Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
File: 38322e3134392e37322e302f32322d3232203d3e20323034313730.roa (raw, json)
Hash identifier: Yfm7e+CNYSeObHdjhpVyjmq9lk1Yw1uMIZtqHfQ+ej0=
Subject key identifier: 88:60:E6:83:56:8F:E6:98:9C:2C:F0:C9:41:E9:2A:C6:B7:00:38:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 301A86357A69D04CA3284ED19A6AD1708A308708
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
Signing time: Tue 09 Jul 2024 09:04:12 +0000
ROA not before: Tue 09 Jul 2024 08:59:12 +0000
ROA not after: Tue 08 Jul 2025 09:04:12 +0000
asID: 204170
IP address blocks: 82.149.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:1a:86:35:7a:69:d0:4c:a3:28:4e:d1:9a:6a:d1:70:8a:30:87:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 9 08:59:12 2024 GMT
Not After : Jul 8 09:04:12 2025 GMT
Subject: CN=8860E683568FE6989C2CF0C941E92AC6B70038AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:4c:42:d2:0a:7f:0c:df:96:2c:9c:5d:48:
55:a8:2c:70:c0:a1:fa:a5:bc:74:8d:57:52:e1:e4:
ad:19:25:90:55:51:25:fc:45:56:ff:2c:81:d4:a0:
ba:4b:ac:7b:a1:f7:fc:dd:c1:41:fe:2c:68:b3:d0:
01:a3:d2:38:72:40:17:fb:ff:bc:01:7d:74:1b:dc:
0a:e7:28:4f:34:3e:13:77:ed:a9:df:ec:4d:53:6e:
ae:57:0d:ff:82:82:2f:2d:52:81:b0:f9:32:e5:f3:
90:c1:de:85:17:33:e4:5b:98:ce:8f:75:a7:20:b0:
a5:3a:49:df:f6:0c:a0:73:78:87:c6:37:a3:05:59:
f6:0b:b4:10:8b:78:04:3e:1d:f6:63:ea:ca:d3:98:
b1:e0:45:d8:2d:d0:bb:f3:87:ef:40:e9:ab:b3:7e:
21:c6:60:c6:87:4f:b1:d2:02:f8:3a:33:48:d1:bc:
a2:91:ae:9b:a6:b3:60:dd:98:c8:19:a6:d6:53:4a:
57:53:06:d2:27:2a:f0:47:43:8c:28:75:47:4e:cd:
7d:3a:5e:08:93:ff:1e:2d:93:ee:d9:41:2f:ff:2b:
30:31:16:83:ba:55:0a:bc:f4:ed:ed:58:2f:c4:23:
2e:ed:ca:47:c0:df:d0:72:06:e5:5d:f8:31:16:68:
d8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:60:E6:83:56:8F:E6:98:9C:2C:F0:C9:41:E9:2A:C6:B7:00:38:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.72.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:9c:97:9b:61:52:a8:07:f2:0a:2f:57:45:e1:a9:c4:de:3f:
d9:fb:21:db:7a:18:a3:bc:22:1e:9f:97:0a:95:4f:28:cc:89:
58:32:3d:08:e1:9f:7c:b5:8d:84:c3:ab:6a:a8:95:16:a9:d7:
d6:2b:9a:9f:68:0d:e1:fc:c5:e9:a7:8c:9d:9c:b5:fe:bf:79:
75:2f:26:ec:1e:da:5d:a4:f2:bc:b5:dd:ed:c6:e2:e4:10:56:
5b:6f:1f:94:c4:85:f2:d0:d3:65:0b:29:93:b5:90:d5:89:44:
14:7b:97:ec:22:b4:f7:74:d5:d4:70:9e:f8:5c:7d:4b:21:49:
2d:a2:cc:40:db:c5:c4:b6:77:a1:57:7e:70:e0:2f:0c:f0:41:
20:d2:d8:12:04:e7:96:21:af:5b:db:9a:41:5d:8b:22:8f:82:
4a:15:37:e7:d4:24:6d:4a:ed:72:ef:42:90:53:a5:c3:d6:bc:
ef:a1:02:ce:d0:cb:f9:ed:17:70:94:ba:9a:03:23:40:6d:25:
23:1e:61:ad:dd:17:fe:2e:23:5b:45:15:cf:1f:9a:cd:9b:df:
fd:52:42:59:e6:3c:e4:e4:6d:5b:3d:e0:e4:a3:13:da:4e:ec:
d5:f2:39:1c:68:49:cf:0e:ad:29:20:9b:a4:54:52:13:2d:41:
59:73:68:9f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMBqGNXpp0EyjKE7RmmrRcIowhwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MDkwODU5MTJaFw0yNTA3MDgwOTA0MTJaMDMxMTAvBgNV
BAMTKDg4NjBFNjgzNTY4RkU2OTg5QzJDRjBDOTQxRTkyQUM2QjcwMDM4QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYL0xC0gp/DN+WLJxdSFWoLHDA
ofqlvHSNV1Lh5K0ZJZBVUSX8RVb/LIHUoLpLrHuh9/zdwUH+LGiz0AGj0jhyQBf7
/7wBfXQb3ArnKE80PhN37anf7E1Tbq5XDf+Cgi8tUoGw+TLl85DB3oUXM+RbmM6P
dacgsKU6Sd/2DKBzeIfGN6MFWfYLtBCLeAQ+HfZj6srTmLHgRdgt0Lvzh+9A6auz
fiHGYMaHT7HSAvg6M0jRvKKRrpums2DdmMgZptZTSldTBtInKvBHQ4wodUdOzX06
XgiT/x4tk+7ZQS//KzAxFoO6VQq89O3tWC/EIy7tykfA39ByBuVd+DEWaNiLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiGDmg1aP5picLPDJQekqxrcAOKswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UpVIMA0GCSqGSIb3DQEBCwUAA4IBAQBtnJebYVKoB/IKL1dF4anE3j/Z+yHbehij
vCIen5cKlU8ozIlYMj0I4Z98tY2Ew6tqqJUWqdfWK5qfaA3h/MXpp4ydnLX+v3l1
LybsHtpdpPK8td3txuLkEFZbbx+UxIXy0NNlCymTtZDViUQUe5fsIrT3dNXUcJ74
XH1LIUktosxA28XEtnehV35w4C8M8EEg0tgSBOeWIa9b25pBXYsij4JKFTfn1CRt
Su1y70KQU6XD1rzvoQLO0Mv57RdwlLqaAyNAbSUjHmGt3Rf+LiNbRRXPH5rNm9/9
UkJZ5jzk5G1bPeDkoxPaTuzV8jkcaEnPDq0pIJukVFITLUFZc2if
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org