Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: J+8/o9nMeuKv4951NfpLgWUFq4xIEi662VfqqZtVRas=
Subject key identifier: A6:A3:E6:BF:D9:D4:1A:37:97:4A:4D:17:23:22:4D:09:7D:FB:20:E9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 65B029369D71BB44B3BDBE0C2717D2D02F12E459
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 14 Jul 2023 06:42:43 +0000
ROA not before: Fri 14 Jul 2023 06:37:43 +0000
ROA not after: Fri 12 Jul 2024 06:42:43 +0000
asID: 207137
IP address blocks: 185.214.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b0:29:36:9d:71:bb:44:b3:bd:be:0c:27:17:d2:d0:2f:12:e4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 14 06:37:43 2023 GMT
Not After : Jul 12 06:42:43 2024 GMT
Subject: CN=A6A3E6BFD9D41A37974A4D1723224D097DFB20E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:a8:25:ef:e2:65:a2:ae:47:c1:24:00:9e:
56:b9:74:bf:13:e6:b1:15:7f:f8:9c:69:a9:f8:33:
26:c3:d2:88:37:3e:a1:e9:ae:25:a8:f9:ab:2e:9e:
70:b7:5f:e8:ba:2d:2a:b1:b0:0d:52:ea:d4:31:b3:
35:d2:62:dd:a5:47:31:7a:9e:a9:60:2e:9c:17:65:
49:33:a5:88:af:e0:02:da:11:22:96:1d:37:45:a2:
04:87:88:8e:06:3a:3f:70:37:be:c5:27:72:1f:05:
e5:74:43:5d:b8:8c:d5:b8:c9:87:a9:c5:4c:da:79:
41:37:c0:f6:50:1b:3e:b9:6b:e3:11:f6:4e:40:3e:
fb:00:f9:91:7b:a6:e5:6e:70:83:40:4d:30:ab:1e:
bc:1d:6c:99:d0:5b:29:a8:fc:6b:a8:85:72:29:3b:
41:17:78:d3:21:7d:f8:da:c7:f7:80:56:7a:8f:9a:
f4:b0:fb:99:9e:15:8b:2e:4f:7a:23:cc:ad:3b:7a:
65:15:19:cb:e5:4f:48:ea:7c:d8:bf:47:d4:78:bf:
b7:b6:b0:24:96:df:fa:de:d4:02:21:60:a4:23:df:
90:fa:a7:3f:3c:63:87:f0:fc:f8:4f:fd:f6:2e:bb:
91:d0:c6:62:4a:41:71:4e:7f:4d:96:f5:22:07:3d:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A3:E6:BF:D9:D4:1A:37:97:4A:4D:17:23:22:4D:09:7D:FB:20:E9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.97.0/24
Signature Algorithm: sha256WithRSAEncryption
93:eb:a9:0a:00:bf:96:e3:b8:d3:b7:d5:f8:24:b3:77:99:15:
79:5c:d6:71:81:06:ab:ec:a1:ab:01:d8:7e:ad:87:3e:5f:a3:
ef:dc:22:79:7e:6c:39:5b:45:f5:c2:c0:2e:bd:bb:6a:7e:0b:
6d:5d:f9:8a:4a:e9:78:61:f1:56:37:8a:5c:80:1f:18:58:00:
85:6a:87:2a:d5:90:1e:62:be:25:c3:e8:66:23:79:58:eb:27:
aa:82:94:66:0f:7a:62:f5:85:dc:03:11:1a:7b:3a:7c:fb:41:
7c:eb:ec:00:34:2b:a2:ed:c9:6a:19:c7:49:15:a8:a9:72:14:
58:a7:9e:14:25:18:b1:c0:aa:cd:72:2e:95:89:0c:7e:16:8d:
02:50:f5:4e:66:74:43:c2:bf:cb:a0:dd:24:e5:4c:43:40:a6:
71:46:ff:1a:b3:68:bf:9a:c5:07:8a:79:d5:87:70:71:ed:ba:
b6:37:30:78:b9:0a:30:1f:7b:c6:5c:fd:14:78:d4:85:ec:d8:
31:8f:c6:0d:6c:a5:8b:dd:eb:cf:82:f2:f1:04:dc:db:df:08:
ca:49:16:e7:24:19:18:dc:82:d1:86:d2:92:d5:d1:d9:31:7d:
d8:42:26:eb:8a:a1:42:20:69:2e:9c:53:1b:2e:b8:50:59:11:
46:7e:09:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZbApNp1xu0Szvb4MJxfS0C8S5FkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MTQwNjM3NDNaFw0yNDA3MTIwNjQyNDNaMDMxMTAvBgNV
BAMTKEE2QTNFNkJGRDlENDFBMzc5NzRBNEQxNzIzMjI0RDA5N0RGQjIwRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsiqgl7+Jloq5HwSQAnla5dL8T
5rEVf/icaan4MybD0og3PqHpriWo+asunnC3X+i6LSqxsA1S6tQxszXSYt2lRzF6
nqlgLpwXZUkzpYiv4ALaESKWHTdFogSHiI4GOj9wN77FJ3IfBeV0Q124jNW4yYep
xUzaeUE3wPZQGz65a+MR9k5APvsA+ZF7puVucINATTCrHrwdbJnQWymo/GuohXIp
O0EXeNMhffjax/eAVnqPmvSw+5meFYsuT3ojzK07emUVGcvlT0jqfNi/R9R4v7e2
sCSW3/re1AIhYKQj35D6pz88Y4fw/PhP/fYuu5HQxmJKQXFOf02W9SIHPb4xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpqPmv9nUGjeXSk0XIyJNCX37IOkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mEwDQYJKoZIhvcNAQELBQADggEBAJPrqQoAv5bjuNO31fgks3eZFXlc1nGB
BqvsoasB2H6thz5fo+/cInl+bDlbRfXCwC69u2p+C21d+YpK6Xhh8VY3ilyAHxhY
AIVqhyrVkB5iviXD6GYjeVjrJ6qClGYPemL1hdwDERp7Onz7QXzr7AA0K6LtyWoZ
x0kVqKlyFFinnhQlGLHAqs1yLpWJDH4WjQJQ9U5mdEPCv8ug3STlTENApnFG/xqz
aL+axQeKedWHcHHturY3MHi5CjAfe8Zc/RR41IXs2DGPxg1spYvd68+C8vEE3Nvf
CMpJFuckGRjcgtGG0pLV0dkxfdhCJuuKoUIgaS6cUxsuuFBZEUZ+Cf8=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org