Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232372e3133332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RinErKGCVp5/DsXwoSgcY53teKwV/YyfSDw9eoozI08=
Subject key identifier: 8F:85:D4:8D:6D:0E:6E:81:C1:34:35:A3:E1:3E:3E:53:1C:F2:9B:38
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 39499443343D1017CAD62AC67638782279A69A6A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:34 +0000
ROA not before: Fri 26 Jan 2024 18:57:34 +0000
ROA not after: Fri 24 Jan 2025 19:02:34 +0000
asID: 136787
IP address blocks: 185.227.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:49:94:43:34:3d:10:17:ca:d6:2a:c6:76:38:78:22:79:a6:9a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:34 2024 GMT
Not After : Jan 24 19:02:34 2025 GMT
Subject: CN=8F85D48D6D0E6E81C13435A3E13E3E531CF29B38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dd:59:b5:66:8e:1a:47:3e:9c:62:d0:fe:ef:
04:70:b5:66:0c:58:35:c8:a4:91:09:cf:50:64:72:
06:69:e8:01:f7:69:6f:1a:65:db:ac:12:7c:f2:90:
da:69:c8:d0:88:f7:55:3c:19:fe:73:00:fa:e3:c6:
bd:c0:03:c8:df:10:02:10:02:86:67:bf:4b:4e:0e:
50:12:5a:59:75:fa:7d:a0:2f:ec:07:c5:cc:53:6f:
3c:47:78:64:6c:02:18:61:1e:a4:13:b7:ac:15:3b:
e8:8e:d3:a3:d3:75:f6:98:e2:f5:4a:ab:1e:d4:35:
12:de:df:97:af:11:1b:b5:b8:36:c0:ef:4a:5f:25:
06:8b:ee:3a:62:24:ad:44:51:d3:65:79:a7:c8:9d:
c0:73:bb:a8:c4:f3:5f:7c:fe:e3:f5:28:b9:62:62:
c8:20:cb:ed:f5:43:aa:4b:69:84:fc:b2:a0:07:d4:
18:6c:29:85:84:71:9f:9d:5c:dd:19:c5:8c:c5:2f:
20:08:82:93:59:95:61:7d:d3:9f:cc:b9:ea:f3:75:
29:60:78:10:ec:41:06:8d:9e:bb:02:0a:dc:a1:0d:
8e:dd:11:75:0f:ef:4a:9e:64:e5:6a:7d:d4:90:53:
32:37:d2:c9:ff:fd:ef:35:72:5d:c9:0b:8b:97:78:
ed:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:85:D4:8D:6D:0E:6E:81:C1:34:35:A3:E1:3E:3E:53:1C:F2:9B:38
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.133.0/24
Signature Algorithm: sha256WithRSAEncryption
76:44:33:66:de:2e:1a:3e:05:c5:09:ac:41:c1:c4:e1:ff:3f:
44:dc:d4:7f:8d:6c:83:bf:83:97:55:43:ff:7b:45:e4:c6:f3:
da:28:61:68:77:a4:dc:ec:2d:7d:cc:a9:37:f4:3c:ae:b5:81:
5f:c1:aa:d2:fb:fd:fd:9c:7a:73:53:08:56:8c:31:b5:8d:60:
d1:ad:69:5a:41:b9:80:1b:ec:7c:bc:56:1a:70:ed:43:80:21:
37:7c:47:b6:0e:b5:c7:6c:0f:29:f4:4b:bd:91:97:55:d0:24:
7c:fb:ac:bc:9a:ca:73:14:41:f5:fe:e7:23:a7:87:2e:a2:47:
82:e8:e9:f9:18:84:4f:83:b9:90:dc:d4:db:e3:71:8d:4b:46:
03:ab:1e:68:9d:a6:b3:c1:e1:e7:ab:72:81:fa:60:7f:4a:f2:
e6:db:62:12:41:5b:ec:15:37:ef:1a:60:99:e8:c2:9d:11:8d:
f9:e7:ae:f0:c2:f4:6c:36:ca:0b:a4:98:81:15:3c:3a:99:c1:
47:2d:f7:c5:7a:ba:dc:81:d2:b5:f7:e7:fb:cd:b0:bf:1d:5d:
e5:68:19:03:49:fd:99:42:07:22:e9:65:4f:a9:14:34:24:97:
5a:d6:61:c2:1d:1b:0d:14:d2:b0:44:a1:46:ef:17:52:93:a3:
af:c3:bc:52
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOUmUQzQ9EBfK1irGdjh4InmmmmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MzRaFw0yNTAxMjQxOTAyMzRaMDMxMTAvBgNV
BAMTKDhGODVENDhENkQwRTZFODFDMTM0MzVBM0UxM0UzRTUzMUNGMjlCMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo3Vm1Zo4aRz6cYtD+7wRwtWYM
WDXIpJEJz1BkcgZp6AH3aW8aZdusEnzykNppyNCI91U8Gf5zAPrjxr3AA8jfEAIQ
AoZnv0tODlASWll1+n2gL+wHxcxTbzxHeGRsAhhhHqQTt6wVO+iO06PTdfaY4vVK
qx7UNRLe35evERu1uDbA70pfJQaL7jpiJK1EUdNleafIncBzu6jE8198/uP1KLli
Ysggy+31Q6pLaYT8sqAH1BhsKYWEcZ+dXN0ZxYzFLyAIgpNZlWF905/MuerzdSlg
eBDsQQaNnrsCCtyhDY7dEXUP70qeZOVqfdSQUzI30sn//e81cl3JC4uXeO0rAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUj4XUjW0OboHBNDWj4T4+UxzymzgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzcyZTMx
MzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnjhTANBgkqhkiG9w0BAQsFAAOCAQEAdkQzZt4uGj4FxQmsQcHE4f8/RNzU
f41sg7+Dl1VD/3tF5Mbz2ihhaHek3OwtfcypN/Q8rrWBX8Gq0vv9/Zx6c1MIVowx
tY1g0a1pWkG5gBvsfLxWGnDtQ4AhN3xHtg61x2wPKfRLvZGXVdAkfPusvJrKcxRB
9f7nI6eHLqJHgujp+RiET4O5kNzU2+NxjUtGA6seaJ2ms8Hh56tygfpgf0ry5tti
EkFb7BU37xpgmejCnRGN+eeu8ML0bDbKC6SYgRU8OpnBRy33xXq63IHStffn+82w
vx1d5WgZA0n9mUIHIullT6kUNCSXWtZhwh0bDRTSsEShRu8XUpOjr8O8Ug==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org