Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
File: 3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 5WMLwyLR0V4YBTDO2uoZWludAKL5SFQ6SwQadmJI67w=
Subject key identifier: C7:F8:58:3E:4C:F4:58:2D:4D:2B:8B:93:EE:11:29:FE:ED:C9:B7:EE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 374B54B1EC29B712F603951BAF25F4459F5014F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:46 +0000
ROA not before: Fri 20 Oct 2023 13:36:46 +0000
ROA not after: Fri 18 Oct 2024 13:41:46 +0000
asID: 51167
IP address blocks: 185.219.142.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:4b:54:b1:ec:29:b7:12:f6:03:95:1b:af:25:f4:45:9f:50:14:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:46 2023 GMT
Not After : Oct 18 13:41:46 2024 GMT
Subject: CN=C7F8583E4CF4582D4D2B8B93EE1129FEEDC9B7EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:91:39:8b:6b:57:74:c3:bb:b4:a0:82:99:7f:
ca:13:91:19:fe:e4:55:c0:5c:af:01:d2:1c:ad:f4:
8d:19:8c:69:34:03:3f:0c:57:79:f5:d3:06:f5:54:
3f:b6:ec:dd:6e:16:3d:13:4b:3d:23:04:76:5c:23:
d5:6b:0d:cc:09:bc:ea:69:e4:92:d4:03:d9:0e:b8:
4a:0c:ee:00:30:44:26:fc:ac:95:44:f2:47:81:7e:
ce:85:e2:78:ac:21:0d:ec:80:b9:81:07:65:5b:b0:
a6:0f:71:d1:89:14:1a:78:31:44:eb:38:f4:d8:9a:
26:49:ad:e6:38:5e:14:bc:41:4e:8d:fb:99:7b:d5:
44:ff:23:d3:a1:17:ca:14:1b:3e:a5:db:cd:1d:3f:
b1:c5:9e:fe:47:5a:f4:18:f0:23:44:a8:08:ed:c4:
2c:55:9f:a0:cb:0f:ea:66:9f:65:7f:2c:b4:6d:ea:
38:52:61:c9:f2:42:35:2a:e9:cf:81:ce:34:ce:fa:
83:ed:6b:fa:ee:c6:98:f0:fd:0b:a9:70:5a:ec:bf:
65:5c:3f:6e:68:5e:0c:76:a7:b7:da:10:d9:21:0f:
89:7c:62:46:67:f1:b6:b8:7a:fe:87:1f:eb:95:91:
b2:b0:9b:1c:9c:2c:cd:1a:13:98:d1:28:e8:0d:38:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F8:58:3E:4C:F4:58:2D:4D:2B:8B:93:EE:11:29:FE:ED:C9:B7:EE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.142.0/24
Signature Algorithm: sha256WithRSAEncryption
70:85:96:a8:52:23:2e:b3:c4:f2:c7:1e:b0:06:b8:bd:c2:ec:
5c:75:6f:f3:7a:1b:0f:80:e4:81:11:a7:24:4b:a2:15:81:49:
05:d5:f5:72:ea:f5:19:c8:66:9c:a2:a6:0f:a9:88:12:ff:74:
45:4b:a2:61:65:e5:a9:62:93:c8:64:5a:e7:9c:fd:0e:63:b7:
0e:4f:79:3e:c4:59:23:9c:4b:17:c2:0b:29:ee:16:ba:cc:84:
7a:b7:ce:97:98:d9:f5:34:77:c3:9e:af:fd:58:55:20:05:68:
bf:8b:e9:e2:45:e6:60:33:d2:ec:7d:f7:b7:d4:92:71:a9:81:
be:eb:9d:62:ac:b9:b9:78:23:7e:75:1f:8b:76:01:a7:5e:1d:
23:02:24:e4:62:49:01:e7:21:9a:d1:40:6b:e9:ae:4c:b0:68:
cd:ce:79:46:a1:6a:28:89:57:76:fe:93:1e:a0:f3:f2:1d:04:
fb:5f:5b:6a:c5:c0:ed:9b:c3:4c:ee:aa:96:84:de:ad:57:d1:
10:5e:03:89:41:a0:24:43:d6:0e:e8:d9:b8:d9:56:9f:58:09:
7b:eb:12:ff:b5:b5:11:ae:c1:e6:3d:4a:18:bd:3a:a1:cd:e8:
26:79:1c:25:53:e5:98:70:a1:fb:12:b4:e5:dc:ba:d4:0a:50:
1f:28:9f:d1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN0tUsewptxL2A5UbryX0RZ9QFPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDZaFw0yNDEwMTgxMzQxNDZaMDMxMTAvBgNV
BAMTKEM3Rjg1ODNFNENGNDU4MkQ0RDJCOEI5M0VFMTEyOUZFRURDOUI3RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqkTmLa1d0w7u0oIKZf8oTkRn+
5FXAXK8B0hyt9I0ZjGk0Az8MV3n10wb1VD+27N1uFj0TSz0jBHZcI9VrDcwJvOpp
5JLUA9kOuEoM7gAwRCb8rJVE8keBfs6F4nisIQ3sgLmBB2VbsKYPcdGJFBp4MUTr
OPTYmiZJreY4XhS8QU6N+5l71UT/I9OhF8oUGz6l280dP7HFnv5HWvQY8CNEqAjt
xCxVn6DLD+pmn2V/LLRt6jhSYcnyQjUq6c+BzjTO+oPta/ruxpjw/QupcFrsv2Vc
P25oXgx2p7faENkhD4l8YkZn8ba4ev6HH+uVkbKwmxycLM0aE5jRKOgNOK4xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUx/hYPkz0WC1NK4uT7hEp/u3Jt+4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5244wDQYJKoZIhvcNAQELBQADggEBAHCFlqhSIy6zxPLHHrAGuL3C7Fx1b/N6
Gw+A5IERpyRLohWBSQXV9XLq9RnIZpyipg+piBL/dEVLomFl5alik8hkWuec/Q5j
tw5PeT7EWSOcSxfCCynuFrrMhHq3zpeY2fU0d8Oer/1YVSAFaL+L6eJF5mAz0ux9
97fUknGpgb7rnWKsubl4I351H4t2AadeHSMCJORiSQHnIZrRQGvprkywaM3OeUah
aiiJV3b+kx6g8/IdBPtfW2rFwO2bw0zuqpaE3q1X0RBeA4lBoCRD1g7o2bjZVp9Y
CXvrEv+1tRGuweY9Shi9OqHN6CZ5HCVT5ZhwofsStOXcutQKUB8on9E=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:44 2024 by rpki-client on console-fra.rpki-client.org