Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33372e36302e3234302e302f32302d3332203d3e203531313637.roa
File: 33372e36302e3234302e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: ZUrFoZMjn/BOFymkXcQHScH/eSk7GkARBWDE/ZXh0Bo=
Subject key identifier: F7:FA:BC:B4:CF:2D:58:EE:87:E1:E8:3E:80:7E:75:39:24:E2:B2:40
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0883B98E305D83CAF1E6E8C60DF54A72B29FC7E0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33372e36302e3234302e302f32302d3332203d3e203531313637.roa
Signing time: Thu 25 Jan 2024 10:02:21 +0000
ROA not before: Thu 25 Jan 2024 09:57:21 +0000
ROA not after: Thu 23 Jan 2025 10:02:21 +0000
asID: 51167
IP address blocks: 37.60.240.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:83:b9:8e:30:5d:83:ca:f1:e6:e8:c6:0d:f5:4a:72:b2:9f:c7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 25 09:57:21 2024 GMT
Not After : Jan 23 10:02:21 2025 GMT
Subject: CN=F7FABCB4CF2D58EE87E1E83E807E753924E2B240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bb:cb:3a:8f:6e:78:77:22:4d:24:dd:89:2d:
20:4a:3b:28:fa:57:f5:a6:93:40:ef:74:e8:e9:a7:
83:23:d1:8d:db:df:08:f1:94:70:d5:91:43:d3:a5:
07:eb:f5:97:ae:99:ed:9c:48:90:b7:87:ed:72:a4:
78:6d:0f:2c:cb:5e:7c:bb:c7:9a:f1:52:63:30:9e:
26:3c:b5:0f:bf:b1:61:95:3f:f4:3a:71:49:3e:fd:
62:7e:81:70:17:f0:9b:c7:ff:16:ab:74:70:5e:fb:
a9:64:ac:89:dc:06:a2:79:a7:95:90:77:79:9a:c8:
37:d5:00:04:c9:ea:09:20:bd:d7:44:89:f1:25:21:
54:4d:b7:42:a9:37:67:4d:7e:7f:b9:01:12:d1:57:
a8:f6:d2:4e:5d:9c:5c:70:71:8e:74:a0:eb:c3:97:
a0:c5:df:f6:96:c2:55:5f:f1:4c:a8:23:d0:15:24:
fe:0a:bb:d3:18:50:b5:c5:ac:ab:31:8b:6d:65:20:
f2:ad:be:8b:ca:a8:3d:22:e2:6b:6d:a0:d8:37:95:
cf:84:b8:4f:b9:6a:15:85:b4:42:58:8c:a6:c8:46:
5d:f6:57:ad:1f:85:c5:20:b8:b0:7e:ca:2c:48:60:
81:41:b3:48:26:29:8b:98:95:c9:0f:27:83:b2:d5:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FA:BC:B4:CF:2D:58:EE:87:E1:E8:3E:80:7E:75:39:24:E2:B2:40
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33372e36302e3234302e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.240.0/20
Signature Algorithm: sha256WithRSAEncryption
93:53:30:8e:17:50:22:db:aa:86:54:9f:8d:58:35:56:84:bc:
44:43:e4:54:5d:5c:0f:eb:1f:eb:da:fb:c0:0e:66:e0:1d:09:
60:c4:d8:f3:a2:16:5c:21:02:71:33:1d:99:7d:72:c9:ff:2e:
3f:13:5b:f2:97:24:25:55:45:b0:71:81:26:ca:47:5f:56:4d:
f4:32:43:f1:05:27:ad:15:b0:2c:49:8c:1a:56:4d:db:78:d4:
bc:e8:ac:63:bf:6f:e1:78:64:3f:c8:28:b2:50:92:5e:6b:07:
3d:78:eb:9d:cb:1e:48:b6:c9:d0:04:d9:44:74:87:3a:be:d7:
8a:92:c1:40:20:57:31:e6:44:91:92:0e:f1:9e:4d:61:33:9b:
58:da:02:67:a6:8f:c9:aa:21:cd:4b:5c:20:6f:49:0e:f4:6d:
bd:98:04:fd:34:b0:1b:41:2e:c5:6a:85:80:15:98:43:4b:d3:
ca:7c:28:54:dc:1e:f1:b8:a7:97:a4:a8:7d:8c:b5:9d:66:53:
cc:e2:89:f2:68:f7:05:88:1c:a4:ac:1d:21:fc:d7:a6:89:1b:
c1:34:05:ad:98:c5:3e:fa:22:9c:6d:95:c1:de:89:3e:74:c0:
12:1c:af:f6:9c:a1:3f:2f:3f:d8:fa:04:32:93:8f:b5:21:70:
c5:1d:dd:1e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCIO5jjBdg8rx5ujGDfVKcrKfx+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjUwOTU3MjFaFw0yNTAxMjMxMDAyMjFaMDMxMTAvBgNV
BAMTKEY3RkFCQ0I0Q0YyRDU4RUU4N0UxRTgzRTgwN0U3NTM5MjRFMkIyNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDju8s6j254dyJNJN2JLSBKOyj6
V/Wmk0DvdOjpp4Mj0Y3b3wjxlHDVkUPTpQfr9Zeume2cSJC3h+1ypHhtDyzLXny7
x5rxUmMwniY8tQ+/sWGVP/Q6cUk+/WJ+gXAX8JvH/xardHBe+6lkrIncBqJ5p5WQ
d3mayDfVAATJ6gkgvddEifElIVRNt0KpN2dNfn+5ARLRV6j20k5dnFxwcY50oOvD
l6DF3/aWwlVf8UyoI9AVJP4Ku9MYULXFrKsxi21lIPKtvovKqD0i4mttoNg3lc+E
uE+5ahWFtEJYjKbIRl32V60fhcUguLB+yixIYIFBs0gmKYuYlckPJ4Oy1TCjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU9/q8tM8tWO6H4eg+gH51OSTiskAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzNzJlMzYzMDJlMzIzNDMw
MmUzMDJmMzIzMDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBCU8
8DANBgkqhkiG9w0BAQsFAAOCAQEAk1MwjhdQItuqhlSfjVg1VoS8REPkVF1cD+sf
69r7wA5m4B0JYMTY86IWXCECcTMdmX1yyf8uPxNb8pckJVVFsHGBJspHX1ZN9DJD
8QUnrRWwLEmMGlZN23jUvOisY79v4XhkP8goslCSXmsHPXjrncseSLbJ0ATZRHSH
Or7XipLBQCBXMeZEkZIO8Z5NYTObWNoCZ6aPyaohzUtcIG9JDvRtvZgE/TSwG0Eu
xWqFgBWYQ0vTynwoVNwe8binl6SofYy1nWZTzOKJ8mj3BYgcpKwdIfzXpokbwTQF
rZjFPvoinG2Vwd6JPnTAEhyv9pyhPy8/2PoEMpOPtSFwxR3dHg==
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:36 2024 by rpki-client on console-fra.rpki-client.org