Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29538.roa
File: AS29538.roa (raw, json)
Hash identifier: Sj1RhoKI5yBlO0UHca1n0yr9T1pYSVM+QmHRAP3eEnY=
Subject key identifier: 90:5A:64:EC:63:9E:D8:51:AA:E3:C1:D3:A6:64:61:7C:C0:38:EC:F3
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 6D727456F86FE38332457B531132BD4BAC6D006E
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29538.roa
Signing time: Thu 14 Dec 2023 08:05:08 +0000
ROA not before: Thu 14 Dec 2023 08:00:08 +0000
ROA not after: Thu 12 Dec 2024 08:05:08 +0000
asID: 29538
IP address blocks: 147.78.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:72:74:56:f8:6f:e3:83:32:45:7b:53:11:32:bd:4b:ac:6d:00:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Dec 14 08:00:08 2023 GMT
Not After : Dec 12 08:05:08 2024 GMT
Subject: CN=905A64EC639ED851AAE3C1D3A664617CC038ECF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:b1:20:d1:d0:40:2c:38:9b:1a:58:c9:dc:
c0:6b:a4:56:b0:73:d3:6d:35:c6:92:1f:42:5a:ba:
3b:bc:8e:c7:91:6a:5e:99:a4:b2:38:45:15:a3:0d:
52:83:ef:e1:d0:3b:7e:14:35:ff:7a:c9:20:07:f9:
3b:d4:b2:fc:b4:9b:78:49:ee:8a:e0:dd:6c:a9:bd:
92:f1:21:ed:7b:c7:c9:6a:d8:b9:9a:bd:ee:94:27:
63:5d:2f:78:df:37:2e:69:d4:07:30:94:e8:4d:b4:
8d:78:7c:4e:a4:1e:9d:0e:cf:eb:ea:62:5f:37:d6:
69:02:97:ac:df:32:6b:a4:3f:4f:56:b7:b5:b0:33:
b9:1e:be:5c:85:39:80:39:c6:f3:0b:79:ae:62:db:
9a:74:7a:f9:83:c3:c5:11:0e:1c:c7:36:a0:aa:a7:
11:20:30:63:7a:2e:fe:2e:f6:a1:c2:95:f0:2f:7d:
ff:70:34:a0:6e:eb:0d:4c:04:d6:28:3e:d6:24:11:
ba:a9:6c:66:09:8c:b5:75:f6:b8:91:a0:d1:5a:f4:
d6:81:7a:db:4c:f5:bb:d1:46:f3:5c:b4:60:56:76:
72:58:26:94:79:86:73:36:81:e9:b3:26:0f:a2:c9:
35:28:33:11:bc:f7:25:e2:08:b2:95:ad:d3:10:94:
5d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:5A:64:EC:63:9E:D8:51:AA:E3:C1:D3:A6:64:61:7C:C0:38:EC:F3
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.121.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b3:9e:00:ad:31:ff:c1:85:4f:c9:45:a6:b5:02:ce:f7:88:
c5:f6:8e:b0:c1:62:a5:dd:54:84:0a:27:1f:fe:72:c6:83:22:
bb:62:21:51:ad:89:59:24:53:d7:e7:7a:d3:09:d7:62:a5:55:
25:f6:68:83:83:cd:aa:aa:03:2e:47:d5:87:5c:f6:c5:f0:76:
81:7d:25:a0:81:73:95:81:33:ad:a5:cf:77:bc:af:3f:70:1d:
7d:96:07:4a:dc:fd:b4:03:97:43:72:83:0c:4e:94:cd:ab:fc:
26:16:a8:9c:fd:a0:49:b6:df:e7:df:b1:07:cd:e1:7a:16:e0:
58:a7:13:43:54:49:c5:ab:c4:a1:55:0f:13:29:ee:41:01:6b:
b3:a2:17:50:2c:07:aa:71:46:39:aa:60:3d:51:52:c3:82:f7:
09:a6:ff:16:13:d3:3e:bf:de:e3:82:61:84:a3:29:de:0a:a5:
93:cc:8e:15:3b:b9:65:d5:11:78:ca:fa:08:b6:ee:c8:be:df:
16:61:2f:09:56:34:89:2a:06:65:25:30:82:72:e1:99:10:e9:
53:15:64:d7:c5:74:67:f9:6b:96:3b:22:ca:d5:0e:d4:37:02:
99:83:4b:ed:2e:f8:f5:ec:62:d7:be:0f:dc:55:90:7c:4f:46:
34:4f:d7:cb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUbXJ0Vvhv44MyRXtTETK9S6xtAG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzEyMTQwODAwMDhaFw0yNDEyMTIwODA1MDhaMDMxMTAvBgNV
BAMTKDkwNUE2NEVDNjM5RUQ4NTFBQUUzQzFEM0E2NjQ2MTdDQzAzOEVDRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcfLEg0dBALDibGljJ3MBrpFaw
c9NtNcaSH0Jauju8jseRal6ZpLI4RRWjDVKD7+HQO34UNf96ySAH+TvUsvy0m3hJ
7org3WypvZLxIe17x8lq2Lmave6UJ2NdL3jfNy5p1AcwlOhNtI14fE6kHp0Oz+vq
Yl831mkCl6zfMmukP09Wt7WwM7kevlyFOYA5xvMLea5i25p0evmDw8URDhzHNqCq
pxEgMGN6Lv4u9qHClfAvff9wNKBu6w1MBNYoPtYkEbqpbGYJjLV19riRoNFa9NaB
ettM9bvRRvNctGBWdnJYJpR5hnM2gemzJg+iyTUoMxG89yXiCLKVrdMQlF3PAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUkFpk7GOe2FGq48HTpmRhfMA47PMwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjk1Mzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTTnkw
DQYJKoZIhvcNAQELBQADggEBALqzngCtMf/BhU/JRaa1As73iMX2jrDBYqXdVIQK
Jx/+csaDIrtiIVGtiVkkU9fnetMJ12KlVSX2aIODzaqqAy5H1Ydc9sXwdoF9JaCB
c5WBM62lz3e8rz9wHX2WB0rc/bQDl0NygwxOlM2r/CYWqJz9oEm23+ffsQfN4XoW
4FinE0NUScWrxKFVDxMp7kEBa7OiF1AsB6pxRjmqYD1RUsOC9wmm/xYT0z6/3uOC
YYSjKd4KpZPMjhU7uWXVEXjK+gi27si+3xZhLwlWNIkqBmUlMIJy4ZkQ6VMVZNfF
dGf5a5Y7IsrVDtQ3ApmDS+0u+PXsYte+D9xVkHxPRjRP18s=
-----END CERTIFICATE-----
Generated at Fri May 17 01:16:25 2024 by rpki-client on console-ams.rpki-client.org