Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: E7GXw36iNZL749oCPMPDft24F5x5BQeVGZUyUdwUKTc=
Subject key identifier: CE:8D:07:15:16:02:C7:DE:21:9D:DF:DF:EB:71:04:92:FA:F2:97:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 428AE1D9988A05EAEC1DD9DD76DCA6E263B410B2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:30 +0000
ROA not before: Fri 26 Jan 2024 18:57:30 +0000
ROA not after: Fri 24 Jan 2025 19:02:30 +0000
asID: 136787
IP address blocks: 185.234.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:8a:e1:d9:98:8a:05:ea:ec:1d:d9:dd:76:dc:a6:e2:63:b4:10:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:30 2024 GMT
Not After : Jan 24 19:02:30 2025 GMT
Subject: CN=CE8D07151602C7DE219DDFDFEB710492FAF297F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:95:36:47:b7:b3:c1:17:95:ef:57:34:c4:eb:
c6:c6:fe:c9:dc:22:59:28:b3:9b:a7:0a:eb:07:e2:
78:ca:1f:a2:de:e6:17:8b:f1:19:b5:0c:e0:9c:1c:
75:9d:35:2a:ec:37:d9:b5:bb:d2:db:a7:a3:b9:22:
9a:bc:24:39:94:9d:9d:0c:60:ec:fd:23:8b:8f:c7:
51:82:7b:99:8f:28:b4:27:dd:fd:2c:1a:99:df:0d:
20:33:68:86:c8:47:5b:ff:6d:a5:8e:6e:d1:43:35:
58:ee:c5:84:11:ce:0f:ed:3a:a2:af:dd:a2:85:86:
e8:54:35:61:41:b6:21:08:90:00:ab:d0:c9:49:82:
f0:92:4e:2f:5c:34:3c:0f:1b:3c:42:09:ee:82:e1:
dc:77:5c:83:da:5a:68:0c:39:c5:34:92:02:c6:aa:
7b:e6:a1:c5:d7:c6:6a:2c:ea:26:1c:58:49:b4:8b:
2c:90:d2:21:2a:53:b4:54:38:d1:17:c0:aa:0a:1e:
2a:77:94:19:c7:6e:56:07:76:43:09:e3:e1:8d:7c:
b2:46:33:d8:ba:ea:29:e5:81:29:c8:12:cb:c3:a7:
84:0f:18:f3:5e:b4:f3:c1:8b:9c:ba:b1:9b:6f:e5:
82:a3:94:90:0b:30:0b:f9:76:de:d1:2a:20:b4:0a:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:07:15:16:02:C7:DE:21:9D:DF:DF:EB:71:04:92:FA:F2:97:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.71.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:30:cc:96:d5:21:7c:bb:36:53:c8:e4:12:71:75:e7:f4:86:
da:33:5e:dd:ad:dd:85:90:22:59:45:27:aa:ee:b8:69:95:fb:
26:97:06:da:6e:37:63:00:0a:ef:a1:84:46:1b:f5:df:91:91:
ec:76:57:2e:68:d5:98:d8:ef:93:22:45:3b:32:8e:a9:13:8a:
c3:8e:5a:02:e7:05:2d:62:0b:6d:ff:bd:96:e0:44:1e:71:3c:
37:2c:59:b5:0d:a2:5f:02:19:71:59:8f:57:dd:36:41:8c:79:
4b:4b:ba:a1:a1:12:71:b1:74:60:49:a0:85:7f:56:6a:f5:27:
9e:29:03:48:a6:d5:46:70:b5:dd:f6:33:43:76:29:b5:f0:8d:
ef:c0:47:f8:ae:b8:ad:6d:36:6f:09:77:bd:0e:08:c7:7e:70:
b0:e8:e4:d3:57:40:d5:d0:a4:77:d6:fb:55:85:5b:fb:7f:b5:
84:c7:82:42:05:5d:f6:de:f8:03:55:28:d7:c5:6f:1a:c6:8b:
79:62:a8:f6:90:62:cd:93:7f:ef:aa:c7:2f:10:ed:69:fd:d6:
c4:dc:5a:2b:2c:78:e6:6d:b4:a1:c6:5f:53:81:ba:06:aa:df:
be:23:48:ec:8a:fa:c5:b5:18:cb:88:60:8e:d0:d9:a1:2c:b1:
31:86:48:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQorh2ZiKBersHdnddtym4mO0ELIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MzBaFw0yNTAxMjQxOTAyMzBaMDMxMTAvBgNV
BAMTKENFOEQwNzE1MTYwMkM3REUyMTlEREZERkVCNzEwNDkyRkFGMjk3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDlTZHt7PBF5XvVzTE68bG/snc
Ilkos5unCusH4njKH6Le5heL8Rm1DOCcHHWdNSrsN9m1u9Lbp6O5Ipq8JDmUnZ0M
YOz9I4uPx1GCe5mPKLQn3f0sGpnfDSAzaIbIR1v/baWObtFDNVjuxYQRzg/tOqKv
3aKFhuhUNWFBtiEIkACr0MlJgvCSTi9cNDwPGzxCCe6C4dx3XIPaWmgMOcU0kgLG
qnvmocXXxmos6iYcWEm0iyyQ0iEqU7RUONEXwKoKHip3lBnHblYHdkMJ4+GNfLJG
M9i66inlgSnIEsvDp4QPGPNetPPBi5y6sZtv5YKjlJALMAv5dt7RKiC0CsUjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzo0HFRYCx94hnd/f63EEkvryl/cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kcwDQYJKoZIhvcNAQELBQADggEBAH0wzJbVIXy7NlPI5BJxdef0htozXt2t
3YWQIllFJ6ruuGmV+yaXBtpuN2MACu+hhEYb9d+Rkex2Vy5o1ZjY75MiRTsyjqkT
isOOWgLnBS1iC23/vZbgRB5xPDcsWbUNol8CGXFZj1fdNkGMeUtLuqGhEnGxdGBJ
oIV/Vmr1J54pA0im1UZwtd32M0N2KbXwje/AR/iuuK1tNm8Jd70OCMd+cLDo5NNX
QNXQpHfW+1WFW/t/tYTHgkIFXfbe+ANVKNfFbxrGi3liqPaQYs2Tf++qxy8Q7Wn9
1sTcWisseOZttKHGX1OBugaq374jSOyK+sW1GMuIYI7Q2aEssTGGSHY=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org