Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3132382e302f32302d3332203d3e203531313637.roa
File: 38342e3234372e3132382e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: xZkSbRuYYoBV2V2NdPyuUF1G18m38TmHB1ZNZcXZOCc=
Subject key identifier: D7:96:77:9B:12:E4:9A:9F:71:5F:95:F4:ED:1D:99:59:EC:03:98:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 55D4CAFE1DEBF550BA6112A8E08C829A26565970
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3132382e302f32302d3332203d3e203531313637.roa
Signing time: Thu 11 Jan 2024 16:18:07 +0000
ROA not before: Thu 11 Jan 2024 16:13:07 +0000
ROA not after: Thu 09 Jan 2025 16:18:07 +0000
asID: 51167
IP address blocks: 84.247.128.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d4:ca:fe:1d:eb:f5:50:ba:61:12:a8:e0:8c:82:9a:26:56:59:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 11 16:13:07 2024 GMT
Not After : Jan 9 16:18:07 2025 GMT
Subject: CN=D796779B12E49A9F715F95F4ED1D9959EC03986F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c4:92:32:79:34:66:86:79:8e:17:3a:0c:ab:
a4:70:ea:fd:6d:00:6a:77:28:a6:32:6a:14:ab:4e:
e9:f6:40:32:33:c2:c5:af:65:d3:e7:04:99:05:d6:
d2:00:5e:54:67:e3:f7:d5:fa:19:9c:37:fc:e9:f9:
e9:95:82:0d:e8:9e:f8:64:db:7c:40:10:b2:79:30:
34:ee:dd:3c:62:c8:4c:9a:f7:64:8a:15:42:86:d6:
d9:78:4b:36:c8:f5:da:4c:2d:99:3f:4f:3b:54:3d:
67:9d:05:93:0a:08:63:48:ae:f8:b5:59:9b:a9:9d:
a6:3a:31:06:2e:7c:53:06:5d:d7:df:40:16:53:6e:
42:63:be:b1:ec:13:4e:a1:01:b1:f3:d1:b1:32:3d:
10:aa:4b:5a:bf:6f:05:7b:06:86:db:e6:9a:6e:2f:
dc:71:51:a8:73:20:e8:31:04:b3:e8:95:cb:40:36:
ea:d4:52:f9:ae:9c:a8:18:e7:7f:7a:bd:d6:e4:e6:
7c:a5:c0:f9:f1:6e:04:b7:a8:79:f1:8a:c6:29:97:
c9:6a:76:7a:47:40:ab:6b:cf:3e:1a:77:7f:f4:18:
64:59:d9:fe:27:39:06:bf:19:09:7a:b4:9a:da:54:
86:75:4f:ff:24:f9:bb:07:72:c6:d8:5d:28:c3:1f:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:96:77:9B:12:E4:9A:9F:71:5F:95:F4:ED:1D:99:59:EC:03:98:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3132382e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:ec:fa:0f:0b:07:10:b5:2b:a8:2d:c3:02:1b:16:d8:78:c6:
93:29:5a:96:2f:91:5f:52:d3:68:42:6b:7d:8d:b0:d6:8a:46:
27:fa:f2:62:c8:3b:6c:94:66:b9:81:5f:9c:01:e8:5a:19:ed:
b3:97:b1:59:bd:61:c3:18:a5:74:38:e9:17:d9:7a:bf:3f:54:
a3:7f:8b:d6:9a:f3:7a:73:05:02:69:b5:3b:9a:1c:15:ef:a6:
f3:8e:ac:22:6c:25:2c:c9:4b:52:3c:c5:e1:a2:e5:84:ae:32:
ad:58:6f:a8:46:a8:10:eb:40:d7:df:a7:e1:cb:4f:66:f9:5b:
40:5a:38:66:59:47:a9:e0:ab:4c:b0:51:fa:e8:fb:94:88:d3:
0a:bd:8d:39:fc:94:25:5b:27:dd:43:f1:30:7c:88:b4:04:94:
5f:5d:99:70:ad:9b:98:d0:81:b1:81:ad:58:97:dd:65:c9:96:
df:80:4f:93:52:19:ef:75:fc:90:10:9d:ce:48:a1:b0:4d:a4:
c8:5d:e7:37:7d:99:01:00:86:69:f4:9a:5f:12:a0:05:fd:f0:
63:f0:d7:0e:fc:53:90:5f:14:dc:de:4f:6d:97:05:74:2c:9f:
db:cf:5c:6c:65:69:8f:0a:0c:a3:bf:a6:15:0a:eb:36:ad:00:
d0:a1:d8:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVdTK/h3r9VC6YRKo4IyCmiZWWXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTExNjEzMDdaFw0yNTAxMDkxNjE4MDdaMDMxMTAvBgNV
BAMTKEQ3OTY3NzlCMTJFNDlBOUY3MTVGOTVGNEVEMUQ5OTU5RUMwMzk4NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcxJIyeTRmhnmOFzoMq6Rw6v1t
AGp3KKYyahSrTun2QDIzwsWvZdPnBJkF1tIAXlRn4/fV+hmcN/zp+emVgg3onvhk
23xAELJ5MDTu3TxiyEya92SKFUKG1tl4SzbI9dpMLZk/TztUPWedBZMKCGNIrvi1
WZupnaY6MQYufFMGXdffQBZTbkJjvrHsE06hAbHz0bEyPRCqS1q/bwV7Bobb5ppu
L9xxUahzIOgxBLPolctANurUUvmunKgY5396vdbk5nylwPnxbgS3qHnxisYpl8lq
dnpHQKtrzz4ad3/0GGRZ2f4nOQa/GQl6tJraVIZ1T/8k+bsHcsbYXSjDH/i7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU15Z3mxLkmp9xX5X07R2ZWewDmG8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzIzNDM3MmUzMTMy
MzgyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
VPeAMA0GCSqGSIb3DQEBCwUAA4IBAQCO7PoPCwcQtSuoLcMCGxbYeMaTKVqWL5Ff
UtNoQmt9jbDWikYn+vJiyDtslGa5gV+cAehaGe2zl7FZvWHDGKV0OOkX2Xq/P1Sj
f4vWmvN6cwUCabU7mhwV76bzjqwibCUsyUtSPMXhouWErjKtWG+oRqgQ60DX36fh
y09m+VtAWjhmWUep4KtMsFH66PuUiNMKvY05/JQlWyfdQ/EwfIi0BJRfXZlwrZuY
0IGxga1Yl91lyZbfgE+TUhnvdfyQEJ3OSKGwTaTIXec3fZkBAIZp9JpfEqAF/fBj
8NcO/FOQXxTc3k9tlwV0LJ/bz1xsZWmPCgyjv6YVCus2rQDQodiG
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org