Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
File: 38312e31372e3132322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SbnN1cWN/YAoFHG2VAlYVprDirBd8K2j5EpyoBO6wtw=
Subject key identifier: 3D:42:78:E6:0F:E8:3C:1D:46:D7:5F:37:E8:46:26:A0:64:D0:62:E5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D9C4273D171755EE1E8762427F9D6341F7C3C2F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 06 Dec 2023 12:30:39 +0000
ROA not before: Wed 06 Dec 2023 12:25:39 +0000
ROA not after: Wed 04 Dec 2024 12:30:39 +0000
asID: 136787
IP address blocks: 81.17.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:9c:42:73:d1:71:75:5e:e1:e8:76:24:27:f9:d6:34:1f:7c:3c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 6 12:25:39 2023 GMT
Not After : Dec 4 12:30:39 2024 GMT
Subject: CN=3D4278E60FE83C1D46D75F37E84626A064D062E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:53:b1:7c:3b:f4:2d:76:b6:63:2f:2c:be:bd:
73:c1:e7:3c:da:63:f4:a4:f2:66:56:df:b6:bf:5e:
08:88:e6:ee:a3:59:16:b0:e9:ed:6b:c0:8f:29:7e:
4e:65:27:62:d7:4e:b0:15:17:ce:b4:a5:5a:af:66:
1a:d3:25:95:2f:73:b1:6e:10:a8:f5:66:f6:b9:2e:
e5:0a:16:e4:c9:b1:d4:66:6e:4f:85:7b:25:a7:af:
ee:7d:c7:60:cf:a5:be:e1:05:c3:8a:ac:f5:98:f4:
ce:a1:dd:ae:9d:39:db:ed:a9:f4:0e:48:ad:49:57:
7e:0e:15:f7:5e:20:4d:17:dc:ad:97:f2:54:27:ed:
f4:29:2e:0f:4b:f4:83:71:ce:47:6f:c9:8b:c9:5f:
ed:c0:2f:a4:7a:d9:47:45:74:a6:e0:80:77:3e:04:
8d:96:21:82:2b:8a:49:d3:c1:5b:eb:92:85:54:02:
06:46:e8:9a:ee:2d:b3:62:f0:2a:40:a2:1c:39:43:
28:f2:90:40:4e:95:1a:75:45:8c:02:9d:cb:45:d8:
6c:dc:d5:75:52:1a:ea:2c:68:f3:a3:3a:1e:a4:8a:
99:99:e1:c2:d7:f4:18:f8:b5:2d:67:22:26:a4:c7:
d5:94:24:bf:b9:45:a8:78:d2:39:43:fc:12:42:49:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:42:78:E6:0F:E8:3C:1D:46:D7:5F:37:E8:46:26:A0:64:D0:62:E5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.122.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2b:60:13:39:b6:ce:d9:c2:83:a5:14:f1:7f:59:4d:e5:54:
c4:39:b7:2d:24:1d:af:80:6d:19:53:71:11:35:ab:04:e6:07:
5a:26:bc:69:a4:62:8e:a8:5d:ea:c0:0e:93:e2:d1:26:53:3b:
96:ab:95:d3:4c:03:59:f6:67:c1:65:8c:60:db:0e:51:0b:7b:
2e:a4:a8:6b:b2:d0:fd:e1:94:3c:cd:02:c1:9e:a0:8c:82:26:
cc:69:b1:f9:88:b5:88:44:f3:d5:fe:ce:7e:01:80:47:14:cb:
47:d6:ab:dc:ae:ed:52:86:04:0d:d3:94:15:ff:0e:1e:51:ef:
73:20:6c:24:08:e4:c4:77:c7:1d:11:fe:9c:59:05:7c:44:64:
9d:df:6b:ac:5b:5f:1a:00:09:dc:7d:9b:c3:de:be:5d:dd:04:
de:b2:02:bd:93:17:aa:63:33:1c:02:97:4e:6f:c3:f2:5c:3c:
42:23:5e:b8:82:ef:4d:2c:04:33:62:47:d0:c1:3c:6d:07:8c:
dc:74:4c:37:03:1f:43:48:d7:57:12:f4:51:27:a7:e1:cd:03:
d7:03:0b:7e:75:4c:8c:42:11:eb:9f:d0:a6:77:55:92:6c:d5:
87:bf:69:64:71:2d:8f:70:0f:24:5a:6f:f0:b0:a7:f3:0d:8f:
fb:b6:90:ec
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHZxCc9FxdV7h6HYkJ/nWNB98PC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEyMDYxMjI1MzlaFw0yNDEyMDQxMjMwMzlaMDMxMTAvBgNV
BAMTKDNENDI3OEU2MEZFODNDMUQ0NkQ3NUYzN0U4NDYyNkEwNjREMDYyRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTU7F8O/QtdrZjLyy+vXPB5zza
Y/Sk8mZW37a/XgiI5u6jWRaw6e1rwI8pfk5lJ2LXTrAVF860pVqvZhrTJZUvc7Fu
EKj1Zva5LuUKFuTJsdRmbk+FeyWnr+59x2DPpb7hBcOKrPWY9M6h3a6dOdvtqfQO
SK1JV34OFfdeIE0X3K2X8lQn7fQpLg9L9INxzkdvyYvJX+3AL6R62UdFdKbggHc+
BI2WIYIriknTwVvrkoVUAgZG6JruLbNi8CpAohw5QyjykEBOlRp1RYwCnctF2Gzc
1XVSGuosaPOjOh6kipmZ4cLX9Bj4tS1nIiakx9WUJL+5Rah40jlD/BJCSaXxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPUJ45g/oPB1G11836EYmoGTQYuUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzEzNzJlMzEzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
URF6MA0GCSqGSIb3DQEBCwUAA4IBAQCNK2ATObbO2cKDpRTxf1lN5VTEObctJB2v
gG0ZU3ERNasE5gdaJrxppGKOqF3qwA6T4tEmUzuWq5XTTANZ9mfBZYxg2w5RC3su
pKhrstD94ZQ8zQLBnqCMgibMabH5iLWIRPPV/s5+AYBHFMtH1qvcru1ShgQN05QV
/w4eUe9zIGwkCOTEd8cdEf6cWQV8RGSd32usW18aAAncfZvD3r5d3QTesgK9kxeq
YzMcApdOb8PyXDxCI164gu9NLAQzYkfQwTxtB4zcdEw3Ax9DSNdXEvRRJ6fhzQPX
Awt+dUyMQhHrn9Cmd1WSbNWHv2lkcS2PcA8kWm/wsKfzDY/7tpDs
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:24 2024 by rpki-client on console-fra.rpki-client.org