Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
File: 3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: 2lxgYjiPbyCoHbsDPqJ6AE+uoiLLxORbDx6M8qFutVc=
Subject key identifier: 49:67:38:A7:1C:2B:16:C6:1F:AC:58:B8:B3:5C:30:53:02:A0:0C:86
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 234363127C3F5FB55BC3D16B9F91987062FC13DB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
Signing time: Fri 20 Oct 2023 13:41:51 +0000
ROA not before: Fri 20 Oct 2023 13:36:51 +0000
ROA not after: Fri 18 Oct 2024 13:41:51 +0000
asID: 397423
IP address blocks: 185.241.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:43:63:12:7c:3f:5f:b5:5b:c3:d1:6b:9f:91:98:70:62:fc:13:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:51 2023 GMT
Not After : Oct 18 13:41:51 2024 GMT
Subject: CN=496738A71C2B16C61FAC58B8B35C305302A00C86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:8d:ad:3f:6b:68:61:c5:6f:b3:cc:72:83:
e1:1e:15:59:11:06:d2:a3:3a:18:f1:57:ba:20:3a:
6c:6b:60:88:c2:86:65:4e:88:26:50:c9:16:f2:29:
bd:33:34:ba:7e:5c:1f:eb:92:87:dc:91:80:6e:09:
35:48:fa:74:5a:a6:9e:24:aa:31:ec:ea:e8:df:7e:
29:aa:3e:63:a8:f2:8e:69:c7:45:a4:ec:70:e4:b2:
64:9a:47:a5:59:ca:43:58:80:73:c1:2f:a6:8b:6a:
81:b5:3c:36:ad:fa:66:c0:e5:50:21:9e:e6:42:4a:
05:62:89:39:0a:8e:ef:5e:3e:98:50:1c:50:d9:23:
83:bb:51:3e:2f:25:82:8e:e6:c9:e1:f7:24:65:2f:
d7:ea:7a:d1:89:48:1f:c4:26:cd:e5:5a:c6:33:11:
6e:16:52:7c:a5:e7:eb:7c:2d:eb:4c:35:20:e0:75:
cd:fa:7c:fe:50:ca:31:f3:fa:e2:c7:2c:cf:8c:ea:
9f:c9:1c:bf:78:3f:ee:61:16:a0:21:a8:97:05:82:
55:b4:8b:f6:5b:4e:a7:ad:d9:1b:51:b0:f6:c0:ef:
36:ff:0c:9e:ae:0d:48:eb:a4:1d:6f:07:40:a5:da:
88:dc:93:b6:ca:4c:16:d6:ae:6a:89:0d:ea:4d:3d:
c0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:67:38:A7:1C:2B:16:C6:1F:AC:58:B8:B3:5C:30:53:02:A0:0C:86
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.149.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:03:87:c0:06:cf:f9:04:a0:2e:66:9a:cc:52:5b:e0:3d:af:
0c:de:32:9c:0d:af:3f:6e:5e:14:3d:db:8f:10:0c:05:37:c2:
c5:48:c2:72:fa:b5:e0:a7:83:71:47:d3:e7:d2:71:52:c2:5a:
0b:d6:eb:f4:59:c9:27:80:8f:31:56:ae:6b:d9:aa:9e:37:22:
8a:a7:0d:fe:7b:6e:b4:50:03:bb:88:0a:6b:94:97:8b:62:59:
c6:b4:3d:ba:0f:9e:c8:73:20:9f:f5:a8:a9:10:b5:28:a4:85:
e7:b0:75:67:58:75:75:3a:8b:77:02:f9:d9:66:42:8a:4a:39:
34:6b:58:cd:46:84:bc:07:8a:7f:3d:a0:b6:1a:55:12:10:2a:
7b:0f:f6:c1:b4:6e:5f:38:e5:ca:fa:be:44:31:02:83:e8:b4:
79:a4:3c:07:e8:53:4f:62:02:77:47:6e:11:f8:2d:c3:1b:57:
1b:78:b9:42:fb:ef:3c:ac:2c:10:bc:b0:9a:40:bf:81:77:50:
56:7c:39:69:6e:af:02:2d:13:05:59:7c:d6:08:1a:4b:ce:52:
36:bf:a4:eb:43:bc:0e:7a:50:ae:ce:fa:a3:d9:d7:33:92:86:
fc:53:b0:35:e4:8a:c3:01:ec:78:e5:7a:cb:b7:ba:c0:37:b7:
71:5d:97:d8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUI0NjEnw/X7Vbw9Frn5GYcGL8E9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTFaFw0yNDEwMTgxMzQxNTFaMDMxMTAvBgNV
BAMTKDQ5NjczOEE3MUMyQjE2QzYxRkFDNThCOEIzNUMzMDUzMDJBMDBDODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo9o2tP2toYcVvs8xyg+EeFVkR
BtKjOhjxV7ogOmxrYIjChmVOiCZQyRbyKb0zNLp+XB/rkofckYBuCTVI+nRapp4k
qjHs6ujffimqPmOo8o5px0Wk7HDksmSaR6VZykNYgHPBL6aLaoG1PDat+mbA5VAh
nuZCSgViiTkKju9ePphQHFDZI4O7UT4vJYKO5snh9yRlL9fqetGJSB/EJs3lWsYz
EW4WUnyl5+t8LetMNSDgdc36fP5QyjHz+uLHLM+M6p/JHL94P+5hFqAhqJcFglW0
i/ZbTqet2RtRsPbA7zb/DJ6uDUjrpB1vB0Cl2ojck7bKTBbWrmqJDepNPcAzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSWc4pxwrFsYfrFi4s1wwUwKgDIYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM0MzIzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnxlTANBgkqhkiG9w0BAQsFAAOCAQEAigOHwAbP+QSgLmaazFJb4D2vDN4y
nA2vP25eFD3bjxAMBTfCxUjCcvq14KeDcUfT59JxUsJaC9br9FnJJ4CPMVaua9mq
njciiqcN/ntutFADu4gKa5SXi2JZxrQ9ug+eyHMgn/WoqRC1KKSF57B1Z1h1dTqL
dwL52WZCiko5NGtYzUaEvAeKfz2gthpVEhAqew/2wbRuXzjlyvq+RDECg+i0eaQ8
B+hTT2ICd0duEfgtwxtXG3i5QvvvPKwsELywmkC/gXdQVnw5aW6vAi0TBVl81gga
S85SNr+k60O8DnpQrs76o9nXM5KG/FOwNeSKwwHseOV6y7e6wDe3cV2X2A==
-----END CERTIFICATE-----
Generated at Sat May 4 11:36:57 2024 by rpki-client on console-fra.rpki-client.org