Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231312e372e302f32342d3234203d3e203437353833.roa
File: 3138352e3231312e372e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: 7INcptQ3N5+gyaNVoosbx++prBsoQj7GXM+SpBhkVkg=
Subject key identifier: A5:BC:1D:10:21:C5:2D:7D:AE:EF:E1:08:2B:A6:D1:D7:80:28:76:5B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0FF463F95BAB3CCC0595A1A6F55E4C8E3A3AE03C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231312e372e302f32342d3234203d3e203437353833.roa
Signing time: Fri 20 Oct 2023 13:41:55 +0000
ROA not before: Fri 20 Oct 2023 13:36:55 +0000
ROA not after: Fri 18 Oct 2024 13:41:55 +0000
asID: 47583
IP address blocks: 185.211.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:f4:63:f9:5b:ab:3c:cc:05:95:a1:a6:f5:5e:4c:8e:3a:3a:e0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:55 2023 GMT
Not After : Oct 18 13:41:55 2024 GMT
Subject: CN=A5BC1D1021C52D7DAEEFE1082BA6D1D78028765B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:85:61:bd:cb:be:a0:46:c3:5b:34:83:b4:38:
10:e9:47:e1:85:fa:ee:97:c5:64:d7:7a:bc:9b:57:
0f:b6:1d:42:f4:81:35:93:5d:db:10:ca:90:3d:5b:
86:14:ca:2f:ab:04:f7:6d:74:17:94:64:b4:9b:4b:
62:9b:cb:69:16:0f:99:ec:07:2f:ad:10:fb:77:dd:
6e:e3:55:27:0c:eb:5b:66:89:1b:ee:c0:f1:79:35:
f3:fc:6f:74:c5:aa:69:5c:38:92:2e:b0:bb:2f:14:
66:3b:66:ee:77:6b:ee:be:2f:fa:24:2f:58:0c:1b:
59:b8:5e:0e:79:d3:2f:d4:fa:ef:da:bb:a2:ce:42:
05:9f:f9:1c:98:2a:d5:71:2e:9e:60:61:00:97:ec:
06:e3:52:dc:50:10:1e:b5:a5:c2:b6:17:7e:31:c0:
67:e6:ef:cd:5b:a3:e9:ae:f3:48:02:13:e6:b5:e0:
94:1b:d0:bf:14:1a:3c:c2:ae:2e:da:ff:ea:a9:df:
f0:2f:99:6c:1c:03:d7:07:5f:66:46:77:37:1b:47:
45:1a:0b:c9:e2:d0:e4:ba:0b:56:df:0c:fe:63:35:
47:40:5c:c7:c8:0a:a5:c1:5a:7e:9f:d0:56:f9:ce:
f6:31:fe:a1:21:a6:20:8d:4b:65:e5:a2:fb:ae:11:
b9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BC:1D:10:21:C5:2D:7D:AE:EF:E1:08:2B:A6:D1:D7:80:28:76:5B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231312e372e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.7.0/24
Signature Algorithm: sha256WithRSAEncryption
50:8f:e7:a7:ae:82:d6:1a:50:90:e5:23:e2:c5:d8:c3:e3:d9:
80:86:6f:66:c6:1b:32:c5:f2:fd:25:61:79:6d:39:72:d4:76:
61:12:46:8d:40:27:69:23:46:9e:32:47:b8:00:67:35:12:43:
28:37:50:2c:c4:c6:b0:40:1e:cf:29:7e:de:70:4e:c5:22:a5:
db:05:a0:99:0e:6b:71:e6:cb:8d:97:8c:a0:3e:c9:7b:89:a1:
74:63:08:83:19:bf:e9:64:dd:81:90:62:80:64:1b:04:bc:3f:
fb:e5:af:d4:fd:6f:26:99:6e:30:f4:34:b0:c0:74:47:bc:84:
59:0c:2f:fd:47:92:bf:f2:b0:eb:3b:b9:77:eb:ec:26:83:2a:
d9:e2:d1:24:80:68:ae:4c:6a:17:89:f6:1a:73:74:c9:ee:b2:
d7:4d:39:a9:23:99:6a:a2:0b:73:ec:18:9e:df:3a:24:f7:9f:
3c:76:9a:7d:b5:da:e1:bd:3b:46:1a:ec:0b:8d:6e:04:f3:45:
ce:93:82:a1:68:fb:d6:e8:83:56:a0:67:25:bc:75:8d:06:58:
3f:ca:2f:b1:d2:50:8b:52:d8:57:51:5f:85:5f:92:61:2e:df:
59:37:09:ae:46:a1:94:ed:14:67:b7:72:18:b9:27:bb:ec:eb:
1b:ba:65:2f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUD/Rj+VurPMwFlaGm9V5Mjjo64DwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTVaFw0yNDEwMTgxMzQxNTVaMDMxMTAvBgNV
BAMTKEE1QkMxRDEwMjFDNTJEN0RBRUVGRTEwODJCQTZEMUQ3ODAyODc2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8hWG9y76gRsNbNIO0OBDpR+GF
+u6XxWTXerybVw+2HUL0gTWTXdsQypA9W4YUyi+rBPdtdBeUZLSbS2Kby2kWD5ns
By+tEPt33W7jVScM61tmiRvuwPF5NfP8b3TFqmlcOJIusLsvFGY7Zu53a+6+L/ok
L1gMG1m4Xg550y/U+u/au6LOQgWf+RyYKtVxLp5gYQCX7AbjUtxQEB61pcK2F34x
wGfm781bo+mu80gCE+a14JQb0L8UGjzCri7a/+qp3/AvmWwcA9cHX2ZGdzcbR0Ua
C8ni0OS6C1bfDP5jNUdAXMfICqXBWn6f0Fb5zvYx/qEhpiCNS2XlovuuEbm7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpbwdECHFLX2u7+EIK6bR14AodlswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzEyZTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnT
BzANBgkqhkiG9w0BAQsFAAOCAQEAUI/np66C1hpQkOUj4sXYw+PZgIZvZsYbMsXy
/SVheW05ctR2YRJGjUAnaSNGnjJHuABnNRJDKDdQLMTGsEAezyl+3nBOxSKl2wWg
mQ5rcebLjZeMoD7Je4mhdGMIgxm/6WTdgZBigGQbBLw/++Wv1P1vJpluMPQ0sMB0
R7yEWQwv/UeSv/Kw6zu5d+vsJoMq2eLRJIBorkxqF4n2GnN0ye6y1005qSOZaqIL
c+wYnt86JPefPHaafbXa4b07RhrsC41uBPNFzpOCoWj71uiDVqBnJbx1jQZYP8ov
sdJQi1LYV1FfhV+SYS7fWTcJrkahlO0UZ7dyGLknu+zrG7plLw==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org