Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: M7GZML9eFKeB6jP11RCuYmGZZOZTiDUHobW0MuNwNFI=
Subject key identifier: 9A:27:06:07:06:2D:9D:B5:51:4D:18:08:F2:20:CB:17:27:2A:40:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3771A0562CE367F11EA6A51B7391CED0A1D9FEFD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 14 Jul 2023 06:42:28 +0000
ROA not before: Fri 14 Jul 2023 06:37:28 +0000
ROA not after: Fri 12 Jul 2024 06:42:28 +0000
asID: 207137
IP address blocks: 185.214.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:71:a0:56:2c:e3:67:f1:1e:a6:a5:1b:73:91:ce:d0:a1:d9:fe:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 14 06:37:28 2023 GMT
Not After : Jul 12 06:42:28 2024 GMT
Subject: CN=9A270607062D9DB5514D1808F220CB17272A4095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6c:1f:59:ff:55:8b:70:71:7d:e5:58:9b:08:
24:57:8d:2a:76:89:c5:b3:9d:5e:fc:3e:88:c3:71:
9d:2e:7e:62:44:5e:43:0f:ce:64:be:44:90:78:92:
1d:84:cd:c7:e0:0c:5d:18:5f:b8:b0:1d:a1:59:cd:
84:3c:6a:68:47:2b:e6:70:fa:9d:ef:ab:ea:ca:ac:
b8:e2:38:ad:5d:a8:92:d8:af:43:fc:2c:9d:1a:cb:
3b:f4:a2:0f:f1:68:83:30:63:65:af:e9:72:e2:b5:
ed:4c:6a:92:9f:23:17:3a:e2:05:47:55:1e:42:4c:
e8:d5:7b:3e:22:58:1a:95:1f:b4:f2:36:70:7a:57:
99:7f:7d:41:2f:6d:d5:ab:d6:d3:b7:96:b3:44:10:
e4:ac:c8:fd:fd:8e:97:41:67:9f:56:f9:64:00:eb:
85:f2:22:ef:f5:88:7e:0f:e4:4c:c4:bc:64:a4:22:
db:8d:d2:8a:cc:f6:f7:5d:eb:76:8a:2f:90:0f:eb:
34:f1:21:1b:1f:a7:46:e7:5d:9d:0f:e6:ce:00:43:
ce:e7:62:62:94:fb:7b:74:54:db:85:05:be:f0:3b:
93:36:75:67:3d:36:fc:34:e7:35:43:fd:12:4b:f0:
aa:f6:a4:30:0c:7b:62:66:f4:52:f3:07:da:1b:3a:
63:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:27:06:07:06:2D:9D:B5:51:4D:18:08:F2:20:CB:17:27:2A:40:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.96.0/24
Signature Algorithm: sha256WithRSAEncryption
97:60:9b:a3:9c:33:a0:4c:b1:16:a8:f9:9e:f6:13:5c:05:01:
47:0d:ca:26:15:eb:f4:51:e5:40:8c:c3:d7:8e:3b:08:eb:99:
9a:8e:af:28:97:96:e7:9e:5a:30:ca:4b:08:3a:db:30:90:e9:
e1:00:e1:6f:65:06:33:7f:49:77:ae:17:32:5c:53:c4:f0:eb:
42:ae:b3:e7:fd:48:16:9d:23:13:18:da:bd:54:6e:40:a6:47:
b6:e9:69:31:4a:a9:9c:5d:a1:9a:b6:9f:ba:cf:57:93:9a:84:
d3:10:53:72:8b:94:9d:66:77:c2:22:52:75:a5:60:3c:b8:33:
c3:26:0a:d0:b7:86:39:15:80:42:d3:89:c7:60:95:bd:63:c1:
c7:ee:7d:c9:a8:bd:fd:61:c8:2b:c5:8e:ff:85:8e:a5:8f:0c:
6e:78:91:13:3b:9e:7f:d1:92:70:67:fb:50:4c:37:8f:dd:2e:
69:56:4b:42:d1:62:11:36:b6:ab:8b:c4:c2:5b:a2:7e:1e:87:
18:4d:dc:57:a8:28:02:0d:82:81:bf:82:55:dd:3b:3e:ee:23:
2d:33:73:05:83:c4:ec:75:78:8e:9f:65:4f:95:86:2f:66:61:
1a:95:fb:6d:26:6b:82:53:90:ec:3c:93:99:92:75:62:8e:63:
18:73:2e:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN3GgVizjZ/EepqUbc5HO0KHZ/v0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MTQwNjM3MjhaFw0yNDA3MTIwNjQyMjhaMDMxMTAvBgNV
BAMTKDlBMjcwNjA3MDYyRDlEQjU1MTREMTgwOEYyMjBDQjE3MjcyQTQwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDobB9Z/1WLcHF95VibCCRXjSp2
icWznV78PojDcZ0ufmJEXkMPzmS+RJB4kh2EzcfgDF0YX7iwHaFZzYQ8amhHK+Zw
+p3vq+rKrLjiOK1dqJLYr0P8LJ0ayzv0og/xaIMwY2Wv6XLite1MapKfIxc64gVH
VR5CTOjVez4iWBqVH7TyNnB6V5l/fUEvbdWr1tO3lrNEEOSsyP39jpdBZ59W+WQA
64XyIu/1iH4P5EzEvGSkItuN0orM9vdd63aKL5AP6zTxIRsfp0bnXZ0P5s4AQ87n
YmKU+3t0VNuFBb7wO5M2dWc9Nvw05zVD/RJL8Kr2pDAMe2Jm9FLzB9obOmN3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmicGBwYtnbVRTRgI8iDLFycqQJUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mAwDQYJKoZIhvcNAQELBQADggEBAJdgm6OcM6BMsRao+Z72E1wFAUcNyiYV
6/RR5UCMw9eOOwjrmZqOryiXlueeWjDKSwg62zCQ6eEA4W9lBjN/SXeuFzJcU8Tw
60Kus+f9SBadIxMY2r1UbkCmR7bpaTFKqZxdoZq2n7rPV5OahNMQU3KLlJ1md8Ii
UnWlYDy4M8MmCtC3hjkVgELTicdglb1jwcfufcmovf1hyCvFjv+FjqWPDG54kRM7
nn/RknBn+1BMN4/dLmlWS0LRYhE2tquLxMJbon4ehxhN3FeoKAINgoG/glXdOz7u
Iy0zcwWDxOx1eI6fZU+Vhi9mYRqV+20ma4JTkOw8k5mSdWKOYxhzLpg=
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org