Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 8Z9TE05QukmG5aCz62ArESi3r2CgnviCgTpP5ymuX/o=
Subject key identifier: 6B:43:4A:62:5E:26:2A:86:CA:BF:1A:51:63:62:A3:04:68:4D:46:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A3985209003141C2667CB92E775035D8B941311
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 12 Oct 2023 21:15:44 +0000
ROA not before: Thu 12 Oct 2023 21:10:44 +0000
ROA not after: Thu 10 Oct 2024 21:15:44 +0000
asID: 136787
IP address blocks: 185.225.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:39:85:20:90:03:14:1c:26:67:cb:92:e7:75:03:5d:8b:94:13:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 12 21:10:44 2023 GMT
Not After : Oct 10 21:15:44 2024 GMT
Subject: CN=6B434A625E262A86CABF1A516362A304684D46AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f6:fa:1e:d6:6b:17:26:a0:6a:96:85:26:a8:
8a:8d:eb:4e:b9:87:55:c2:bf:77:87:07:fe:d8:d7:
15:c7:7a:18:46:5e:ee:4b:d1:cd:e1:a4:79:69:d2:
8a:50:2d:4d:5e:89:f1:7d:ca:13:79:6e:58:00:24:
41:61:b0:03:64:61:db:3e:5f:73:8b:10:78:3f:2d:
99:e9:25:22:79:d8:d2:0b:71:aa:a7:0d:25:3e:da:
a8:3c:8d:80:eb:c9:68:ea:90:d2:41:1e:8f:d3:f5:
44:05:6b:b7:ed:4d:b7:95:a5:24:ed:a3:4b:c6:e1:
52:70:83:e5:41:ce:9e:18:ab:fe:19:1d:66:bb:7a:
05:e6:f7:e5:77:94:04:b1:4b:71:0c:a7:b1:bb:b8:
ce:85:d5:6a:69:0b:44:41:d8:9f:62:1c:6a:db:87:
3a:df:49:57:55:14:50:e5:39:73:65:e0:b4:a6:1a:
9e:ac:b8:de:82:d5:64:7b:2b:3f:87:44:9c:47:78:
46:fe:cb:25:ac:cd:f3:6b:52:0a:79:ae:ef:12:20:
60:1c:ba:35:a7:af:59:d1:d9:dc:9e:1f:64:9b:e5:
84:e9:78:7b:e4:cf:1b:ef:e0:92:36:51:ed:cb:6a:
e5:44:3b:89:42:48:bb:71:be:82:5f:95:f8:a1:2d:
45:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:43:4A:62:5E:26:2A:86:CA:BF:1A:51:63:62:A3:04:68:4D:46:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.138.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:8d:78:fa:4e:80:e6:4a:b8:12:36:4c:c0:17:c3:f1:47:d6:
04:03:b1:25:0b:3d:33:e2:26:75:f6:6b:1e:48:3d:ba:ed:4d:
8e:37:1b:77:d7:f6:df:17:85:7f:f8:ad:f2:92:36:57:0f:48:
84:50:88:db:c5:b1:da:36:56:cb:fb:4d:a1:44:91:09:32:13:
b1:e5:7b:bc:9c:7c:36:01:3a:cb:f6:2c:c3:aa:a4:c7:b3:a0:
c3:58:7b:18:be:05:a3:23:19:37:0f:5f:13:83:46:84:4e:cd:
bd:52:13:53:9f:5c:ad:4f:a4:8a:31:67:3f:82:1f:cf:64:85:
da:79:2d:82:23:1f:0d:14:69:a6:d0:82:c3:c2:6c:da:fd:c2:
83:ac:04:24:e5:9c:2b:82:1e:ad:9e:d0:37:bc:df:55:51:20:
99:40:68:4f:df:68:06:63:34:96:03:cd:e5:05:62:bf:99:6a:
cf:b0:2f:01:f3:99:2b:5c:20:56:3c:1a:6d:9a:94:21:9b:ca:
75:0e:82:22:14:d3:17:33:23:7b:47:25:b7:ba:4e:8f:40:8c:
ad:d2:e6:15:55:96:57:45:e8:14:2e:0d:1e:39:95:10:74:ce:
e5:fe:c4:ba:3f:f0:13:07:21:43:fd:32:a0:d8:29:03:60:e1:
df:b6:f0:cd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCjmFIJADFBwmZ8uS53UDXYuUExEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMTIyMTEwNDRaFw0yNDEwMTAyMTE1NDRaMDMxMTAvBgNV
BAMTKDZCNDM0QTYyNUUyNjJBODZDQUJGMUE1MTYzNjJBMzA0Njg0RDQ2QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl9voe1msXJqBqloUmqIqN6065
h1XCv3eHB/7Y1xXHehhGXu5L0c3hpHlp0opQLU1eifF9yhN5blgAJEFhsANkYds+
X3OLEHg/LZnpJSJ52NILcaqnDSU+2qg8jYDryWjqkNJBHo/T9UQFa7ftTbeVpSTt
o0vG4VJwg+VBzp4Yq/4ZHWa7egXm9+V3lASxS3EMp7G7uM6F1WppC0RB2J9iHGrb
hzrfSVdVFFDlOXNl4LSmGp6suN6C1WR7Kz+HRJxHeEb+yyWszfNrUgp5ru8SIGAc
ujWnr1nR2dyeH2Sb5YTpeHvkzxvv4JI2Ue3LauVEO4lCSLtxvoJflfihLUXtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUa0NKYl4mKobKvxpRY2KjBGhNRqowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhijANBgkqhkiG9w0BAQsFAAOCAQEAnY14+k6A5kq4EjZMwBfD8UfWBAOx
JQs9M+ImdfZrHkg9uu1Njjcbd9f23xeFf/it8pI2Vw9IhFCI28Wx2jZWy/tNoUSR
CTITseV7vJx8NgE6y/Ysw6qkx7Ogw1h7GL4FoyMZNw9fE4NGhE7NvVITU59crU+k
ijFnP4Ifz2SF2nktgiMfDRRpptCCw8Js2v3Cg6wEJOWcK4IerZ7QN7zfVVEgmUBo
T99oBmM0lgPN5QViv5lqz7AvAfOZK1wgVjwabZqUIZvKdQ6CIhTTFzMje0clt7pO
j0CMrdLmFVWWV0XoFC4NHjmVEHTO5f7Euj/wEwchQ/0yoNgpA2Dh37bwzQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org