Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: lXOLICvWBJJb+wjRtfDRP5ldPZNQ01Jlew/dgGOpeMc=
Subject key identifier: BC:DA:DC:5F:05:56:CB:A4:AA:3C:44:CF:7F:14:C4:AD:B5:68:65:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 08A4715DE97AA2C3F58CA4425C53044A38C2B9B4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 22 Aug 2023 21:00:07 +0000
ROA not before: Tue 22 Aug 2023 20:55:07 +0000
ROA not after: Tue 20 Aug 2024 21:00:07 +0000
asID: 136787
IP address blocks: 185.217.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a4:71:5d:e9:7a:a2:c3:f5:8c:a4:42:5c:53:04:4a:38:c2:b9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 20:55:07 2023 GMT
Not After : Aug 20 21:00:07 2024 GMT
Subject: CN=BCDADC5F0556CBA4AA3C44CF7F14C4ADB5686581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:75:b8:2d:45:47:be:4f:95:6b:7d:7f:7c:30:
62:26:9f:5d:d7:58:bf:2e:66:0b:1a:72:0d:29:6a:
c5:8c:ea:68:de:d0:67:c3:cd:4b:5a:2d:68:6b:e2:
4a:53:9c:e4:74:47:5c:d4:c8:8a:34:1d:b6:97:3a:
6c:f7:7e:2f:a1:4e:a8:73:5b:95:c7:ee:4c:18:8a:
85:63:91:1e:11:5c:1f:c8:84:ad:a4:7c:45:f8:40:
d5:c8:a1:c6:07:a4:6b:de:90:cd:69:40:10:ec:4e:
78:d9:74:b1:80:7d:5a:91:cc:92:bd:1c:a6:99:33:
b8:b1:7c:f6:53:99:4c:01:a7:b3:6f:f8:65:82:46:
6c:10:2c:53:db:8a:80:9e:a3:54:bd:e1:06:ce:15:
ad:ba:a1:da:89:c6:8d:1f:e3:6a:3a:5f:b8:d3:cc:
65:6a:df:14:d8:64:72:d5:76:92:1d:f6:21:a3:e3:
73:8e:c5:49:96:c1:38:ef:70:6a:5e:b6:82:0f:9b:
f9:54:27:a6:b2:88:90:3f:81:a0:04:61:7d:fe:a0:
0c:48:8b:cf:92:72:71:42:e6:dc:0e:c2:07:e6:9d:
a9:c1:09:d9:21:21:a9:b3:e0:14:49:c1:e5:19:be:
84:03:f4:1e:f5:7d:6f:e5:3e:dd:7d:ea:c8:78:d0:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DA:DC:5F:05:56:CB:A4:AA:3C:44:CF:7F:14:C4:AD:B5:68:65:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.168.0/24
Signature Algorithm: sha256WithRSAEncryption
16:e8:55:ce:18:3a:88:f4:7b:c2:73:30:3f:67:09:f0:7b:da:
5d:27:6f:31:a2:d4:22:3b:40:61:7c:a6:fd:c2:2b:4d:9f:a7:
a5:b2:06:9a:ff:55:54:c0:c1:3a:c8:1e:78:ad:f5:eb:f0:a3:
be:5b:34:27:65:f9:dc:b4:13:73:66:fe:c6:49:83:11:ed:f5:
28:8d:12:bc:05:37:f4:79:20:02:75:88:52:66:a2:8e:e2:e3:
3a:37:59:75:00:5a:00:41:f7:2e:da:40:0c:00:e4:92:bd:4e:
58:c2:b5:3c:c8:8f:0f:5a:d1:dc:df:2b:9f:89:ac:6e:ab:6f:
74:2b:2d:64:fb:cd:2c:d5:f4:59:7a:20:81:ba:28:fe:45:60:
6a:7e:e4:e6:74:66:e6:09:4a:b7:e0:d5:ff:94:25:de:ea:1d:
53:dd:fe:ab:50:38:23:1c:07:61:d7:e3:66:af:9a:dc:51:f1:
10:3a:95:da:40:3d:cd:a6:4b:38:ed:9c:27:15:06:7b:c3:35:
7b:e9:45:c9:4b:d0:1b:18:f3:ea:03:38:3c:b4:1b:dc:f8:25:
3e:00:00:81:d8:99:95:97:7d:44:ce:21:e0:28:c5:78:e1:a7:
1b:e2:55:d7:87:0b:42:42:d2:b2:97:2c:08:c6:5d:06:1d:4f:
5c:30:5f:94
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCKRxXel6osP1jKRCXFMESjjCubQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MjIyMDU1MDdaFw0yNDA4MjAyMTAwMDdaMDMxMTAvBgNV
BAMTKEJDREFEQzVGMDU1NkNCQTRBQTNDNDRDRjdGMTRDNEFEQjU2ODY1ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDddbgtRUe+T5VrfX98MGImn13X
WL8uZgsacg0pasWM6mje0GfDzUtaLWhr4kpTnOR0R1zUyIo0HbaXOmz3fi+hTqhz
W5XH7kwYioVjkR4RXB/IhK2kfEX4QNXIocYHpGvekM1pQBDsTnjZdLGAfVqRzJK9
HKaZM7ixfPZTmUwBp7Nv+GWCRmwQLFPbioCeo1S94QbOFa26odqJxo0f42o6X7jT
zGVq3xTYZHLVdpId9iGj43OOxUmWwTjvcGpetoIPm/lUJ6ayiJA/gaAEYX3+oAxI
i8+ScnFC5twOwgfmnanBCdkhIamz4BRJweUZvoQD9B71fW/lPt196sh40AA1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvNrcXwVWy6SqPETPfxTErbVoZYEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqDANBgkqhkiG9w0BAQsFAAOCAQEAFuhVzhg6iPR7wnMwP2cJ8HvaXSdv
MaLUIjtAYXym/cIrTZ+npbIGmv9VVMDBOsgeeK316/Cjvls0J2X53LQTc2b+xkmD
Ee31KI0SvAU39HkgAnWIUmaijuLjOjdZdQBaAEH3LtpADADkkr1OWMK1PMiPD1rR
3N8rn4msbqtvdCstZPvNLNX0WXoggboo/kVgan7k5nRm5glKt+DV/5Ql3uodU93+
q1A4IxwHYdfjZq+a3FHxEDqV2kA9zaZLOO2cJxUGe8M1e+lFyUvQGxjz6gM4PLQb
3PglPgAAgdiZlZd9RM4h4CjFeOGnG+JV14cLQkLSspcsCMZdBh1PXDBflA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org