Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rSLicDqhS2Aa4oVh4jCsUV6WhXtI75+X+5+5Xwgkuvw=
Subject key identifier: 97:73:4B:36:4D:33:E8:C7:1D:26:6A:B1:AA:39:28:C4:0A:89:51:06
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 32BCBC680F446FD25EB6CD6448F2F9E233697A78
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:59 +0000
ROA not before: Fri 20 Oct 2023 13:36:59 +0000
ROA not after: Fri 18 Oct 2024 13:41:59 +0000
asID: 136787
IP address blocks: 185.216.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:bc:bc:68:0f:44:6f:d2:5e:b6:cd:64:48:f2:f9:e2:33:69:7a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:59 2023 GMT
Not After : Oct 18 13:41:59 2024 GMT
Subject: CN=97734B364D33E8C71D266AB1AA3928C40A895106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e2:db:95:77:31:05:06:af:b4:e4:22:59:cc:
76:c7:0c:4a:2b:46:18:a4:8e:88:94:3e:cf:d2:24:
a5:b4:2f:8c:81:40:0e:4e:8b:5c:63:f0:4b:a3:a3:
3d:95:7a:aa:97:85:20:f4:45:36:d1:7c:03:e0:72:
cd:ce:72:cc:ec:de:07:38:fe:ae:6d:be:e3:cb:e5:
43:b2:4f:ef:c2:42:bb:e4:ef:6c:29:ec:14:c5:c4:
2b:2b:9d:80:68:b6:47:a1:07:40:c6:9f:a7:7f:66:
d4:18:96:a5:3e:8f:a2:85:64:26:02:a7:9e:cf:58:
2b:0a:8a:8e:78:44:b3:e5:23:fd:5b:a9:83:34:cb:
9c:e8:ef:fb:a7:7b:3f:a3:06:ca:60:7c:1b:81:28:
21:0d:7c:67:89:f3:33:66:2e:35:29:a0:67:e6:74:
60:fa:c3:2f:0d:70:e2:01:f7:21:8e:bc:0b:2b:b3:
58:d1:4b:be:b5:cf:e9:47:3a:5c:5f:a5:99:e9:40:
5f:40:21:f4:90:a2:14:59:28:21:34:2b:f2:77:ed:
09:1c:58:00:fd:e0:a5:2e:88:7d:df:2b:56:7d:3d:
14:41:f1:92:19:4e:30:6d:d7:e4:34:45:52:78:d6:
c4:07:de:20:e8:f0:ee:e2:24:b1:36:d2:e5:53:66:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:73:4B:36:4D:33:E8:C7:1D:26:6A:B1:AA:39:28:C4:0A:89:51:06
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.73.0/24
Signature Algorithm: sha256WithRSAEncryption
68:12:33:a6:a3:4d:0a:29:bd:d8:eb:a9:c3:a0:27:ba:25:cf:
2f:b0:6c:bd:1d:c5:f9:c9:b8:3f:7d:2b:b6:6c:00:90:d4:59:
cf:b7:aa:3e:2c:b5:f1:d2:5e:2b:c4:b6:cc:2a:40:1b:cf:e0:
a1:24:8e:b2:f6:fe:c4:ae:d1:e9:a3:36:2f:05:56:24:c0:97:
b1:98:0a:c5:53:7a:29:28:ed:5b:30:9d:5c:d4:31:aa:db:26:
e5:3a:a6:36:ce:c8:97:78:aa:b4:72:00:4b:7e:63:a5:9a:6f:
dd:d1:39:75:d8:f1:8a:ac:6d:79:3c:76:d8:52:7b:18:ed:f6:
08:8b:7a:59:c6:83:d1:37:2f:c7:24:af:b8:ce:6e:4b:35:e6:
9f:93:d7:eb:e4:d2:6d:e8:6d:40:8a:93:cd:ff:ab:f3:c3:35:
88:91:c4:a3:9d:63:ed:e7:01:e6:30:89:e6:1a:20:b8:6e:e0:
6e:53:43:7b:4c:1e:03:fc:65:37:28:41:8d:50:6f:66:b8:49:
9e:ff:d7:8b:72:9b:18:f3:75:b3:d2:5c:bd:43:93:6d:07:e4:
dc:0c:e5:49:a2:67:7d:fe:f2:78:59:d9:5c:0e:a2:e1:67:c8:
10:e5:85:fb:e2:68:b9:52:86:2f:8c:97:fb:14:fc:15:a5:ab:
2c:18:1c:c5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMry8aA9Eb9Jets1kSPL54jNpengwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTlaFw0yNDEwMTgxMzQxNTlaMDMxMTAvBgNV
BAMTKDk3NzM0QjM2NEQzM0U4QzcxRDI2NkFCMUFBMzkyOEM0MEE4OTUxMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn4tuVdzEFBq+05CJZzHbHDEor
RhikjoiUPs/SJKW0L4yBQA5Oi1xj8Eujoz2VeqqXhSD0RTbRfAPgcs3Ocszs3gc4
/q5tvuPL5UOyT+/CQrvk72wp7BTFxCsrnYBotkehB0DGn6d/ZtQYlqU+j6KFZCYC
p57PWCsKio54RLPlI/1bqYM0y5zo7/unez+jBspgfBuBKCENfGeJ8zNmLjUpoGfm
dGD6wy8NcOIB9yGOvAsrs1jRS761z+lHOlxfpZnpQF9AIfSQohRZKCE0K/J37Qkc
WAD94KUuiH3fK1Z9PRRB8ZIZTjBt1+Q0RVJ41sQH3iDo8O7iJLE20uVTZnVxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUl3NLNk0z6McdJmqxqjkoxAqJUQYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EkwDQYJKoZIhvcNAQELBQADggEBAGgSM6ajTQopvdjrqcOgJ7olzy+wbL0d
xfnJuD99K7ZsAJDUWc+3qj4stfHSXivEtswqQBvP4KEkjrL2/sSu0emjNi8FViTA
l7GYCsVTeiko7VswnVzUMarbJuU6pjbOyJd4qrRyAEt+Y6Wab93ROXXY8YqsbXk8
dthSexjt9giLelnGg9E3L8ckr7jObks15p+T1+vk0m3obUCKk83/q/PDNYiRxKOd
Y+3nAeYwieYaILhu4G5TQ3tMHgP8ZTcoQY1Qb2a4SZ7/14tymxjzdbPSXL1Dk20H
5NwM5UmiZ33+8nhZ2VwOouFnyBDlhfviaLlShi+Ml/sU/BWlqywYHMU=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org