Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
File: 38312e31372e3132322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 8kQ2mrCqIJgY/oIlclI/Qa7tEVF7vcqCSjSBkoH3F34=
Subject key identifier: A8:26:5B:5A:95:9C:64:FB:DB:1B:83:6A:9F:48:F9:0B:20:B7:09:80
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E44DF089FE55B31FDB6A63214B4FA26B9EE25FC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 06 Nov 2024 13:05:30 +0000
ROA not before: Wed 06 Nov 2024 13:00:30 +0000
ROA not after: Wed 05 Nov 2025 13:05:30 +0000
asID: 136787
IP address blocks: 81.17.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:44:df:08:9f:e5:5b:31:fd:b6:a6:32:14:b4:fa:26:b9:ee:25:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 6 13:00:30 2024 GMT
Not After : Nov 5 13:05:30 2025 GMT
Subject: CN=A8265B5A959C64FBDB1B836A9F48F90B20B70980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:ef:eb:fe:69:54:f7:2c:c9:9b:8f:a9:83:
93:94:fb:45:7e:42:c0:96:66:5d:70:73:82:28:fb:
96:c2:0e:fe:bd:a2:21:8a:53:87:e0:02:96:2c:12:
27:c2:c7:b5:46:99:13:a8:6c:73:f9:30:c1:12:9b:
78:e1:ff:2e:ef:29:4a:02:7c:9b:fa:aa:d2:d2:58:
12:21:90:5e:3a:51:f2:9c:b5:f5:12:c6:93:dd:96:
c6:8e:4e:05:b0:e5:29:01:9d:e0:92:07:65:72:d8:
e7:78:ee:a3:e3:f2:6d:3a:8e:f0:f6:9a:c0:dc:6d:
bb:ef:be:58:5e:a5:aa:8e:3a:0e:3f:f0:b7:9b:c0:
1b:c1:47:23:0d:52:e5:f3:87:b7:a8:b4:5e:32:52:
c6:2d:8c:d9:a1:2a:fb:35:a5:f7:42:4f:a4:bf:05:
07:f7:4b:a6:60:e9:da:3d:f2:24:ce:71:8b:e1:84:
bb:7f:aa:9d:00:cb:2a:13:e3:9a:0a:44:5b:a9:71:
08:ef:6a:f0:ff:ac:36:44:27:b0:dc:b9:6c:ec:45:
ee:84:44:30:16:39:f1:fd:26:61:b0:32:22:f8:a7:
8e:26:79:83:24:72:35:aa:75:b5:9d:ad:12:c4:a2:
cc:41:36:5f:6e:c5:a7:a1:f9:b9:24:61:01:2d:ae:
22:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:26:5B:5A:95:9C:64:FB:DB:1B:83:6A:9F:48:F9:0B:20:B7:09:80
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.122.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:1b:03:ac:43:6e:81:38:07:91:50:ed:fd:26:de:c6:73:dd:
2c:75:11:73:d6:04:0c:a7:d6:84:fa:0e:34:06:22:5c:70:b4:
74:06:a4:ed:a2:99:ff:60:12:d9:a5:af:49:fb:45:ab:68:89:
f4:29:da:d6:ef:7d:3b:39:ce:19:5f:15:88:9c:1d:31:8c:54:
3f:77:8b:c4:4a:c9:75:85:d3:e1:08:7a:e3:57:29:f6:a6:08:
87:08:61:5e:c8:e1:5b:6c:f6:bb:57:10:ae:0b:98:7e:25:ca:
c7:17:59:3c:bc:03:e0:b9:a4:53:f2:d1:da:35:fa:cd:e5:60:
4a:9d:48:84:31:78:e8:0b:0e:64:00:38:df:43:c7:4c:fb:e6:
9d:76:be:11:9b:55:fb:78:e5:67:d9:09:92:6f:2a:2b:ae:2e:
16:77:89:25:52:77:54:45:99:ed:14:2c:0d:ff:bc:be:88:72:
40:d7:88:e2:d9:a5:79:cb:6e:88:67:7f:9b:55:73:82:72:20:
36:d3:82:b8:33:70:10:27:bb:10:66:27:28:ad:54:c7:0d:9c:
8f:fd:75:fb:9c:02:63:33:eb:bf:d3:cb:c1:65:45:8f:d3:0d:
4c:cb:09:33:4d:5b:43:dd:d4:12:73:c7:5b:bd:57:6a:e1:ab:
c7:f8:bd:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHkTfCJ/lWzH9tqYyFLT6JrnuJfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMDYxMzAwMzBaFw0yNTExMDUxMzA1MzBaMDMxMTAvBgNV
BAMTKEE4MjY1QjVBOTU5QzY0RkJEQjFCODM2QTlGNDhGOTBCMjBCNzA5ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjO/r/mlU9yzJm4+pg5OU+0V+
QsCWZl1wc4Io+5bCDv69oiGKU4fgApYsEifCx7VGmROobHP5MMESm3jh/y7vKUoC
fJv6qtLSWBIhkF46UfKctfUSxpPdlsaOTgWw5SkBneCSB2Vy2Od47qPj8m06jvD2
msDcbbvvvlhepaqOOg4/8LebwBvBRyMNUuXzh7eotF4yUsYtjNmhKvs1pfdCT6S/
BQf3S6Zg6do98iTOcYvhhLt/qp0AyyoT45oKRFupcQjvavD/rDZEJ7DcuWzsRe6E
RDAWOfH9JmGwMiL4p44meYMkcjWqdbWdrRLEosxBNl9uxaeh+bkkYQEtriIlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqCZbWpWcZPvbG4Nqn0j5CyC3CYAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzEzNzJlMzEzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
URF6MA0GCSqGSIb3DQEBCwUAA4IBAQB8GwOsQ26BOAeRUO39Jt7Gc90sdRFz1gQM
p9aE+g40BiJccLR0BqTtopn/YBLZpa9J+0WraIn0KdrW7307Oc4ZXxWInB0xjFQ/
d4vESsl1hdPhCHrjVyn2pgiHCGFeyOFbbPa7VxCuC5h+JcrHF1k8vAPguaRT8tHa
NfrN5WBKnUiEMXjoCw5kADjfQ8dM++addr4Rm1X7eOVn2QmSbyorri4Wd4klUndU
RZntFCwN/7y+iHJA14ji2aV5y26IZ3+bVXOCciA204K4M3AQJ7sQZicorVTHDZyP
/XX7nAJjM+u/08vBZUWP0w1MywkzTVtD3dQSc8dbvVdq4avH+L3X
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org