Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: +ShTQHBL32gCXiYBqZISx12/osjFvPHRlgJIWuNu6Uk=
Subject key identifier: C3:DC:F2:96:E6:24:8F:CF:AE:60:0B:3E:47:47:D6:56:57:EB:B0:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D655BCB96074AD144EA1C50E467E19D3CCD6342
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
Signing time: Fri 20 Oct 2023 13:41:57 +0000
ROA not before: Fri 20 Oct 2023 13:36:57 +0000
ROA not after: Fri 18 Oct 2024 13:41:57 +0000
asID: 58212
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:65:5b:cb:96:07:4a:d1:44:ea:1c:50:e4:67:e1:9d:3c:cd:63:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:57 2023 GMT
Not After : Oct 18 13:41:57 2024 GMT
Subject: CN=C3DCF296E6248FCFAE600B3E4747D65657EBB0B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ae:0a:89:25:75:5e:68:e8:fd:33:42:c7:dd:
02:62:85:52:ba:41:0d:e6:a9:d6:67:07:42:fd:22:
d2:19:97:c5:05:6a:4c:9c:bc:2f:73:c8:e0:d0:9a:
31:d8:65:ba:61:f9:62:71:82:40:6c:4e:f7:ae:1e:
a4:e1:98:68:1c:9d:ee:1c:64:12:db:84:8f:16:9d:
7d:e0:a4:e5:be:66:b4:42:25:28:5d:59:c1:ae:e4:
dd:e1:db:90:ad:8b:7d:37:c4:cb:3f:d2:e3:91:9f:
fb:0e:c4:99:6f:7c:f1:b1:55:13:6c:61:78:21:e5:
57:02:3c:6c:43:87:08:26:1b:17:69:6e:73:90:36:
c4:29:18:75:af:23:64:f7:d5:84:1d:da:5e:58:fa:
51:8b:3f:6f:f1:c5:a7:af:76:e0:23:b3:8b:6b:9c:
33:43:3d:df:34:50:2a:93:71:b0:21:87:2b:b0:07:
1b:1f:7d:50:7a:9b:e6:8c:30:67:34:e2:56:0e:84:
a2:4f:fe:37:e9:a7:0b:ca:b9:78:53:39:80:47:51:
9b:2b:36:33:ec:1f:c3:da:3c:8f:13:f8:48:f2:72:
81:67:99:73:8e:fe:39:40:eb:4a:45:6f:a7:fd:1e:
50:e5:93:5f:49:2a:24:7b:ee:49:2b:f3:fb:79:89:
1f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DC:F2:96:E6:24:8F:CF:AE:60:0B:3E:47:47:D6:56:57:EB:B0:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
33:6e:c8:f3:47:f9:39:94:fa:cd:3d:04:7a:cc:20:da:fc:c7:
6d:e3:1e:8b:f2:7b:7f:ff:0b:07:ed:18:47:45:d1:fc:44:1a:
ba:14:4a:5f:b5:f7:d4:c2:a4:0a:93:f8:d3:44:9c:e5:ec:59:
51:89:19:17:d7:c5:f6:b3:52:0c:34:39:25:f8:49:f6:a3:42:
80:80:31:8e:0c:f0:26:1c:45:50:38:85:fa:41:79:84:5b:23:
2e:a3:a6:78:5a:d1:fe:94:56:75:3e:77:d7:12:a0:1d:b2:b4:
63:83:6a:fa:21:eb:ea:93:e7:b0:62:25:4b:fc:0d:44:09:6d:
59:bd:3e:6f:74:3b:2a:1c:45:d9:64:82:b8:92:69:a4:de:de:
83:59:6b:c0:c0:ab:74:54:9d:9d:83:49:56:5f:44:48:4d:f4:
f6:ab:e3:93:60:b2:71:78:62:42:a5:df:58:b0:9d:1d:85:d8:
cf:f1:49:ee:f3:03:61:e4:f9:e2:b9:81:6c:54:24:0a:12:df:
52:5b:2c:46:1e:a2:03:27:5c:21:d9:c6:24:38:1e:9e:9e:57:
a8:f7:a1:ad:39:ac:eb:72:a7:2f:0f:34:c3:c3:7d:14:a0:93:
21:f1:1e:f3:9a:ec:3c:7c:26:99:21:63:70:39:91:54:1e:fd:
f5:e0:f5:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbWVby5YHStFE6hxQ5GfhnTzNY0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTdaFw0yNDEwMTgxMzQxNTdaMDMxMTAvBgNV
BAMTKEMzRENGMjk2RTYyNDhGQ0ZBRTYwMEIzRTQ3NDdENjU2NTdFQkIwQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDurgqJJXVeaOj9M0LH3QJihVK6
QQ3mqdZnB0L9ItIZl8UFakycvC9zyODQmjHYZbph+WJxgkBsTveuHqThmGgcne4c
ZBLbhI8WnX3gpOW+ZrRCJShdWcGu5N3h25Cti303xMs/0uORn/sOxJlvfPGxVRNs
YXgh5VcCPGxDhwgmGxdpbnOQNsQpGHWvI2T31YQd2l5Y+lGLP2/xxaevduAjs4tr
nDNDPd80UCqTcbAhhyuwBxsffVB6m+aMMGc04lYOhKJP/jfppwvKuXhTOYBHUZsr
NjPsH8PaPI8T+EjycoFnmXOO/jlA60pFb6f9HlDlk19JKiR77kkr8/t5iR/LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw9zyluYkj8+uYAs+R0fWVlfrsLMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBADNuyPNH+TmU+s09BHrMINr8x23jHovy
e3//CwftGEdF0fxEGroUSl+199TCpAqT+NNEnOXsWVGJGRfXxfazUgw0OSX4Sfaj
QoCAMY4M8CYcRVA4hfpBeYRbIy6jpnha0f6UVnU+d9cSoB2ytGODavoh6+qT57Bi
JUv8DUQJbVm9Pm90OyocRdlkgriSaaTe3oNZa8DAq3RUnZ2DSVZfREhN9Par45Ng
snF4YkKl31iwnR2F2M/xSe7zA2Hk+eK5gWxUJAoS31JbLEYeogMnXCHZxiQ4Hp6e
V6j3oa05rOtypy8PNMPDfRSgkyHxHvOa7Dx8JpkhY3A5kVQe/fXg9Qk=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org