Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JmMiOV1/o+cGHHx/k1xuwgb+8Rx3z9MNRKOR4hffq9M=
Subject key identifier: 89:FA:E3:6C:AC:87:38:45:48:23:C8:AD:61:F6:34:F0:CF:ED:26:DD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 50981AEC1BAA4C7FF59FB8673915C77BEDC15A99
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:32 +0000
ROA not before: Fri 26 Jan 2024 18:57:32 +0000
ROA not after: Fri 24 Jan 2025 19:02:32 +0000
asID: 136787
IP address blocks: 185.227.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:98:1a:ec:1b:aa:4c:7f:f5:9f:b8:67:39:15:c7:7b:ed:c1:5a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:32 2024 GMT
Not After : Jan 24 19:02:32 2025 GMT
Subject: CN=89FAE36CAC8738454823C8AD61F634F0CFED26DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5b:05:98:4c:6e:8a:14:a6:d9:18:ea:38:f0:
a4:ae:a3:7c:0e:bd:84:17:59:62:0b:69:fd:bb:4b:
e5:33:ef:fe:9a:67:e4:4d:75:5f:83:91:e8:ff:0b:
ee:19:a6:18:1d:15:aa:60:12:71:eb:21:fe:43:8a:
a4:3c:2f:d7:06:5d:1d:20:d8:01:8f:83:3d:5d:b4:
7b:13:93:60:b7:23:03:0c:ce:28:cf:ef:2d:05:79:
8b:5b:7e:02:74:34:be:b3:78:81:20:dc:a5:25:ae:
02:51:64:28:23:2a:9f:ec:21:10:14:fd:ae:5c:8a:
08:6c:cd:fd:4c:fb:ae:7a:ed:65:dd:1e:9a:f5:aa:
4c:20:59:a5:3e:b5:c9:ab:b1:57:f8:44:d7:9f:ee:
50:53:c9:1d:f5:05:e1:bd:14:37:4d:7b:c4:8f:bc:
31:c1:75:fa:58:98:a5:a4:ca:95:7b:8e:81:10:f3:
12:76:c1:b7:55:bb:50:d9:b2:1d:60:2f:e5:ae:21:
23:e0:7f:5e:17:e5:65:4d:f1:7d:3e:4b:32:8a:99:
72:d5:83:a7:ef:ff:6b:d4:e6:7c:b3:7a:3a:97:eb:
30:f0:19:0e:53:bd:57:cf:b3:d7:46:46:fa:a1:53:
9a:16:83:02:f6:5d:b3:73:c0:9a:78:36:18:c2:0d:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FA:E3:6C:AC:87:38:45:48:23:C8:AD:61:F6:34:F0:CF:ED:26:DD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.132.0/24
Signature Algorithm: sha256WithRSAEncryption
43:64:d5:78:89:15:9e:3b:64:b0:49:df:42:43:d7:5e:c5:5c:
96:c6:94:1b:e7:55:66:be:ff:d3:7c:4e:1b:cc:39:1c:ac:26:
60:1b:e8:b8:f7:43:23:24:05:34:0a:ba:95:eb:b1:ef:fb:f7:
74:ae:77:19:3f:51:0f:a6:63:50:6e:c0:1f:0b:a0:54:4a:6b:
07:8f:ef:b3:64:83:63:e8:b5:df:cb:78:f0:0d:f5:c5:58:e6:
bd:03:c4:70:22:8b:d1:ac:70:fc:39:a1:cc:3a:7d:13:85:c0:
f3:0c:61:e7:c7:d2:2a:19:8d:0e:bc:c8:b6:ef:10:87:93:36:
ca:29:0d:31:04:4d:75:10:88:80:ee:2b:d3:3e:fc:81:91:cd:
83:a4:58:71:ee:3e:22:16:c7:76:64:2a:cf:8e:a1:7e:ea:90:
0c:45:fb:06:31:0d:9b:b4:d2:2e:2b:cb:d8:c8:7b:86:d3:08:
a2:e9:4b:88:f1:df:c2:83:74:bd:2d:42:8f:5d:5e:d4:99:95:
48:e3:fb:09:c8:92:0a:c0:35:12:bf:cc:5c:d2:dd:8c:ec:65:
aa:c5:20:06:58:23:06:5b:25:97:e9:bd:c1:5a:b2:45:50:d5:
1c:2c:3b:2f:e0:dc:3c:6c:ed:8a:5d:27:46:0a:36:52:5a:83:
4f:37:5d:b0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUJga7BuqTH/1n7hnORXHe+3BWpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MzJaFw0yNTAxMjQxOTAyMzJaMDMxMTAvBgNV
BAMTKDg5RkFFMzZDQUM4NzM4NDU0ODIzQzhBRDYxRjYzNEYwQ0ZFRDI2REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEWwWYTG6KFKbZGOo48KSuo3wO
vYQXWWILaf27S+Uz7/6aZ+RNdV+Dkej/C+4ZphgdFapgEnHrIf5DiqQ8L9cGXR0g
2AGPgz1dtHsTk2C3IwMMzijP7y0FeYtbfgJ0NL6zeIEg3KUlrgJRZCgjKp/sIRAU
/a5cighszf1M+6567WXdHpr1qkwgWaU+tcmrsVf4RNef7lBTyR31BeG9FDdNe8SP
vDHBdfpYmKWkypV7joEQ8xJ2wbdVu1DZsh1gL+WuISPgf14X5WVN8X0+SzKKmXLV
g6fv/2vU5nyzejqX6zDwGQ5TvVfPs9dGRvqhU5oWgwL2XbNzwJp4NhjCDVPDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUifrjbKyHOEVII8itYfY08M/tJt0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzcyZTMx
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnjhDANBgkqhkiG9w0BAQsFAAOCAQEAQ2TVeIkVnjtksEnfQkPXXsVclsaU
G+dVZr7/03xOG8w5HKwmYBvouPdDIyQFNAq6leux7/v3dK53GT9RD6ZjUG7AHwug
VEprB4/vs2SDY+i138t48A31xVjmvQPEcCKL0axw/DmhzDp9E4XA8wxh58fSKhmN
DrzItu8Qh5M2yikNMQRNdRCIgO4r0z78gZHNg6RYce4+IhbHdmQqz46hfuqQDEX7
BjENm7TSLivL2Mh7htMIoulLiPHfwoN0vS1Cj11e1JmVSOP7CciSCsA1Er/MXNLd
jOxlqsUgBlgjBlsll+m9wVqyRVDVHCw7L+DcPGztil0nRgo2UlqDTzddsA==
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org