Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
File: 3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa (raw, json)
Hash identifier: 8RU8BqnHgjvm8bF0qTmCJtJQOHHC+KvQfw7/puLr1dI=
Subject key identifier: E4:BA:DC:45:8C:B2:11:97:89:32:A4:61:56:98:FA:94:D4:99:D5:27
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BA5674EF26A0D4543F1850BCF65726FF11E328A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
Signing time: Fri 20 Oct 2023 13:41:45 +0000
ROA not before: Fri 20 Oct 2023 13:36:45 +0000
ROA not after: Fri 18 Oct 2024 13:41:45 +0000
asID: 212520
IP address blocks: 185.216.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a5:67:4e:f2:6a:0d:45:43:f1:85:0b:cf:65:72:6f:f1:1e:32:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:45 2023 GMT
Not After : Oct 18 13:41:45 2024 GMT
Subject: CN=E4BADC458CB211978932A4615698FA94D499D527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:e3:90:20:b8:d7:76:4f:84:05:4e:73:93:
02:b4:be:59:c3:bf:6f:2a:b1:a0:72:83:af:db:70:
b2:86:29:15:60:49:04:fc:9d:ff:f9:2e:e4:e9:9a:
25:8d:05:64:17:c8:df:36:f7:37:98:02:7b:25:75:
ca:cc:ef:dd:5d:3b:60:42:e0:73:50:ad:b0:89:b7:
7a:2c:ab:e2:65:d3:d4:59:22:bf:f5:aa:42:54:54:
95:09:43:cf:cb:0e:36:06:5f:57:82:5f:b4:1b:93:
64:36:df:cd:3a:76:e0:93:16:6a:f3:97:f5:6d:d2:
f0:cf:be:65:52:d9:49:bd:cd:b8:17:54:a1:61:a0:
21:aa:de:cd:ee:ba:71:55:e6:6c:14:33:01:5f:5d:
f5:ee:a5:36:c5:d4:44:cf:dd:6e:2a:cf:f2:b7:d6:
16:ed:87:7c:ac:6e:30:ac:10:cc:95:ce:28:cb:89:
44:3a:da:dd:6b:34:15:e3:f9:10:43:3c:68:3f:ec:
0a:d6:6d:2f:1c:72:ba:01:e3:8e:48:c1:1a:ca:2e:
67:4f:22:8c:69:31:17:9b:5b:c9:c2:f3:23:fb:e9:
d3:ae:15:ab:07:b9:34:4f:ff:9f:e6:97:1a:ae:dc:
a5:4e:b3:ec:7d:2a:e6:96:c1:a2:f0:cb:16:c0:f8:
12:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BA:DC:45:8C:B2:11:97:89:32:A4:61:56:98:FA:94:D4:99:D5:27
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323132353230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.72.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:54:7c:71:c7:8c:20:44:76:38:92:80:81:6d:92:ca:f4:8d:
13:63:00:ec:17:fa:46:4d:9d:06:83:ee:ad:8d:f0:47:73:92:
5e:e9:5e:3c:b5:d4:90:d3:ba:99:53:ab:3e:32:2b:7c:9d:3a:
ad:13:87:a8:bd:48:6c:93:58:a6:1f:29:6f:72:6c:56:51:39:
e4:d8:e7:13:3b:89:bd:9e:f8:5f:40:92:8a:aa:fd:ef:da:53:
86:8a:50:fc:07:d0:3c:10:74:80:e5:f2:cf:f5:32:49:3e:9a:
32:8b:5f:4d:d1:70:43:8f:a5:63:8e:61:57:75:1c:16:37:a1:
2f:90:7b:bd:24:c4:70:7c:67:17:00:56:72:78:22:98:c5:7f:
d9:5c:59:56:0a:2f:ec:4e:cb:bd:10:cc:ec:68:81:bc:78:20:
a0:84:0f:d5:37:f7:27:6a:07:7d:cb:b2:2d:e3:8a:20:13:e4:
fa:8d:23:d6:31:a7:7f:99:15:70:9b:fe:32:d3:98:ed:e3:c4:
f3:8a:e0:3b:b6:72:bb:35:2c:d5:cc:f7:4d:e3:3d:0b:21:63:
53:4b:57:c3:62:17:cc:8e:bf:a0:2d:fa:72:12:b2:fd:30:0b:
08:a0:2d:73:38:21:26:8b:99:0e:2f:35:90:55:18:22:5a:fc:
61:4e:d7:e2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS6VnTvJqDUVD8YULz2Vyb/EeMoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDVaFw0yNDEwMTgxMzQxNDVaMDMxMTAvBgNV
BAMTKEU0QkFEQzQ1OENCMjExOTc4OTMyQTQ2MTU2OThGQTk0RDQ5OUQ1MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJDOOQILjXdk+EBU5zkwK0vlnD
v28qsaByg6/bcLKGKRVgSQT8nf/5LuTpmiWNBWQXyN829zeYAnsldcrM791dO2BC
4HNQrbCJt3osq+Jl09RZIr/1qkJUVJUJQ8/LDjYGX1eCX7Qbk2Q23806duCTFmrz
l/Vt0vDPvmVS2Um9zbgXVKFhoCGq3s3uunFV5mwUMwFfXfXupTbF1ETP3W4qz/K3
1hbth3ysbjCsEMyVzijLiUQ62t1rNBXj+RBDPGg/7ArWbS8ccroB445IwRrKLmdP
IoxpMRebW8nC8yP76dOuFasHuTRP/5/mlxqu3KVOs+x9KuaWwaLwyxbA+BLvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5LrcRYyyEZeJMqRhVpj6lNSZ1ScwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNTMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EgwDQYJKoZIhvcNAQELBQADggEBADxUfHHHjCBEdjiSgIFtksr0jRNjAOwX
+kZNnQaD7q2N8Edzkl7pXjy11JDTuplTqz4yK3ydOq0Th6i9SGyTWKYfKW9ybFZR
OeTY5xM7ib2e+F9Akoqq/e/aU4aKUPwH0DwQdIDl8s/1Mkk+mjKLX03RcEOPpWOO
YVd1HBY3oS+Qe70kxHB8ZxcAVnJ4IpjFf9lcWVYKL+xOy70QzOxogbx4IKCED9U3
9ydqB33Lsi3jiiAT5PqNI9Yxp3+ZFXCb/jLTmO3jxPOK4Du2crs1LNXM903jPQsh
Y1NLV8NiF8yOv6At+nISsv0wCwigLXM4ISaLmQ4vNZBVGCJa/GFO1+I=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org