Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
File: 37372e37382e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: fbkPpT2UP8rBtG6uDvEWglX5YMga5oYCSqBUbIRamM0=
Subject key identifier: D6:B4:13:A5:3D:A0:98:D7:5F:30:8C:07:2F:82:A0:2C:9C:C3:AC:A5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 380367FF2F9C93281B62B9FDE26352CB8BEC64F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:17 +0000
ROA not before: Mon 26 Feb 2024 08:48:17 +0000
ROA not after: Mon 24 Feb 2025 08:53:17 +0000
asID: 136787
IP address blocks: 77.78.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:03:67:ff:2f:9c:93:28:1b:62:b9:fd:e2:63:52:cb:8b:ec:64:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:17 2024 GMT
Not After : Feb 24 08:53:17 2025 GMT
Subject: CN=D6B413A53DA098D75F308C072F82A02C9CC3ACA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:60:81:c8:bd:b1:02:72:67:8a:08:f0:2c:ff:
64:84:0c:31:26:fd:e3:f2:af:a1:98:e1:4a:bf:4f:
e7:b7:25:31:c7:b3:66:8c:e3:43:86:b9:7a:55:51:
ae:b7:8a:14:72:3b:f8:a1:d5:e2:09:3b:43:cb:5f:
91:73:12:5b:19:77:79:4c:6f:f5:7d:07:4d:47:28:
93:77:0f:62:e3:63:92:05:1e:cf:96:de:3d:77:6b:
65:7b:aa:cf:23:30:24:a0:96:65:3a:e4:84:7e:ad:
15:f3:87:ca:fb:96:0d:79:36:63:b5:55:f7:41:56:
f2:0e:3d:ac:43:13:f2:3d:76:8b:b0:27:20:15:de:
e0:a7:80:4e:9c:53:f9:7c:fd:a5:42:f4:61:13:da:
30:c5:48:e5:55:62:76:b5:ae:04:a9:00:c4:04:16:
76:0f:92:55:2c:dc:c5:e8:89:ea:c3:37:32:11:e9:
2c:1c:ea:85:cd:05:ff:fc:77:4f:9b:0e:18:5c:2a:
a1:da:a8:37:b2:cc:62:d3:40:73:c8:16:92:6f:25:
92:75:7d:7f:13:ce:de:3c:d0:ce:f6:61:53:36:35:
fb:ee:86:76:12:ef:3f:be:8f:2f:0a:f1:fd:be:ff:
a4:67:23:42:88:ad:ca:c8:9c:d3:f8:ec:81:82:8a:
2d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B4:13:A5:3D:A0:98:D7:5F:30:8C:07:2F:82:A0:2C:9C:C3:AC:A5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e37382e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.121.0/24
Signature Algorithm: sha256WithRSAEncryption
71:54:88:19:89:b3:11:d8:3f:0c:79:e7:0a:56:4e:b1:9d:2a:
50:27:85:c5:fd:e2:30:f4:4a:6d:ad:65:88:54:cf:86:5c:5d:
0b:44:17:73:16:4a:bc:f2:ca:42:9e:6f:d2:c7:2d:81:c2:7d:
89:74:ff:23:5f:4b:d7:63:0f:cf:bc:96:01:2c:f0:41:a3:2e:
4d:fa:25:ec:29:f4:1a:ce:a7:33:c0:dc:76:f5:22:00:ff:ab:
8d:e2:83:ab:f0:fb:a6:ec:e4:b3:7c:e7:04:3e:97:d4:39:67:
88:7b:37:bf:21:35:da:93:9c:cf:74:af:f2:be:cd:54:64:c7:
c6:25:7f:90:d6:d6:50:ef:9f:3a:cb:35:97:ac:ea:2c:6e:9a:
a0:1a:56:28:e6:03:39:c0:c1:d3:2f:eb:70:3c:f6:f2:99:62:
f0:98:4d:6f:54:f8:62:81:bf:6f:c1:d7:3f:4f:d3:4d:b9:28:
d5:5f:5e:25:e5:9e:ce:23:8e:77:86:6b:a9:a2:ca:01:ec:1a:
33:b2:a0:58:55:07:e1:28:e2:82:ea:dd:13:f6:ac:12:c6:da:
4c:5b:c0:3a:af:9e:dc:be:a0:f1:52:16:11:6d:b4:3f:46:8e:
fe:0c:66:e2:e9:91:bc:23:f2:07:e9:2c:96:a2:7a:a8:09:24:
21:40:ad:62
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOANn/y+ckygbYrn94mNSy4vsZPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTdaFw0yNTAyMjQwODUzMTdaMDMxMTAvBgNV
BAMTKEQ2QjQxM0E1M0RBMDk4RDc1RjMwOEMwNzJGODJBMDJDOUNDM0FDQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdYIHIvbECcmeKCPAs/2SEDDEm
/ePyr6GY4Uq/T+e3JTHHs2aM40OGuXpVUa63ihRyO/ih1eIJO0PLX5FzElsZd3lM
b/V9B01HKJN3D2LjY5IFHs+W3j13a2V7qs8jMCSglmU65IR+rRXzh8r7lg15NmO1
VfdBVvIOPaxDE/I9douwJyAV3uCngE6cU/l8/aVC9GET2jDFSOVVYna1rgSpAMQE
FnYPklUs3MXoierDNzIR6Swc6oXNBf/8d0+bDhhcKqHaqDeyzGLTQHPIFpJvJZJ1
fX8Tzt480M72YVM2NfvuhnYS7z++jy8K8f2+/6RnI0KIrcrInNP47IGCii3fAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1rQTpT2gmNdfMIwHL4KgLJzDrKUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzczODJlMzEzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TU55MA0GCSqGSIb3DQEBCwUAA4IBAQBxVIgZibMR2D8MeecKVk6xnSpQJ4XF/eIw
9EptrWWIVM+GXF0LRBdzFkq88spCnm/Sxy2Bwn2JdP8jX0vXYw/PvJYBLPBBoy5N
+iXsKfQazqczwNx29SIA/6uN4oOr8Pum7OSzfOcEPpfUOWeIeze/ITXak5zPdK/y
vs1UZMfGJX+Q1tZQ7586yzWXrOosbpqgGlYo5gM5wMHTL+twPPbymWLwmE1vVPhi
gb9vwdc/T9NNuSjVX14l5Z7OI453hmuposoB7BozsqBYVQfhKOKC6t0T9qwSxtpM
W8A6r57cvqDxUhYRbbQ/Ro7+DGbi6ZG8I/IH6SyWonqoCSQhQK1i
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org