Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: V/h2h2toJo80noG8bmM1qMIScqw3IYn1AOL8fCyJ3lo=
Subject key identifier: DE:2C:A1:BC:15:7E:87:AD:13:14:20:EF:8E:AE:FE:8D:AD:83:2B:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53D61076EF39C509F5554D89C9418AF1D201238C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:57 +0000
ROA not before: Fri 20 Oct 2023 13:36:57 +0000
ROA not after: Fri 18 Oct 2024 13:41:57 +0000
asID: 136787
IP address blocks: 185.222.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:d6:10:76:ef:39:c5:09:f5:55:4d:89:c9:41:8a:f1:d2:01:23:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:57 2023 GMT
Not After : Oct 18 13:41:57 2024 GMT
Subject: CN=DE2CA1BC157E87AD131420EF8EAEFE8DAD832BB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dc:3d:35:5d:0f:97:2e:0f:ea:37:5e:4e:ef:
82:29:b3:5b:a0:5f:6f:f8:ac:a5:b7:c9:5e:4e:3b:
a9:1c:2c:a2:1c:ad:ae:c0:78:f4:30:9e:44:3b:35:
0f:b7:49:26:51:ad:6a:e4:54:07:7b:d0:98:48:1a:
37:4b:ed:a5:ab:77:3f:4c:52:52:7f:99:37:66:13:
ae:a5:a4:80:1c:b5:f9:b7:68:10:60:6d:87:d4:ea:
fe:54:98:2a:63:df:aa:1f:2f:77:2e:6a:12:43:81:
8e:dc:fe:f4:d8:84:6e:7e:9d:16:f8:e7:10:97:48:
f8:3d:a8:85:be:8b:c7:ab:de:ab:1a:7f:41:26:2a:
eb:37:26:07:8e:36:2a:14:2e:b0:b1:a8:58:93:56:
88:c0:08:c7:a4:96:07:1c:c1:f8:67:42:b2:15:5a:
f1:9f:d9:85:66:93:49:e2:24:27:fb:3e:bc:28:86:
a2:64:ca:37:c2:42:01:82:32:18:80:56:be:67:d4:
02:fe:b2:eb:8b:28:c2:58:e2:2a:21:7d:71:a4:c3:
d0:35:1c:4a:4c:13:2f:9c:2b:3f:03:d3:2f:03:94:
20:46:22:5d:41:f0:79:1f:c9:ed:62:8c:c0:fa:69:
e0:2e:40:d6:16:9c:12:37:63:e8:76:57:87:19:df:
88:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2C:A1:BC:15:7E:87:AD:13:14:20:EF:8E:AE:FE:8D:AD:83:2B:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.243.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ff:37:2e:d7:32:b7:4f:f1:01:41:a0:3d:4e:e1:c7:70:38:
60:6a:1e:4b:94:48:04:21:11:1d:43:bb:2b:98:42:86:a9:cc:
ca:13:27:2d:69:b5:98:65:16:bc:fd:f6:de:67:7d:e4:5a:45:
31:eb:74:7d:49:1a:8b:67:bf:b6:ce:b7:44:22:18:c6:be:fa:
40:12:d8:56:75:50:57:a8:46:6d:1e:3c:9b:36:ee:1e:92:41:
8a:56:64:43:d7:b1:3c:10:5c:ec:d7:46:bd:30:e3:e8:f1:b8:
ad:a7:f2:0f:a2:e4:40:35:5f:9a:96:0a:25:12:b5:d4:20:a0:
e7:13:ef:fa:fc:75:f0:31:6e:4f:55:f3:bf:a7:fd:4b:96:17:
a7:0a:12:23:cb:c7:52:3d:73:81:29:91:15:80:25:84:b6:8c:
7e:cc:57:5c:15:06:2a:37:80:b0:90:63:c4:52:c8:a5:21:f5:
a7:7b:13:b8:48:30:c4:12:39:e0:72:57:e3:80:28:b3:05:9f:
d0:4f:b6:2f:30:93:66:98:8c:75:a0:dc:de:22:42:d5:00:ea:
a6:c6:b2:a1:ba:6f:b6:d8:6f:c6:99:ec:4b:ea:07:71:5f:6e:
0d:e7:79:c2:9e:82:3b:f2:83:68:da:fa:5d:a1:53:b5:16:13:
63:27:aa:d3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUU9YQdu85xQn1VU2JyUGK8dIBI4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTdaFw0yNDEwMTgxMzQxNTdaMDMxMTAvBgNV
BAMTKERFMkNBMUJDMTU3RTg3QUQxMzE0MjBFRjhFQUVGRThEQUQ4MzJCQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe3D01XQ+XLg/qN15O74Ips1ug
X2/4rKW3yV5OO6kcLKIcra7AePQwnkQ7NQ+3SSZRrWrkVAd70JhIGjdL7aWrdz9M
UlJ/mTdmE66lpIActfm3aBBgbYfU6v5UmCpj36ofL3cuahJDgY7c/vTYhG5+nRb4
5xCXSPg9qIW+i8er3qsaf0EmKus3JgeONioULrCxqFiTVojACMeklgccwfhnQrIV
WvGf2YVmk0niJCf7PrwohqJkyjfCQgGCMhiAVr5n1AL+suuLKMJY4iohfXGkw9A1
HEpMEy+cKz8D0y8DlCBGIl1B8Hkfye1ijMD6aeAuQNYWnBI3Y+h2V4cZ34gHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU3iyhvBV+h60TFCDvjq7+ja2DK7IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALne8zANBgkqhkiG9w0BAQsFAAOCAQEAnP83Ltcyt0/xAUGgPU7hx3A4YGoe
S5RIBCERHUO7K5hChqnMyhMnLWm1mGUWvP323md95FpFMet0fUkai2e/ts63RCIY
xr76QBLYVnVQV6hGbR48mzbuHpJBilZkQ9exPBBc7NdGvTDj6PG4rafyD6LkQDVf
mpYKJRK11CCg5xPv+vx18DFuT1Xzv6f9S5YXpwoSI8vHUj1zgSmRFYAlhLaMfsxX
XBUGKjeAsJBjxFLIpSH1p3sTuEgwxBI54HJX44AoswWf0E+2LzCTZpiMdaDc3iJC
1QDqpsayobpvtthvxpnsS+oHcV9uDed5wp6CO/KDaNr6XaFTtRYTYyeq0w==
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:15 2024 by rpki-client on console-ams.rpki-client.org