Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/34362e3138322e31362e302f32332d3233203d3e203433383437.roa
File: 34362e3138322e31362e302f32332d3233203d3e203433383437.roa (raw, json)
Hash identifier: 4YLzigbbgGBlj3P8KPCDpw+y1a9c2DAZLVBVu5lNf4E=
Subject key identifier: 3A:85:A2:DC:95:F5:1E:A8:4C:E7:0E:CD:8E:59:B6:CF:34:0C:06:FE
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 245313EB7D2F7E62F1814B7F6A32A271C7F915F4
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/34362e3138322e31362e302f32332d3233203d3e203433383437.roa
Signing time: Wed 29 Jan 2025 13:36:59 +0000
ROA not before: Wed 29 Jan 2025 13:31:59 +0000
ROA not after: Wed 28 Jan 2026 13:36:59 +0000
asID: 43847
IP address blocks: 46.182.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 18:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:53:13:eb:7d:2f:7e:62:f1:81:4b:7f:6a:32:a2:71:c7:f9:15:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Jan 29 13:31:59 2025 GMT
Not After : Jan 28 13:36:59 2026 GMT
Subject: CN=3A85A2DC95F51EA84CE70ECD8E59B6CF340C06FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:38:6a:88:7e:3f:be:93:7b:b9:74:49:80:
03:ec:ce:92:e1:9e:b9:58:33:f4:9e:f2:91:cc:cc:
b6:af:5b:71:f9:79:c6:f2:43:9c:88:4c:15:0e:ef:
cd:81:96:dd:9f:b3:75:14:1b:23:d2:01:4a:e2:71:
3c:50:d7:10:cb:55:91:7c:03:76:fe:c7:ba:bb:6f:
fc:96:22:c7:28:d4:2c:bb:fa:67:3a:0f:8c:13:05:
1d:a5:bf:fe:a7:93:ba:c0:c2:5b:77:13:da:25:ea:
03:24:d7:19:59:83:18:e9:d3:2a:3d:c1:29:c3:f8:
87:97:41:0a:c6:f3:50:16:fb:19:4a:9f:37:d7:66:
c0:40:4c:03:b7:69:17:75:87:cb:db:82:2d:75:ea:
0e:1c:ef:98:d9:a2:52:7e:b0:b5:32:1e:71:0b:e1:
11:f3:2e:f2:46:db:5f:b4:5b:45:7a:73:2a:2c:b2:
9b:a5:57:24:86:a5:6c:5f:d3:9d:a5:fe:43:6c:21:
6a:b4:88:b2:c3:ab:57:81:0a:92:f7:c8:c1:ff:b4:
03:ee:08:63:6b:60:ee:16:b5:98:84:fa:7b:db:68:
73:04:5c:a4:f0:27:ae:e3:e1:dc:b1:c4:87:46:c1:
ea:05:0e:13:97:98:05:26:f5:72:19:14:70:b0:78:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:85:A2:DC:95:F5:1E:A8:4C:E7:0E:CD:8E:59:B6:CF:34:0C:06:FE
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/34362e3138322e31362e302f32332d3233203d3e203433383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:92:0a:12:41:8f:5d:61:40:b4:67:50:14:34:a0:24:10:cc:
9e:4f:0a:bc:e8:11:f1:43:2a:bc:41:ee:e1:98:d6:38:a0:d1:
fb:30:ee:cc:c3:da:99:96:57:3c:70:65:7e:c9:14:50:9b:a2:
20:fa:83:06:5c:c3:d6:49:9c:3f:32:e0:c8:12:0e:1d:b7:a7:
34:37:50:b9:06:c1:0e:56:7e:bf:e2:b9:cf:b2:03:92:90:a9:
26:9e:9f:11:33:fb:00:94:f7:7d:8f:dc:fc:82:7e:e6:16:95:
9e:45:d0:59:bd:1b:31:fb:6e:c4:53:1b:c5:78:b0:e3:24:73:
be:83:2b:a8:81:2c:94:e3:38:06:64:32:17:9b:bb:9c:2a:3b:
28:b1:8b:30:ae:b5:11:8f:b4:e6:d1:62:5d:22:41:47:36:81:
48:1b:09:70:8b:a4:c5:97:02:34:c8:78:2d:a0:d5:4b:63:db:
7d:37:71:65:59:b2:bb:44:b5:01:30:48:13:57:f1:9d:c5:0b:
a0:7c:2b:63:95:25:b7:0b:8f:6f:b3:c2:b4:24:f2:fd:7c:8c:
2d:fe:d5:47:5c:c2:f7:3f:8b:36:07:aa:04:e7:18:f1:23:57:
b7:86:2f:cc:d1:56:f2:75:89:57:7c:0e:00:f2:c0:ee:1f:7a:
a0:9a:d2:e7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJFMT630vfmLxgUt/ajKiccf5FfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAxMjkxMzMxNTlaFw0yNjAxMjgxMzM2NTlaMDMxMTAvBgNV
BAMTKDNBODVBMkRDOTVGNTFFQTg0Q0U3MEVDRDhFNTlCNkNGMzQwQzA2RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGdThqiH4/vpN7uXRJgAPszpLh
nrlYM/Se8pHMzLavW3H5ecbyQ5yITBUO782Blt2fs3UUGyPSAUricTxQ1xDLVZF8
A3b+x7q7b/yWIsco1Cy7+mc6D4wTBR2lv/6nk7rAwlt3E9ol6gMk1xlZgxjp0yo9
wSnD+IeXQQrG81AW+xlKnzfXZsBATAO3aRd1h8vbgi116g4c75jZolJ+sLUyHnEL
4RHzLvJG21+0W0V6cyosspulVySGpWxf052l/kNsIWq0iLLDq1eBCpL3yMH/tAPu
CGNrYO4WtZiE+nvbaHMEXKTwJ67j4dyxxIdGweoFDhOXmAUm9XIZFHCweEAlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOoWi3JX1HqhM5w7Njlm2zzQMBv4wHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzQzNjJlMzEzODMyMmUzMTM2
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQzMzM4MzQzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS62
EDANBgkqhkiG9w0BAQsFAAOCAQEAo5IKEkGPXWFAtGdQFDSgJBDMnk8KvOgR8UMq
vEHu4ZjWOKDR+zDuzMPamZZXPHBlfskUUJuiIPqDBlzD1kmcPzLgyBIOHbenNDdQ
uQbBDlZ+v+K5z7IDkpCpJp6fETP7AJT3fY/c/IJ+5haVnkXQWb0bMftuxFMbxXiw
4yRzvoMrqIEslOM4BmQyF5u7nCo7KLGLMK61EY+05tFiXSJBRzaBSBsJcIukxZcC
NMh4LaDVS2PbfTdxZVmyu0S1ATBIE1fxncULoHwrY5UltwuPb7PCtCTy/XyMLf7V
R1zC9z+LNgeqBOcY8SNXt4YvzNFW8nWJV3wOAPLA7h96oJrS5w==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:26 2025 by rpki-client