Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135322e302f32342d3234203d3e203437353833.roa
File: 38322e3138302e3135322e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: xjQokOBL5veBM5p7/muJjhWiZBOXGxAjLLADhPysjVE=
Subject key identifier: 80:81:E3:68:3D:EB:13:F5:8E:35:AB:16:1A:CA:01:98:B4:CF:18:F2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C8BEFA1DA140EBD6CE44C16B4F7B126D34D4CDF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135322e302f32342d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:25 +0000
ROA not before: Mon 26 Feb 2024 08:48:25 +0000
ROA not after: Mon 24 Feb 2025 08:53:25 +0000
asID: 47583
IP address blocks: 82.180.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:8b:ef:a1:da:14:0e:bd:6c:e4:4c:16:b4:f7:b1:26:d3:4d:4c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:25 2024 GMT
Not After : Feb 24 08:53:25 2025 GMT
Subject: CN=8081E3683DEB13F58E35AB161ACA0198B4CF18F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:93:39:c8:c4:34:a3:57:c8:93:a4:4e:5f:f1:
62:10:50:df:9d:ca:fb:db:85:0d:1a:1c:c2:c9:c0:
7b:b5:d6:b9:b3:8d:72:b1:3f:3c:78:78:dd:b0:b9:
ef:da:55:6b:9a:c0:4c:9b:59:e8:01:df:ba:2c:a6:
06:7d:08:82:6f:bd:40:6e:0a:95:f5:88:f1:9b:e7:
bd:38:67:4c:c8:a6:01:0d:57:28:a6:b0:51:0d:18:
31:ef:6f:5e:70:c9:c7:42:e9:0c:6f:0e:73:a5:be:
9d:46:3d:6d:49:1b:89:c6:fb:82:0d:8a:20:c4:01:
a3:57:f0:93:49:e3:18:9f:c6:69:52:ef:3b:a0:86:
7f:62:69:20:d7:ec:4f:6a:a0:e1:4d:72:91:08:8e:
00:65:2e:1a:e9:17:27:a3:b6:3a:77:8e:23:39:ad:
54:8f:0a:3d:ea:e3:66:2c:e3:b8:c9:64:c7:b3:4d:
79:33:61:40:6c:6b:78:75:8b:3c:3f:09:d4:d1:ff:
e5:28:43:ef:f0:99:77:53:14:49:b8:55:10:8e:cd:
5f:16:0c:a7:8a:f7:43:63:00:4f:e3:50:73:db:70:
6c:f0:9e:c8:40:bc:7a:6e:5b:c3:a8:10:7c:b1:10:
ae:5f:56:76:d0:af:bf:5e:d9:70:7a:ec:4f:9c:d7:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:81:E3:68:3D:EB:13:F5:8E:35:AB:16:1A:CA:01:98:B4:CF:18:F2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135322e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:1e:7c:04:5d:98:4f:52:35:ad:ec:86:7f:a3:10:c3:1c:ca:
3e:ec:96:72:0c:f2:cc:e6:60:02:d4:d2:d2:57:a7:d8:27:87:
00:86:b8:c5:5a:96:90:cb:23:ca:1d:79:b2:d7:96:1e:88:39:
2a:80:f2:21:4b:24:8c:a1:64:10:42:f7:7c:2b:96:de:7b:38:
b1:6d:58:e8:ff:d0:e1:64:4d:8a:87:a8:c7:fb:c7:f6:d1:75:
6d:24:01:4a:bd:45:d4:4a:92:38:dd:16:94:c3:22:24:cc:d1:
90:25:9c:0d:4a:85:60:71:58:ee:95:48:33:55:7e:56:e4:de:
17:2b:cc:52:fb:71:1b:77:40:68:2b:fe:c5:09:05:1e:49:ad:
e4:27:1a:e4:cd:12:45:2b:ce:c4:8a:b1:61:9d:4d:71:11:86:
95:b1:0e:5a:ca:0f:46:6a:5c:6b:5d:09:92:89:5b:5a:68:f0:
ec:ea:87:d2:8a:2d:85:73:13:ff:9e:a6:62:ad:ff:65:2f:c3:
00:99:09:ac:50:39:05:93:23:59:20:8f:cc:49:cc:7a:0c:01:
94:9c:f5:e4:9d:4b:db:da:23:f2:5c:ab:2e:e7:7a:e5:69:24:
bc:be:c1:ad:4e:c1:c4:30:6e:8e:a2:91:29:be:5c:2c:73:7f:
6d:62:89:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPIvvodoUDr1s5EwWtPexJtNNTN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjVaFw0yNTAyMjQwODUzMjVaMDMxMTAvBgNV
BAMTKDgwODFFMzY4M0RFQjEzRjU4RTM1QUIxNjFBQ0EwMTk4QjRDRjE4RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4kznIxDSjV8iTpE5f8WIQUN+d
yvvbhQ0aHMLJwHu11rmzjXKxPzx4eN2wue/aVWuawEybWegB37ospgZ9CIJvvUBu
CpX1iPGb5704Z0zIpgENVyimsFENGDHvb15wycdC6QxvDnOlvp1GPW1JG4nG+4IN
iiDEAaNX8JNJ4xifxmlS7zughn9iaSDX7E9qoOFNcpEIjgBlLhrpFyejtjp3jiM5
rVSPCj3q42Ys47jJZMezTXkzYUBsa3h1izw/CdTR/+UoQ+/wmXdTFEm4VRCOzV8W
DKeK90NjAE/jUHPbcGzwnshAvHpuW8OoEHyxEK5fVnbQr79e2XB67E+c15erAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgIHjaD3rE/WONasWGsoBmLTPGPIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UrSYMA0GCSqGSIb3DQEBCwUAA4IBAQAdHnwEXZhPUjWt7IZ/oxDDHMo+7JZyDPLM
5mAC1NLSV6fYJ4cAhrjFWpaQyyPKHXmy15YeiDkqgPIhSySMoWQQQvd8K5beezix
bVjo/9DhZE2Kh6jH+8f20XVtJAFKvUXUSpI43RaUwyIkzNGQJZwNSoVgcVjulUgz
VX5W5N4XK8xS+3Ebd0BoK/7FCQUeSa3kJxrkzRJFK87EirFhnU1xEYaVsQ5ayg9G
alxrXQmSiVtaaPDs6ofSii2FcxP/nqZirf9lL8MAmQmsUDkFkyNZII/MScx6DAGU
nPXknUvb2iPyXKsu53rlaSS8vsGtTsHEMG6OopEpvlwsc39tYomn
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:05 2024 by rpki-client on console-fra.rpki-client.org