Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6p9qjgmFpuHVIf0YSq8wfXZaEqh2iCfGyf8P8mxXSJE=
Subject key identifier: 84:60:84:57:61:2D:5D:B8:FD:E2:AA:15:65:9D:A4:74:32:0A:F6:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6BE82325FBD6E76F56EE89EC463BD7C88BEB430E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:48 +0000
ROA not before: Fri 26 Jan 2024 18:57:48 +0000
ROA not after: Fri 24 Jan 2025 19:02:48 +0000
asID: 136787
IP address blocks: 185.239.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e8:23:25:fb:d6:e7:6f:56:ee:89:ec:46:3b:d7:c8:8b:eb:43:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:48 2024 GMT
Not After : Jan 24 19:02:48 2025 GMT
Subject: CN=84608457612D5DB8FDE2AA15659DA474320AF6A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:02:84:a5:6e:cd:9d:9b:71:3d:31:03:3b:
b1:bb:be:e1:aa:30:f4:22:85:9f:c7:0e:e5:68:6d:
39:8c:de:be:02:75:36:8b:71:d0:ac:7d:86:84:09:
98:12:c6:b8:16:83:f7:e6:2d:59:1b:af:64:e2:3b:
f4:10:91:80:b6:27:1a:ab:d3:40:96:84:0e:08:32:
65:7a:f3:07:25:16:e6:07:43:e8:6a:2f:83:72:3c:
6f:d2:69:db:23:f4:e4:ef:aa:c9:9d:ac:e7:bc:f4:
da:b5:a0:53:cc:17:44:0e:c4:2b:3b:1a:69:5b:32:
a6:63:f2:bd:18:87:79:64:5d:fc:a6:7c:8c:b6:db:
6b:07:f6:37:a6:85:7e:d4:d9:ba:90:93:99:07:17:
64:a1:8d:58:b7:2e:6c:61:c5:30:5f:63:8f:42:c5:
22:a3:f3:38:05:57:31:a4:00:65:0b:f4:6f:5f:b2:
e3:0e:61:dd:61:c1:b2:d2:8b:0c:0d:79:36:19:0d:
9a:24:81:ba:e1:3d:07:6f:e6:fb:53:d4:77:6d:73:
51:ea:10:c3:62:63:b5:f9:1b:86:5b:d5:96:65:87:
74:d0:8d:99:7f:9d:14:03:d4:d9:87:c2:be:2d:38:
0f:93:d4:8c:60:c0:06:91:b4:73:fc:14:e3:21:81:
8d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:60:84:57:61:2D:5D:B8:FD:E2:AA:15:65:9D:A4:74:32:0A:F6:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.148.0/24
Signature Algorithm: sha256WithRSAEncryption
74:46:cd:67:0a:12:7b:2a:de:3f:bf:f8:81:11:eb:6d:b2:f6:
02:87:15:f2:ca:56:6d:39:60:03:56:63:1c:b7:29:eb:77:84:
b8:f9:c4:ec:64:16:91:18:a5:a9:dd:1f:e6:35:b1:f3:c3:2d:
e4:2f:17:e2:97:db:a4:72:df:1a:c6:8b:83:f4:c3:43:81:75:
fa:0c:9c:89:e4:4a:5a:0a:12:1c:6f:1e:37:7a:0d:95:7a:01:
fd:57:f7:a4:ad:9b:5a:e2:67:73:0b:8f:82:ab:95:4b:67:a7:
81:41:41:8e:76:99:e3:4c:18:1d:4b:f2:ab:8a:33:ff:d6:17:
9a:0e:0d:43:52:00:ce:94:bc:e9:72:a8:3e:06:e6:52:89:fc:
76:46:98:ff:f2:6f:27:de:38:61:6b:74:58:fc:2c:38:d4:1a:
7a:b3:23:64:5e:ad:92:a3:9d:1d:23:85:39:2c:97:4e:5c:1b:
b8:0c:9a:9b:58:aa:dc:ce:46:63:e3:c7:d7:33:90:26:f3:a1:
11:c4:26:59:ed:d3:11:f6:2b:f0:6e:d5:66:2e:4b:76:a9:88:
e9:50:1c:69:0a:3e:4f:53:4f:1f:af:0b:0a:99:5c:39:6c:c3:
5c:5f:57:81:6a:dd:cc:78:fc:0f:16:b8:d1:41:f1:10:e1:38:
3b:a9:36:bc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUa+gjJfvW529W7onsRjvXyIvrQw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3NDhaFw0yNTAxMjQxOTAyNDhaMDMxMTAvBgNV
BAMTKDg0NjA4NDU3NjEyRDVEQjhGREUyQUExNTY1OURBNDc0MzIwQUY2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkxgKEpW7NnZtxPTEDO7G7vuGq
MPQihZ/HDuVobTmM3r4CdTaLcdCsfYaECZgSxrgWg/fmLVkbr2TiO/QQkYC2Jxqr
00CWhA4IMmV68wclFuYHQ+hqL4NyPG/Sadsj9OTvqsmdrOe89Nq1oFPMF0QOxCs7
GmlbMqZj8r0Yh3lkXfymfIy222sH9jemhX7U2bqQk5kHF2ShjVi3LmxhxTBfY49C
xSKj8zgFVzGkAGUL9G9fsuMOYd1hwbLSiwwNeTYZDZokgbrhPQdv5vtT1Hdtc1Hq
EMNiY7X5G4Zb1ZZlh3TQjZl/nRQD1NmHwr4tOA+T1IxgwAaRtHP8FOMhgY3xAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhGCEV2EtXbj94qoVZZ2kdDIK9qgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnvlDANBgkqhkiG9w0BAQsFAAOCAQEAdEbNZwoSeyreP7/4gRHrbbL2AocV
8spWbTlgA1ZjHLcp63eEuPnE7GQWkRilqd0f5jWx88Mt5C8X4pfbpHLfGsaLg/TD
Q4F1+gycieRKWgoSHG8eN3oNlXoB/Vf3pK2bWuJncwuPgquVS2engUFBjnaZ40wY
HUvyq4oz/9YXmg4NQ1IAzpS86XKoPgbmUon8dkaY//JvJ944YWt0WPwsONQaerMj
ZF6tkqOdHSOFOSyXTlwbuAyam1iq3M5GY+PH1zOQJvOhEcQmWe3TEfYr8G7VZi5L
dqmI6VAcaQo+T1NPH68LCplcOWzDXF9XgWrdzHj8Dxa40UHxEOE4O6k2vA==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org