Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: r99+S06P/mmYr68JJ9+mRVYspA5FHjuZdVZZ56KtlTg=
Subject key identifier: A3:11:6A:9B:CD:40:DD:C8:5A:80:59:A2:91:9D:B4:14:62:F7:3E:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3755C3C5C2327DD4596A53AC215F1136B4F92C02
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 16 Aug 2023 13:38:48 +0000
ROA not before: Wed 16 Aug 2023 13:33:48 +0000
ROA not after: Wed 14 Aug 2024 13:38:48 +0000
asID: 204170
IP address blocks: 82.149.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:55:c3:c5:c2:32:7d:d4:59:6a:53:ac:21:5f:11:36:b4:f9:2c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 16 13:33:48 2023 GMT
Not After : Aug 14 13:38:48 2024 GMT
Subject: CN=A3116A9BCD40DDC85A8059A2919DB41462F73EC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:53:3a:78:64:b1:a4:c2:89:22:0c:3a:ac:
cb:3e:57:9c:28:aa:8b:9c:e8:9b:03:c9:eb:e1:78:
34:6f:15:d9:1a:54:da:57:4f:6e:c8:10:05:f1:51:
44:9c:77:55:49:1a:20:7c:9a:ee:3a:fa:5d:1c:51:
69:65:66:64:9b:9c:d6:7a:7f:a1:50:d8:23:1a:3f:
8d:7b:dc:1e:99:4d:d2:74:50:88:5c:e8:ce:9e:c4:
72:e8:8e:f2:97:9a:ed:8c:a9:e3:ea:e4:f1:86:72:
88:5e:03:58:57:0d:a8:66:c5:fc:d5:82:35:f5:46:
41:5b:9b:8e:ee:a0:3b:34:a5:10:ad:3e:96:2a:ee:
d4:38:55:35:cc:da:91:60:ab:66:78:33:fe:dc:03:
2e:d7:44:1b:0d:30:cb:d6:2e:d0:7b:1e:59:7a:06:
7d:05:4e:6c:f5:aa:59:b3:23:92:e7:4b:a7:24:71:
78:ab:36:08:71:56:72:a9:46:b6:c6:2a:55:fa:a9:
5a:27:22:b9:92:d3:c2:40:cd:22:b1:e3:29:4a:1c:
4f:12:45:ca:02:63:1d:c7:d6:4f:59:df:e7:61:ff:
21:49:8c:04:de:e3:7f:54:a5:8a:cd:58:9a:ff:49:
f3:84:22:a7:b8:08:ab:93:30:ce:81:3a:91:a5:df:
ba:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:11:6A:9B:CD:40:DD:C8:5A:80:59:A2:91:9D:B4:14:62:F7:3E:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.73.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f0:4c:61:67:f4:ea:de:45:00:af:a1:3b:14:40:ed:71:bf:
df:4d:11:56:cf:b1:1b:b4:cc:9b:16:39:ba:5b:4f:19:4a:82:
71:7b:05:00:2b:51:80:02:3b:85:8a:96:fe:fc:2a:75:29:04:
4b:ce:b6:8d:78:34:f9:e3:70:e3:fe:f5:2f:61:3a:90:3a:8a:
54:74:31:56:ab:9e:fa:78:a6:4b:94:b4:fa:83:4d:ab:f2:67:
0f:af:00:19:2f:b1:f7:af:37:41:c4:fc:7d:a9:82:56:e4:04:
18:8d:7e:b0:62:b5:21:af:2f:4f:fb:b3:cf:0d:93:90:63:0c:
1e:3c:39:1a:c0:74:13:17:6c:49:ee:a2:25:90:22:ff:20:6b:
ee:d6:43:58:07:cd:2f:0f:63:69:91:e7:59:ac:61:a9:cc:53:
ee:27:7b:5c:7a:25:1a:e0:6d:8f:5d:ae:04:a2:46:e6:c1:03:
a4:a7:84:6a:5e:c0:83:bf:34:2b:0d:5f:1c:1b:a1:ce:8b:6e:
4e:2c:82:85:4b:ff:b0:33:89:8a:48:94:5e:c7:f4:d5:6c:e1:
f7:cc:c6:60:9e:7f:8d:ec:80:79:b2:f2:82:b7:55:73:f5:42:
c0:ab:d1:96:fe:a9:34:11:78:ca:60:ac:72:fe:f2:5c:aa:5e:
9b:27:0f:b8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN1XDxcIyfdRZalOsIV8RNrT5LAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MTYxMzMzNDhaFw0yNDA4MTQxMzM4NDhaMDMxMTAvBgNV
BAMTKEEzMTE2QTlCQ0Q0MEREQzg1QTgwNTlBMjkxOURCNDE0NjJGNzNFQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv3VM6eGSxpMKJIgw6rMs+V5wo
qouc6JsDyevheDRvFdkaVNpXT27IEAXxUUScd1VJGiB8mu46+l0cUWllZmSbnNZ6
f6FQ2CMaP4173B6ZTdJ0UIhc6M6exHLojvKXmu2MqePq5PGGcoheA1hXDahmxfzV
gjX1RkFbm47uoDs0pRCtPpYq7tQ4VTXM2pFgq2Z4M/7cAy7XRBsNMMvWLtB7Hll6
Bn0FTmz1qlmzI5LnS6ckcXirNghxVnKpRrbGKlX6qVonIrmS08JAzSKx4ylKHE8S
RcoCYx3H1k9Z3+dh/yFJjATe439UpYrNWJr/SfOEIqe4CKuTMM6BOpGl37r1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUoxFqm81A3chagFmikZ20FGL3PsQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVJMA0GCSqGSIb3DQEBCwUAA4IBAQCH8ExhZ/Tq3kUAr6E7FEDtcb/fTRFWz7Eb
tMybFjm6W08ZSoJxewUAK1GAAjuFipb+/Cp1KQRLzraNeDT543Dj/vUvYTqQOopU
dDFWq576eKZLlLT6g02r8mcPrwAZL7H3rzdBxPx9qYJW5AQYjX6wYrUhry9P+7PP
DZOQYwwePDkawHQTF2xJ7qIlkCL/IGvu1kNYB80vD2NpkedZrGGpzFPuJ3tceiUa
4G2PXa4EokbmwQOkp4RqXsCDvzQrDV8cG6HOi25OLIKFS/+wM4mKSJRex/TVbOH3
zMZgnn+N7IB5svKCt1Vz9ULAq9GW/qk0EXjKYKxy/vJcql6bJw+4
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org