Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e38302e302f32312d3332203d3e203531313637.roa
File: 38302e3139302e38302e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: Hp3t1iPHgb8MKs1FP/3HKL/jgA+I2uhxxApvzbPcJXo=
Subject key identifier: 7D:E7:ED:30:88:3D:83:32:2E:07:DE:5F:1E:F0:D7:12:8D:66:FA:27
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6BDF182B9368C7FF951A2F5ED2D0E6252B823773
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e38302e302f32312d3332203d3e203531313637.roa
Signing time: Wed 19 Jun 2024 11:34:27 +0000
ROA not before: Wed 19 Jun 2024 11:29:27 +0000
ROA not after: Wed 18 Jun 2025 11:34:27 +0000
asID: 51167
IP address blocks: 80.190.80.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:df:18:2b:93:68:c7:ff:95:1a:2f:5e:d2:d0:e6:25:2b:82:37:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 19 11:29:27 2024 GMT
Not After : Jun 18 11:34:27 2025 GMT
Subject: CN=7DE7ED30883D83322E07DE5F1EF0D7128D66FA27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:4e:cb:ee:e1:d2:69:f7:43:5d:6b:de:2b:
8e:29:0f:ee:45:a8:4e:57:3d:49:69:ec:ff:41:bc:
fc:ff:e9:46:48:22:3f:c5:d1:67:ba:e3:ff:2b:ae:
99:7e:1b:aa:4c:c2:fe:0b:d7:ff:c5:d9:f8:4a:c1:
2e:b9:0d:27:9b:fd:63:a2:32:69:31:a6:91:d6:7e:
80:69:5a:86:b6:d3:7b:fb:65:d6:c1:81:25:1a:20:
73:62:43:a7:44:40:98:2b:65:cd:6e:fc:43:6b:4d:
e9:c2:5b:dc:51:a7:61:92:2d:27:9f:d4:19:ab:23:
9c:06:47:8e:ac:9d:cf:eb:a7:4e:da:44:f6:9b:c4:
a2:36:fe:af:a8:f9:ed:56:a9:a9:8c:7a:b7:f6:62:
0d:d5:b6:b7:8f:d6:3a:b5:55:2b:0e:43:30:60:b9:
d3:2a:4d:1d:00:13:9d:4a:47:3e:76:c0:1b:72:ba:
f3:9c:f2:08:d4:bb:e0:71:c9:42:f8:29:ab:28:55:
6e:33:4b:3e:73:b0:cb:a7:15:45:d5:7e:39:63:12:
2a:bb:b2:5e:28:a7:8b:7a:f6:2f:2f:33:61:11:9f:
05:80:aa:fb:45:c1:d0:29:3f:fd:27:a5:9f:3e:35:
b3:47:2f:75:b4:75:d8:1c:eb:d8:45:63:06:57:7c:
de:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E7:ED:30:88:3D:83:32:2E:07:DE:5F:1E:F0:D7:12:8D:66:FA:27
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e38302e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.190.80.0/21
Signature Algorithm: sha256WithRSAEncryption
67:c9:31:ce:e2:e8:6f:f6:36:f1:9d:c9:1a:86:7f:79:a3:a1:
bf:c8:8d:cc:ca:c3:86:77:11:ed:01:8d:13:6d:93:8d:f6:d0:
8f:b4:e6:14:b4:d4:4a:d9:49:d4:13:e0:f1:e2:67:55:c3:e7:
c8:39:3e:c4:6f:da:de:eb:11:c9:bd:0d:ff:0d:34:a8:46:87:
14:a1:d6:f8:5d:91:a5:70:90:fe:96:e4:e1:11:68:c1:aa:94:
ee:12:6f:ea:6a:d6:4a:7d:36:bb:55:94:54:3f:4d:63:25:b1:
f5:d9:62:e6:c8:d8:84:a2:20:b2:5b:98:89:4f:c7:cb:f5:dd:
2a:6b:a6:93:b8:a4:94:08:35:5b:b2:ad:74:7a:53:51:b5:97:
28:a7:bb:d6:4c:3d:38:43:5e:ad:82:b5:33:7f:8e:ed:f6:2a:
d9:54:dc:a8:7c:d7:86:3c:ae:90:de:8a:07:3b:96:e2:3b:f3:
2a:39:10:20:57:d1:6d:78:94:44:08:ee:0a:5b:14:c7:83:8c:
df:18:9a:35:6c:9d:b6:50:41:35:15:fc:52:f4:37:e9:b1:15:
da:b4:b9:0f:ac:db:de:1e:94:e3:c4:f0:f0:82:55:7d:e2:92:
d6:bd:b8:1d:41:b3:f8:50:63:4d:ec:0c:57:f5:07:70:de:f7:
b6:ff:6a:23
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUa98YK5Nox/+VGi9e0tDmJSuCN3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTkxMTI5MjdaFw0yNTA2MTgxMTM0MjdaMDMxMTAvBgNV
BAMTKDdERTdFRDMwODgzRDgzMzIyRTA3REU1RjFFRjBENzEyOEQ2NkZBMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE0k7L7uHSafdDXWveK44pD+5F
qE5XPUlp7P9BvPz/6UZIIj/F0We64/8rrpl+G6pMwv4L1//F2fhKwS65DSeb/WOi
MmkxppHWfoBpWoa203v7ZdbBgSUaIHNiQ6dEQJgrZc1u/ENrTenCW9xRp2GSLSef
1BmrI5wGR46snc/rp07aRPabxKI2/q+o+e1WqamMerf2Yg3VtreP1jq1VSsOQzBg
udMqTR0AE51KRz52wBtyuvOc8gjUu+BxyUL4KasoVW4zSz5zsMunFUXVfjljEiq7
sl4op4t69i8vM2ERnwWAqvtFwdApP/0npZ8+NbNHL3W0ddgc69hFYwZXfN6ZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUfeftMIg9gzIuB95fHvDXEo1m+icwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMDJlMzEzOTMwMmUzODMw
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1C+
UDANBgkqhkiG9w0BAQsFAAOCAQEAZ8kxzuLob/Y28Z3JGoZ/eaOhv8iNzMrDhncR
7QGNE22TjfbQj7TmFLTUStlJ1BPg8eJnVcPnyDk+xG/a3usRyb0N/w00qEaHFKHW
+F2RpXCQ/pbk4RFowaqU7hJv6mrWSn02u1WUVD9NYyWx9dli5sjYhKIgsluYiU/H
y/XdKmumk7iklAg1W7KtdHpTUbWXKKe71kw9OENerYK1M3+O7fYq2VTcqHzXhjyu
kN6KBzuW4jvzKjkQIFfRbXiURAjuClsUx4OM3xiaNWydtlBBNRX8UvQ36bEV2rS5
D6zb3h6U48Tw8IJVfeKS1r24HUGz+FBjTewMV/UHcN73tv9qIw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org