Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132332e302f32342d3234203d3e20323037313337.roa
File: 38312e31372e3132332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: WeLemoGx5qXyZ1WQcf9hR1I+ZNrm+HRk95Q8zHXcsfk=
Subject key identifier: 4B:E8:1E:AF:DC:99:D7:DB:D7:20:BA:D2:C1:08:77:56:33:F5:0E:FA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 18C337AD4908188752E6133A31BD6E4A8B502295
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132332e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 22 May 2024 12:03:47 +0000
ROA not before: Wed 22 May 2024 11:58:47 +0000
ROA not after: Wed 21 May 2025 12:03:47 +0000
asID: 207137
IP address blocks: 81.17.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c3:37:ad:49:08:18:87:52:e6:13:3a:31:bd:6e:4a:8b:50:22:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 22 11:58:47 2024 GMT
Not After : May 21 12:03:47 2025 GMT
Subject: CN=4BE81EAFDC99D7DBD720BAD2C108775633F50EFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e8:5a:94:55:13:be:8d:9b:e9:21:20:97:35:
f8:12:f0:52:e8:fd:9b:1f:34:c8:3e:d7:da:aa:c3:
2e:83:1e:54:59:8d:b2:4f:ae:45:ce:32:40:fb:c7:
fe:68:3e:b6:fd:ce:89:d7:a1:24:fb:b9:75:da:c7:
2f:f5:c5:a1:e7:42:1c:11:54:05:d0:58:15:b6:ab:
b1:cc:73:62:a3:34:22:f0:35:28:1c:c7:5b:ad:c7:
05:8e:fc:1b:48:3a:6d:44:84:3f:75:fe:be:02:7d:
75:cb:51:0a:63:ac:c4:d4:47:c3:4f:09:95:b9:0a:
9b:bf:c8:d9:25:e6:5d:de:92:2d:57:8a:a2:d9:32:
9b:13:8d:60:88:93:c6:ae:4b:5f:89:18:11:a3:93:
8b:6d:aa:dd:11:b3:6e:af:8b:9e:30:a0:f8:45:10:
ae:ef:35:97:b9:07:b1:f5:18:23:90:0f:fd:1e:f6:
6a:c9:06:b8:f1:47:7a:85:d1:db:aa:ed:a2:9b:3b:
de:d8:98:03:4f:13:03:ca:36:73:1a:33:f9:55:95:
2f:b2:68:7d:98:b2:34:da:f5:ad:0c:7a:75:cc:d1:
3f:3a:04:82:56:4f:93:13:a0:35:29:f8:9c:b6:44:
ad:63:1d:5a:99:74:3d:38:2e:b9:40:2c:1d:5a:bd:
26:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E8:1E:AF:DC:99:D7:DB:D7:20:BA:D2:C1:08:77:56:33:F5:0E:FA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.123.0/24
Signature Algorithm: sha256WithRSAEncryption
73:da:2e:4d:d2:dd:91:0e:e8:b9:f7:6a:59:5b:22:84:43:08:
45:c0:51:3e:23:86:4e:bf:2c:39:17:14:b4:9f:1a:57:9f:5a:
44:16:71:14:c5:54:0b:dc:c7:a2:e6:5c:75:09:d0:df:72:42:
9d:52:61:6c:f7:38:e0:d0:18:a8:bc:97:3c:70:c1:06:b4:83:
fb:1a:06:65:ce:f0:97:7a:e1:c1:e2:79:46:af:e9:69:fc:dd:
0c:67:8a:5d:c1:9a:a6:d8:4c:1d:57:ba:ea:ba:0c:28:a0:1b:
51:1e:31:6d:f1:63:01:29:ce:5a:31:ab:83:42:c5:1a:9f:e9:
f0:60:96:f4:e5:70:fe:96:1c:72:e5:08:5b:11:04:c7:5f:9f:
14:cb:d8:46:bf:92:35:5e:4d:92:3e:ce:0b:e3:88:7c:6f:9a:
86:ba:ba:bf:bc:36:8e:e0:07:1b:8c:75:04:e4:d9:88:8d:dc:
65:c4:13:05:f4:f7:a7:ee:e5:d6:91:eb:f2:dd:17:83:c0:ca:
21:0d:63:a6:b6:cc:fa:3d:6e:f6:53:db:fc:70:f2:45:5f:94:
be:89:e4:e0:a6:0d:59:c0:94:5d:d7:6a:bf:f2:0d:c9:4f:34:
bb:d7:d0:b0:4a:0a:60:4e:31:e8:62:c4:42:49:d0:56:c2:57:
1f:bd:11:63
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGMM3rUkIGIdS5hM6Mb1uSotQIpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MjIxMTU4NDdaFw0yNTA1MjExMjAzNDdaMDMxMTAvBgNV
BAMTKDRCRTgxRUFGREM5OUQ3REJENzIwQkFEMkMxMDg3NzU2MzNGNTBFRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf6FqUVRO+jZvpISCXNfgS8FLo
/ZsfNMg+19qqwy6DHlRZjbJPrkXOMkD7x/5oPrb9zonXoST7uXXaxy/1xaHnQhwR
VAXQWBW2q7HMc2KjNCLwNSgcx1utxwWO/BtIOm1EhD91/r4CfXXLUQpjrMTUR8NP
CZW5Cpu/yNkl5l3eki1XiqLZMpsTjWCIk8auS1+JGBGjk4ttqt0Rs26vi54woPhF
EK7vNZe5B7H1GCOQD/0e9mrJBrjxR3qF0duq7aKbO97YmANPEwPKNnMaM/lVlS+y
aH2YsjTa9a0MenXM0T86BIJWT5MToDUp+Jy2RK1jHVqZdD04LrlALB1avSaPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUS+ger9yZ19vXILrSwQh3VjP1DvowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzEzNzJlMzEzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM3MzEzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
URF7MA0GCSqGSIb3DQEBCwUAA4IBAQBz2i5N0t2RDui592pZWyKEQwhFwFE+I4ZO
vyw5FxS0nxpXn1pEFnEUxVQL3Mei5lx1CdDfckKdUmFs9zjg0BiovJc8cMEGtIP7
GgZlzvCXeuHB4nlGr+lp/N0MZ4pdwZqm2EwdV7rqugwooBtRHjFt8WMBKc5aMauD
QsUan+nwYJb05XD+lhxy5QhbEQTHX58Uy9hGv5I1Xk2SPs4L44h8b5qGurq/vDaO
4AcbjHUE5NmIjdxlxBMF9Pen7uXWkevy3ReDwMohDWOmtsz6PW72U9v8cPJFX5S+
ieTgpg1ZwJRd12q/8g3JTzS719CwSgpgTjHoYsRCSdBWwlcfvRFj
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org