Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234342e302f32322d3234203d3e203437353833.roa
File: 38322e3131322e3234342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: u+ekZLkPqKZM33Qlr9i+pAXpyctSizHKwqQ46VUhe6s=
Subject key identifier: CB:F8:16:E3:BA:7E:BB:17:3E:BD:A0:7B:78:75:3E:C9:42:38:27:CD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2A47536388AB139A123777286632E668770CA44D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234342e302f32322d3234203d3e203437353833.roa
Signing time: Wed 26 Jun 2024 19:51:24 +0000
ROA not before: Wed 26 Jun 2024 19:46:24 +0000
ROA not after: Wed 25 Jun 2025 19:51:24 +0000
asID: 47583
IP address blocks: 82.112.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:47:53:63:88:ab:13:9a:12:37:77:28:66:32:e6:68:77:0c:a4:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 26 19:46:24 2024 GMT
Not After : Jun 25 19:51:24 2025 GMT
Subject: CN=CBF816E3BA7EBB173EBDA07B78753EC9423827CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5d:73:96:cc:7f:d3:0d:9d:04:0a:b6:d0:8a:
9e:99:c1:15:e0:0b:ae:fe:03:f8:db:a7:ef:6e:d9:
ea:63:92:72:02:86:5a:42:a5:c4:87:39:5d:70:88:
0a:18:64:69:47:65:58:21:a7:dc:46:14:5e:0b:95:
ce:80:ab:31:d2:c0:a2:09:6a:1f:8f:dd:3f:76:c8:
19:9b:70:8f:e4:5c:08:be:bd:8d:38:e5:b5:df:ca:
d7:7d:0c:0f:4c:95:95:83:77:d5:ee:db:69:d1:ac:
3d:42:2f:f1:1f:ee:ed:e7:92:8a:bf:5e:3b:74:97:
10:88:39:ab:ff:30:07:9f:91:86:83:60:83:47:0c:
bd:c4:d7:3a:58:b7:c3:16:08:64:91:4b:b8:d2:4b:
0c:d9:b9:e2:76:89:60:99:4e:fc:7b:b2:e7:5d:35:
b9:33:94:17:b0:bb:68:67:0b:69:3d:85:10:29:26:
9a:89:57:11:67:4a:6c:9c:91:41:7c:63:5e:9d:5b:
40:c4:85:4b:ac:c2:74:e7:e8:73:35:0d:9b:22:a4:
f7:5d:49:f0:e7:ec:3d:65:53:a3:6b:f7:09:71:9e:
2d:00:83:4f:f7:4d:3f:75:9c:fd:97:90:a5:f6:b7:
31:7a:50:05:bb:a4:83:85:67:8b:87:01:20:80:b1:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F8:16:E3:BA:7E:BB:17:3E:BD:A0:7B:78:75:3E:C9:42:38:27:CD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.244.0/22
Signature Algorithm: sha256WithRSAEncryption
41:99:c4:2f:fb:c0:6f:73:02:0a:fc:77:90:c7:21:27:f1:70:
9b:69:5f:d1:c4:a0:72:5e:83:db:18:dd:38:a8:f9:59:d2:98:
ed:a2:0c:3d:9c:7e:92:04:20:d3:ed:6b:7e:8a:31:77:a1:8c:
04:8f:c4:cc:d1:4b:ca:f0:28:22:b4:37:69:f7:9a:40:b2:1f:
3d:f6:7c:76:aa:13:e1:c6:98:08:be:29:26:bc:1e:8f:3d:6d:
e3:bc:5a:72:88:f2:96:9c:07:dd:19:f4:ef:a5:86:8a:95:f7:
1a:ab:49:1b:d9:7f:6e:1a:54:21:d7:64:00:58:55:43:94:ea:
c4:d6:be:a8:25:8a:bf:92:bf:e0:24:35:d6:eb:45:59:cf:36:
24:79:15:eb:24:53:d3:af:9f:ae:ae:a7:d9:73:7c:9e:14:aa:
26:f1:54:55:21:2d:41:58:9c:38:e5:b8:17:cf:09:18:98:e3:
8d:ce:08:c4:4f:19:df:77:39:d5:60:03:f5:1b:7d:56:14:0a:
1c:e1:4b:a9:08:84:f0:0d:e1:38:44:d1:cc:5c:93:ad:89:58:
d0:4b:a7:70:06:0c:19:48:10:dd:b4:1b:b1:d5:8e:ee:34:69:
2f:0f:d9:09:37:fc:90:24:6e:af:b0:d4:90:fc:02:4b:f0:9f:
a4:95:3e:67
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKkdTY4irE5oSN3coZjLmaHcMpE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MjYxOTQ2MjRaFw0yNTA2MjUxOTUxMjRaMDMxMTAvBgNV
BAMTKENCRjgxNkUzQkE3RUJCMTczRUJEQTA3Qjc4NzUzRUM5NDIzODI3Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9XXOWzH/TDZ0ECrbQip6ZwRXg
C67+A/jbp+9u2epjknIChlpCpcSHOV1wiAoYZGlHZVghp9xGFF4Llc6AqzHSwKIJ
ah+P3T92yBmbcI/kXAi+vY045bXfytd9DA9MlZWDd9Xu22nRrD1CL/Ef7u3nkoq/
Xjt0lxCIOav/MAefkYaDYINHDL3E1zpYt8MWCGSRS7jSSwzZueJ2iWCZTvx7sudd
NbkzlBewu2hnC2k9hRApJpqJVxFnSmyckUF8Y16dW0DEhUuswnTn6HM1DZsipPdd
SfDn7D1lU6Nr9wlxni0Ag0/3TT91nP2XkKX2tzF6UAW7pIOFZ4uHASCAsURtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUy/gW47p+uxc+vaB7eHU+yUI4J80wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzMTMyMmUzMjM0
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UnD0MA0GCSqGSIb3DQEBCwUAA4IBAQBBmcQv+8BvcwIK/HeQxyEn8XCbaV/RxKBy
XoPbGN04qPlZ0pjtogw9nH6SBCDT7Wt+ijF3oYwEj8TM0UvK8CgitDdp95pAsh89
9nx2qhPhxpgIvikmvB6PPW3jvFpyiPKWnAfdGfTvpYaKlfcaq0kb2X9uGlQh12QA
WFVDlOrE1r6oJYq/kr/gJDXW60VZzzYkeRXrJFPTr5+urqfZc3yeFKom8VRVIS1B
WJw45bgXzwkYmOONzgjETxnfdznVYAP1G31WFAoc4UupCITwDeE4RNHMXJOtiVjQ
S6dwBgwZSBDdtBux1Y7uNGkvD9kJN/yQJG6vsNSQ/AJL8J+klT5n
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:16 2024 by rpki-client on console-fra.rpki-client.org