a
xzHR0SVgghryYcztlf0VSyl7eVDTRL9xsC6dKYDL79SYZtNHExSbhwHBolvRW4/l
JhpFIpsxHUzwygFwDI5y7QNK3rv7r8Gmy5YUog8qrVU80tF3NNW3nz6/1VLqCphG
zeCC39g03fbD9m7H1gpoew6RZYDFg6O9hnDhaJ6ILfbSalMvoWY+3vSIPyoHj16p
vktwVuJwxU0lDCvKtOO/MdinlVV4AoqAe6nvio6mfOjp2HhvpcrLy/Y=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org