Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37322e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 3YJAOeqMpykHux+r2kYfENyBt9op7zsm9Tx22XH1xTw=
Subject key identifier: 54:29:8F:29:EC:1A:3F:85:97:14:20:0D:C7:CE:1C:53:D1:AF:31:89
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 438721343A7751E06FA47FC256A21E4E8E50F889
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 16 Aug 2023 13:38:32 +0000
ROA not before: Wed 16 Aug 2023 13:33:32 +0000
ROA not after: Wed 14 Aug 2024 13:38:32 +0000
asID: 204170
IP address blocks: 82.149.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:87:21:34:3a:77:51:e0:6f:a4:7f:c2:56:a2:1e:4e:8e:50:f8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 16 13:33:32 2023 GMT
Not After : Aug 14 13:38:32 2024 GMT
Subject: CN=54298F29EC1A3F859714200DC7CE1C53D1AF3189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:54:8a:c9:ef:37:ac:57:06:c2:5e:ba:ed:17:
37:d7:28:04:73:dc:18:56:42:38:b8:e0:4f:a3:2c:
d6:2a:b9:3f:2f:6b:0e:bb:89:95:e5:88:f3:0a:88:
46:3a:40:f4:4d:da:51:cf:26:d9:37:2f:9a:1d:d9:
f1:2d:1b:f9:e9:0a:aa:15:c6:61:81:9a:f5:9b:11:
da:fb:6f:6b:9d:29:e4:6f:ea:b3:9f:44:35:ca:28:
d1:5d:88:16:30:ac:2d:09:47:46:67:5e:3f:6d:00:
17:c5:5f:f5:34:07:f4:86:81:79:08:a5:93:cd:b3:
8f:5b:8a:c6:08:d3:0f:a5:96:73:2a:56:06:c1:b8:
1d:13:5c:bf:18:96:4b:b5:02:f4:a5:ed:a2:ee:94:
df:3d:cf:13:b9:b5:e9:97:d8:c3:90:43:e7:3a:8d:
81:5c:2d:ac:dc:0a:7b:59:52:4a:90:81:10:be:e6:
80:9b:8b:d0:38:f2:49:cc:ea:df:12:0a:88:73:61:
21:d7:9c:6d:9b:28:94:b0:f8:32:02:ad:ea:4c:98:
e5:a4:4e:ea:85:91:79:0c:b0:b2:9d:3f:33:5d:6f:
50:5e:e4:f9:35:7d:10:4f:23:59:f3:63:61:a3:7d:
e7:3a:6c:6a:48:f7:dd:30:a4:ff:be:b4:67:c7:ca:
4e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:29:8F:29:EC:1A:3F:85:97:14:20:0D:C7:CE:1C:53:D1:AF:31:89
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.72.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:c8:c2:ad:8e:3f:3a:a5:0d:89:0e:dc:bd:57:46:da:21:75:
1e:46:ce:bc:cc:23:00:94:43:fd:f5:9d:a7:1f:92:c2:f1:ad:
a1:eb:f7:d6:fd:27:96:f8:0c:f1:4f:89:d1:3d:b3:5b:9f:bf:
ec:cb:65:a1:89:4b:d0:86:0b:35:2f:f5:ee:74:88:d8:26:99:
11:c4:0d:06:87:81:3b:58:4b:3c:dd:67:c3:ff:73:4a:40:27:
41:2b:e3:e2:8e:fc:eb:17:95:49:2d:28:9d:d2:d0:27:31:4e:
16:9b:48:81:2a:2b:66:48:63:f4:6e:28:66:67:ea:03:c4:1f:
d3:02:1c:da:10:ec:5c:59:fc:d9:e5:0c:5a:61:16:b3:37:d5:
f2:12:e2:92:d3:f8:ac:91:10:22:ac:8f:60:6b:ad:cc:0d:d1:
68:e6:6a:81:3a:07:b0:f2:22:8e:45:cd:49:e5:60:73:2f:a7:
16:17:6a:fa:a2:cc:e7:4d:70:a8:a5:c3:e2:56:6a:31:4a:83:
49:f9:3c:16:df:20:76:3d:4d:66:dd:60:36:dc:26:b1:ba:cc:
7f:5b:44:27:2d:ac:4d:07:b8:a6:d0:f7:9d:99:c1:ec:f6:f8:
9a:ed:bd:cc:cf:85:68:e2:cb:b8:d6:3e:5a:df:d5:a4:50:9a:
e8:b3:7c:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ4chNDp3UeBvpH/CVqIeTo5Q+IkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MTYxMzMzMzJaFw0yNDA4MTQxMzM4MzJaMDMxMTAvBgNV
BAMTKDU0Mjk4RjI5RUMxQTNGODU5NzE0MjAwREM3Q0UxQzUzRDFBRjMxODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMVIrJ7zesVwbCXrrtFzfXKARz
3BhWQji44E+jLNYquT8vaw67iZXliPMKiEY6QPRN2lHPJtk3L5od2fEtG/npCqoV
xmGBmvWbEdr7b2udKeRv6rOfRDXKKNFdiBYwrC0JR0ZnXj9tABfFX/U0B/SGgXkI
pZPNs49bisYI0w+llnMqVgbBuB0TXL8Ylku1AvSl7aLulN89zxO5temX2MOQQ+c6
jYFcLazcCntZUkqQgRC+5oCbi9A48knM6t8SCohzYSHXnG2bKJSw+DICrepMmOWk
TuqFkXkMsLKdPzNdb1Be5Pk1fRBPI1nzY2Gjfec6bGpI990wpP++tGfHyk57AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVCmPKewaP4WXFCANx84cU9GvMYkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVIMA0GCSqGSIb3DQEBCwUAA4IBAQAPyMKtjj86pQ2JDty9V0baIXUeRs68zCMA
lEP99Z2nH5LC8a2h6/fW/SeW+AzxT4nRPbNbn7/sy2WhiUvQhgs1L/XudIjYJpkR
xA0Gh4E7WEs83WfD/3NKQCdBK+PijvzrF5VJLSid0tAnMU4Wm0iBKitmSGP0bihm
Z+oDxB/TAhzaEOxcWfzZ5QxaYRazN9XyEuKS0/iskRAirI9ga63MDdFo5mqBOgew
8iKORc1J5WBzL6cWF2r6osznTXCopcPiVmoxSoNJ+TwW3yB2PU1m3WA23Caxusx/
W0QnLaxNB7im0PedmcHs9via7b3Mz4Vo4su41j5a39WkUJros3z4
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org