Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: ZpaKPGNLfgyZJY+uQv/8FQQANhh3QP0KW8ErYIcYYWA=
Subject key identifier: 77:AD:DC:D9:49:E6:FE:27:FF:B0:A8:92:1A:AD:56:E1:E9:C6:FA:A6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B4711BBC75951A62B2BB18A2830C0D2BC500739
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 17 Jul 2024 14:04:14 +0000
ROA not before: Wed 17 Jul 2024 13:59:14 +0000
ROA not after: Wed 16 Jul 2025 14:04:14 +0000
asID: 204170
IP address blocks: 82.149.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:47:11:bb:c7:59:51:a6:2b:2b:b1:8a:28:30:c0:d2:bc:50:07:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 17 13:59:14 2024 GMT
Not After : Jul 16 14:04:14 2025 GMT
Subject: CN=77ADDCD949E6FE27FFB0A8921AAD56E1E9C6FAA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:13:35:ac:23:66:23:a0:08:a3:3e:f3:cc:
05:00:c4:e2:ea:af:12:87:02:bd:7f:11:c2:67:51:
27:d6:29:e7:ae:51:22:51:5a:78:f3:90:22:73:18:
e9:3a:f9:ff:b2:b6:bd:58:90:65:06:05:f1:09:09:
a0:ed:0b:41:f6:db:f0:62:8a:0f:12:20:69:e3:24:
5d:4e:4d:12:e5:99:f8:54:8f:b4:68:9a:5a:57:bb:
bb:fe:3d:c6:44:a5:db:e6:0f:30:28:bf:d6:64:fb:
92:15:ed:61:9b:2e:5a:b5:eb:a1:9b:63:f7:9e:c5:
c2:42:70:43:bc:5d:c1:11:21:51:e5:af:58:17:e4:
c2:86:3e:fe:e5:c2:0a:19:af:5b:2f:c9:f2:bb:bf:
cc:ad:01:05:fe:8a:c0:44:95:f4:95:87:bc:bf:9d:
c7:04:e1:1f:f4:f6:a3:fd:bd:6e:95:51:ec:fe:e6:
42:b9:d8:62:c6:e1:12:5c:cd:4e:4d:b3:f0:96:8d:
40:78:a4:1c:23:cb:0e:d0:07:ad:80:26:76:12:3f:
a2:d3:15:f1:23:f4:7c:11:8f:77:0a:23:0d:cb:1c:
b9:cf:13:3c:de:a0:65:57:fc:90:b3:8a:53:89:82:
c1:ec:97:da:18:d6:e5:32:ae:60:80:04:67:bd:66:
38:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:DC:D9:49:E6:FE:27:FF:B0:A8:92:1A:AD:56:E1:E9:C6:FA:A6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.74.0/24
Signature Algorithm: sha256WithRSAEncryption
05:41:9e:35:29:b5:72:1b:7e:e1:27:d9:fc:3c:0d:79:74:69:
19:5a:20:92:c5:21:71:1c:28:e0:6a:b5:fe:7b:d0:95:9d:c6:
38:b4:38:b4:ca:5c:7c:d8:05:02:d7:f7:8a:31:b5:49:f5:7b:
f1:91:5b:ff:e3:00:66:00:67:fa:17:d3:0b:25:59:38:34:53:
30:71:73:e5:96:8c:96:f9:ce:4f:1a:c7:e2:fd:62:88:1b:8e:
c3:61:cc:b1:6b:4e:59:be:51:c9:a2:e1:11:8d:1d:65:b6:7e:
c7:29:3b:d0:e5:ba:70:f8:43:40:d1:3e:55:e7:10:7f:e7:d1:
1c:63:91:94:13:ef:02:58:89:bd:fe:df:85:b3:5d:ce:ef:bc:
40:73:af:14:38:f4:83:ee:cd:fb:81:a5:8c:46:38:50:1a:2a:
11:b5:52:e5:b6:e6:19:31:41:6a:81:e5:2e:cf:92:25:d9:84:
a2:60:54:a6:24:a7:60:e8:48:0b:94:58:0f:fb:09:44:4c:75:
f6:af:35:f5:ef:d8:25:95:67:54:cb:a1:5e:56:3a:0c:0e:6b:
1d:16:64:e7:c3:9f:40:9c:94:68:a0:2e:e5:fb:6c:0b:81:c2:
74:00:87:fe:6f:3d:01:71:f2:f0:57:ab:ba:af:17:ad:43:d5:
51:91:45:c5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUW0cRu8dZUaYrK7GKKDDA0rxQBzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MTcxMzU5MTRaFw0yNTA3MTYxNDA0MTRaMDMxMTAvBgNV
BAMTKDc3QUREQ0Q5NDlFNkZFMjdGRkIwQTg5MjFBQUQ1NkUxRTlDNkZBQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8BhM1rCNmI6AIoz7zzAUAxOLq
rxKHAr1/EcJnUSfWKeeuUSJRWnjzkCJzGOk6+f+ytr1YkGUGBfEJCaDtC0H22/Bi
ig8SIGnjJF1OTRLlmfhUj7RomlpXu7v+PcZEpdvmDzAov9Zk+5IV7WGbLlq166Gb
Y/eexcJCcEO8XcERIVHlr1gX5MKGPv7lwgoZr1svyfK7v8ytAQX+isBElfSVh7y/
nccE4R/09qP9vW6VUez+5kK52GLG4RJczU5Ns/CWjUB4pBwjyw7QB62AJnYSP6LT
FfEj9HwRj3cKIw3LHLnPEzzeoGVX/JCzilOJgsHsl9oY1uUyrmCABGe9ZjjzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUd63c2Unm/if/sKiSGq1W4enG+qYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVKMA0GCSqGSIb3DQEBCwUAA4IBAQAFQZ41KbVyG37hJ9n8PA15dGkZWiCSxSFx
HCjgarX+e9CVncY4tDi0ylx82AUC1/eKMbVJ9XvxkVv/4wBmAGf6F9MLJVk4NFMw
cXPlloyW+c5PGsfi/WKIG47DYcyxa05ZvlHJouERjR1ltn7HKTvQ5bpw+ENA0T5V
5xB/59EcY5GUE+8CWIm9/t+Fs13O77xAc68UOPSD7s37gaWMRjhQGioRtVLltuYZ
MUFqgeUuz5Il2YSiYFSmJKdg6EgLlFgP+wlETHX2rzX179gllWdUy6FeVjoMDmsd
FmTnw59AnJRooC7l+2wLgcJ0AIf+bz0BcfLwV6u6rxetQ9VRkUXF
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org