Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132312e302f32342d3234203d3e20313336373837.roa
File: 38312e31372e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: unYFddL2u0WF0pcovh0ySOtFkzGbc6q0fjoEmeBI174=
Subject key identifier: 9F:EA:23:EF:B7:C2:B0:3A:1D:C9:EE:41:8E:64:41:5E:73:9B:5F:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 16334ED2E6CB5E76D7C2FBB75F9C46910CF5B1CA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 25 Sep 2024 19:05:04 +0000
ROA not before: Wed 25 Sep 2024 19:00:04 +0000
ROA not after: Wed 24 Sep 2025 19:05:04 +0000
asID: 136787
IP address blocks: 81.17.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:33:4e:d2:e6:cb:5e:76:d7:c2:fb:b7:5f:9c:46:91:0c:f5:b1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 25 19:00:04 2024 GMT
Not After : Sep 24 19:05:04 2025 GMT
Subject: CN=9FEA23EFB7C2B03A1DC9EE418E64415E739B5F23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:fe:60:17:d0:5c:a8:99:18:27:06:39:e8:
a3:42:3e:ef:2d:60:82:b0:cb:90:36:8f:26:a4:be:
41:3d:78:6f:7b:52:fe:5a:6c:12:47:46:ee:a8:41:
a9:9b:00:b6:b1:98:5f:11:4d:f2:7b:b1:9a:73:02:
86:b0:ef:1e:ba:12:df:8a:0a:85:20:5f:6e:b2:e3:
a6:6e:cd:2f:a8:2b:5f:ba:7a:8e:9d:1d:c9:b4:f2:
df:d4:d2:3e:f4:43:41:00:cf:db:0e:9f:d9:21:10:
db:e3:f5:05:8b:6d:22:e9:9f:6e:97:e4:5a:95:17:
08:7c:79:93:63:50:5b:52:67:61:f6:aa:c8:54:a2:
8b:9b:e2:2d:0c:5e:e0:04:9e:69:39:42:bb:22:75:
0a:37:f3:03:5e:51:f7:fd:30:bd:67:f9:98:72:86:
95:2e:e7:d1:6c:56:74:cc:71:f8:3b:2e:9b:c2:05:
cb:c3:07:eb:00:92:f2:82:ef:e8:81:25:bd:dc:2d:
1f:cd:01:44:94:15:96:96:d7:13:eb:92:b9:1f:ea:
2a:78:0f:8f:3c:bc:60:cf:8a:21:37:20:08:0c:fa:
f0:ef:56:94:67:29:c0:91:1e:a4:cc:2e:bc:ba:9b:
65:98:0d:81:07:19:af:13:80:48:74:da:0d:33:2c:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:EA:23:EF:B7:C2:B0:3A:1D:C9:EE:41:8E:64:41:5E:73:9B:5F:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.121.0/24
Signature Algorithm: sha256WithRSAEncryption
40:01:76:fc:3c:bb:ab:1e:86:8b:79:33:7b:45:45:62:ef:a8:
75:53:6f:7f:3e:17:fd:51:cd:96:af:0f:bc:72:af:f0:8f:a8:
a7:18:8e:f2:71:e3:37:66:43:49:e7:65:ed:9f:07:93:b0:62:
85:f2:0f:e3:12:73:a5:7f:13:3f:94:38:4c:58:d4:24:58:95:
ff:4e:a3:04:fb:89:4a:47:94:24:59:10:02:d0:cf:8e:d6:34:
e1:a9:24:e7:17:c1:e1:2b:39:60:32:4c:1e:f9:58:fb:5c:c3:
f9:8c:d9:7b:52:eb:24:2b:81:c6:b1:43:16:97:d2:94:24:2f:
20:ed:84:36:89:67:7f:4f:e4:58:3a:8c:c6:d9:02:66:2d:dc:
3d:4c:c0:fe:4f:06:2b:43:cc:3e:43:06:39:50:26:fb:b6:5f:
a8:f1:76:2b:8d:95:56:fb:a8:d9:4c:78:95:4c:d6:c3:a9:d6:
4a:7c:da:b9:a4:77:06:4b:a7:01:64:41:3c:e1:79:60:2b:d7:
91:97:80:4b:50:e8:e7:e3:b3:74:ec:68:be:5a:ef:17:43:88:
62:d5:fa:12:1d:55:d6:8f:40:8c:96:10:b9:67:d1:b9:42:db:
c0:d9:a7:6f:47:76:50:c5:78:a1:93:b9:2d:18:59:d3:d5:75:
c8:d6:e5:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFjNO0ubLXnbXwvu3X5xGkQz1scowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjUxOTAwMDRaFw0yNTA5MjQxOTA1MDRaMDMxMTAvBgNV
BAMTKDlGRUEyM0VGQjdDMkIwM0ExREM5RUU0MThFNjQ0MTVFNzM5QjVGMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEBv5gF9BcqJkYJwY56KNCPu8t
YIKwy5A2jyakvkE9eG97Uv5abBJHRu6oQambALaxmF8RTfJ7sZpzAoaw7x66Et+K
CoUgX26y46ZuzS+oK1+6eo6dHcm08t/U0j70Q0EAz9sOn9khENvj9QWLbSLpn26X
5FqVFwh8eZNjUFtSZ2H2qshUooub4i0MXuAEnmk5QrsidQo38wNeUff9ML1n+Zhy
hpUu59FsVnTMcfg7LpvCBcvDB+sAkvKC7+iBJb3cLR/NAUSUFZaW1xPrkrkf6ip4
D488vGDPiiE3IAgM+vDvVpRnKcCRHqTMLry6m2WYDYEHGa8TgEh02g0zLLE5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUn+oj77fCsDodye5BjmRBXnObXyMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzEzNzJlMzEzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
URF5MA0GCSqGSIb3DQEBCwUAA4IBAQBAAXb8PLurHoaLeTN7RUVi76h1U29/Phf9
Uc2Wrw+8cq/wj6inGI7yceM3ZkNJ52XtnweTsGKF8g/jEnOlfxM/lDhMWNQkWJX/
TqME+4lKR5QkWRAC0M+O1jThqSTnF8HhKzlgMkwe+Vj7XMP5jNl7UuskK4HGsUMW
l9KUJC8g7YQ2iWd/T+RYOozG2QJmLdw9TMD+TwYrQ8w+QwY5UCb7tl+o8XYrjZVW
+6jZTHiVTNbDqdZKfNq5pHcGS6cBZEE84XlgK9eRl4BLUOjn47N07Gi+Wu8XQ4hi
1foSHVXWj0CMlhC5Z9G5QtvA2advR3ZQxXihk7ktGFnT1XXI1uWA
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org