Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: I+qf+3Hc4g/jtslgEqU/TN3f2A2ndX39tfBLZvOPxUY=
Subject key identifier: 92:ED:DD:8C:8B:BE:62:0E:74:92:AF:2C:BF:53:C7:62:47:0C:74:39
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 787FAC37942CBCF80A9324BB443B6EECFDCA8BCC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:50:11 +0000
ROA not before: Sun 26 Nov 2023 19:45:11 +0000
ROA not after: Sun 24 Nov 2024 19:50:11 +0000
asID: 136787
IP address blocks: 185.222.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:7f:ac:37:94:2c:bc:f8:0a:93:24:bb:44:3b:6e:ec:fd:ca:8b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:45:11 2023 GMT
Not After : Nov 24 19:50:11 2024 GMT
Subject: CN=92EDDD8C8BBE620E7492AF2CBF53C762470C7439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:01:23:27:3d:e4:b9:85:0c:75:a5:35:83:b7:
17:98:1b:7b:50:1c:de:ed:d4:6c:6e:23:1a:59:94:
64:af:3e:b3:3d:cd:62:9c:0c:ea:cf:aa:c3:18:fd:
2c:71:25:a7:53:11:f0:56:75:a1:cd:90:03:7d:c2:
a1:c0:2f:e4:e3:07:a5:03:39:1d:77:94:f6:3d:ef:
cf:a3:b5:2c:c8:46:94:a4:c7:12:31:25:c7:eb:c6:
48:75:8f:5d:8a:76:26:a1:29:e3:bb:c4:92:be:b8:
91:2f:a6:b9:37:8f:ce:f4:4e:52:09:ec:94:0f:f4:
8b:d6:4a:d8:23:9c:e4:25:ee:2b:6d:1a:a9:25:c8:
ea:e1:a7:23:de:80:bb:4a:94:0d:09:aa:bb:32:5f:
b1:65:32:d8:b4:2f:52:aa:a1:80:b9:e1:61:13:f5:
da:12:37:68:ba:e0:b7:5f:b9:6a:81:b0:b7:0b:51:
d3:ff:d8:1a:6a:a6:81:38:a0:d3:5e:0f:75:6e:e7:
8b:a1:f2:89:a1:04:91:40:78:f5:0c:83:a3:b0:20:
9b:a8:77:e1:77:91:07:7f:b7:64:0a:69:6a:e5:79:
da:44:8a:3b:32:00:0c:a4:47:65:f6:05:5b:25:17:
27:19:b5:d0:df:9c:49:cf:bf:90:59:c3:92:e7:b0:
2f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:ED:DD:8C:8B:BE:62:0E:74:92:AF:2C:BF:53:C7:62:47:0C:74:39
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.136.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:06:f7:fa:35:5f:0c:4a:c1:b6:71:55:3d:83:cd:64:eb:58:
8a:01:8b:d7:a5:1f:cc:fd:9e:f2:76:3c:9c:49:8c:76:45:1b:
11:57:a4:35:47:58:42:75:77:37:0f:89:78:0d:19:2a:72:39:
cb:a2:8d:d4:52:e2:2c:e4:df:7f:27:a7:07:b2:9e:a3:dc:b3:
2f:0d:47:75:24:42:9c:2b:cb:0c:09:1b:1a:32:05:a7:61:b2:
be:29:1b:19:ff:f2:6e:7c:3d:0b:97:4e:4a:51:91:f9:c3:52:
b1:70:de:52:f1:83:5e:af:0b:2a:af:96:ce:ed:a0:52:99:ef:
0e:39:4b:a9:57:f8:94:e5:54:43:41:ea:66:fc:95:aa:38:e1:
90:37:e8:be:e8:e9:7d:5f:9e:0d:0a:35:71:f8:ef:fb:32:77:
d8:24:e0:ee:39:ee:8b:57:dc:91:59:77:d3:56:d5:46:4c:50:
ff:2a:d1:04:46:cb:cb:dd:79:a8:3e:fe:d2:25:60:f1:74:da:
53:f0:55:4f:a5:eb:1e:15:e0:ef:fb:47:3b:ec:e8:0c:5d:25:
46:03:13:ba:cf:60:22:2b:1d:70:b2:51:49:cb:02:ec:9e:c0:
87:8c:d8:dd:1c:23:26:1f:87:d6:37:9f:03:13:99:c1:a5:05:
c8:48:51:0d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeH+sN5QsvPgKkyS7RDtu7P3Ki8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ1MTFaFw0yNDExMjQxOTUwMTFaMDMxMTAvBgNV
BAMTKDkyRURERDhDOEJCRTYyMEU3NDkyQUYyQ0JGNTNDNzYyNDcwQzc0MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjASMnPeS5hQx1pTWDtxeYG3tQ
HN7t1GxuIxpZlGSvPrM9zWKcDOrPqsMY/SxxJadTEfBWdaHNkAN9wqHAL+TjB6UD
OR13lPY978+jtSzIRpSkxxIxJcfrxkh1j12KdiahKeO7xJK+uJEvprk3j870TlIJ
7JQP9IvWStgjnOQl7ittGqklyOrhpyPegLtKlA0JqrsyX7FlMti0L1KqoYC54WET
9doSN2i64LdfuWqBsLcLUdP/2BpqpoE4oNNeD3Vu54uh8omhBJFAePUMg6OwIJuo
d+F3kQd/t2QKaWrledpEijsyAAykR2X2BVslFycZtdDfnEnPv5BZw5LnsC9PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUku3djIu+Yg50kq8sv1PHYkcMdDkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALneiDANBgkqhkiG9w0BAQsFAAOCAQEAPgb3+jVfDErBtnFVPYPNZOtYigGL
16UfzP2e8nY8nEmMdkUbEVekNUdYQnV3Nw+JeA0ZKnI5y6KN1FLiLOTffyenB7Ke
o9yzLw1HdSRCnCvLDAkbGjIFp2GyvikbGf/ybnw9C5dOSlGR+cNSsXDeUvGDXq8L
Kq+Wzu2gUpnvDjlLqVf4lOVUQ0HqZvyVqjjhkDfovujpfV+eDQo1cfjv+zJ32CTg
7jnui1fckVl301bVRkxQ/yrRBEbLy915qD7+0iVg8XTaU/BVT6XrHhXg7/tHO+zo
DF0lRgMTus9gIisdcLJRScsC7J7Ah4zY3RwjJh+H1jefAxOZwaUFyEhRDQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org