Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: oKmU5d6QfBQ/RCPHLwPFJC6nYhlMUCq7QL0K9HsvIZ0=
Subject key identifier: 94:1F:35:C3:79:59:C3:96:4D:9E:6A:D6:30:30:C2:54:E1:CA:FE:CF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 23D4B113213A7038DAF9745997FE2088D10821E5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 16 Aug 2023 13:39:04 +0000
ROA not before: Wed 16 Aug 2023 13:34:04 +0000
ROA not after: Wed 14 Aug 2024 13:39:04 +0000
asID: 204170
IP address blocks: 82.149.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d4:b1:13:21:3a:70:38:da:f9:74:59:97:fe:20:88:d1:08:21:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 16 13:34:04 2023 GMT
Not After : Aug 14 13:39:04 2024 GMT
Subject: CN=941F35C37959C3964D9E6AD63030C254E1CAFECF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5f:e4:e4:06:40:11:d3:6f:fe:08:38:91:69:
5c:fb:75:10:b1:b8:1f:56:2a:4b:27:97:b2:df:bd:
c1:14:4f:1f:f5:26:a5:b5:33:00:39:1c:da:63:7e:
b4:1d:07:e7:ba:3e:f0:9f:19:2c:52:f0:f1:61:5a:
b5:03:bd:42:a5:e4:b4:ee:be:af:5c:48:24:d2:02:
32:d9:6c:19:6c:fd:41:d5:5a:ec:fc:16:b0:93:87:
71:10:4e:b1:82:c3:bf:db:6c:6f:c7:28:ff:e8:af:
f7:ca:66:63:0d:c9:1f:ce:27:38:ca:81:50:83:9c:
49:da:c6:77:fe:62:69:47:29:ef:1f:69:38:a4:f1:
3e:08:6e:ea:e1:54:be:04:c8:c7:7b:f6:24:c8:d9:
f7:75:83:d9:fd:79:01:dc:58:a9:f5:f3:34:c5:34:
82:7e:74:5e:87:e4:e8:07:11:31:0c:d9:ff:6d:d2:
61:f2:c4:0b:33:99:fa:81:f0:50:49:81:ad:be:13:
7b:5c:14:83:24:d0:6f:30:37:47:36:6d:ff:da:61:
59:eb:73:ca:79:50:af:e1:d4:bf:9e:2c:21:09:95:
86:0c:9b:68:2c:41:f4:96:99:29:86:23:d3:e3:45:
ff:57:c1:ad:d8:31:3b:09:14:de:f8:05:54:9d:06:
24:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1F:35:C3:79:59:C3:96:4D:9E:6A:D6:30:30:C2:54:E1:CA:FE:CF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.74.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:54:4f:49:0b:f6:ab:92:f5:01:0c:23:d4:d8:ac:c3:fd:e2:
30:f1:64:17:53:66:f4:63:bf:24:c0:e6:5f:b8:b4:ba:af:9e:
ee:47:9d:cb:50:ae:8e:9d:eb:a9:c4:24:bd:65:fb:51:53:4e:
f8:e4:4b:1f:fe:bf:99:49:21:33:cf:63:35:a0:72:98:f2:b2:
92:6a:05:e7:2d:50:60:43:ed:8f:ed:62:c5:aa:b2:9e:e5:ac:
d6:04:8c:98:92:ff:00:7c:95:21:13:b0:ad:63:3a:37:f7:0a:
9d:c8:7e:2f:22:e9:2b:10:c9:72:79:c2:94:86:1b:e6:9f:fe:
75:6e:21:69:40:ea:95:a9:8a:20:f8:e8:25:a6:2e:17:4a:c5:
55:80:09:d1:d9:78:61:0a:82:88:02:6b:c0:1f:ab:93:b9:90:
10:8a:0e:4e:e4:1e:e6:bc:05:78:9a:ee:9a:42:d0:d0:8a:24:
6d:9a:12:b1:4d:4f:f3:31:84:5f:88:f1:44:cc:71:f4:17:a4:
33:cd:3d:f1:b8:80:79:5c:2c:50:7e:1f:12:f5:8f:33:45:ad:
e7:03:2f:6a:a9:3e:89:d3:e7:29:29:82:69:24:9a:86:b0:88:
c6:d3:f2:2b:72:8c:51:9f:fc:1f:bd:7a:ef:9d:d6:b4:25:30:
bf:3e:a9:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUI9SxEyE6cDja+XRZl/4giNEIIeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA4MTYxMzM0MDRaFw0yNDA4MTQxMzM5MDRaMDMxMTAvBgNV
BAMTKDk0MUYzNUMzNzk1OUMzOTY0RDlFNkFENjMwMzBDMjU0RTFDQUZFQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgX+TkBkAR02/+CDiRaVz7dRCx
uB9WKksnl7LfvcEUTx/1JqW1MwA5HNpjfrQdB+e6PvCfGSxS8PFhWrUDvUKl5LTu
vq9cSCTSAjLZbBls/UHVWuz8FrCTh3EQTrGCw7/bbG/HKP/or/fKZmMNyR/OJzjK
gVCDnEnaxnf+YmlHKe8faTik8T4IburhVL4EyMd79iTI2fd1g9n9eQHcWKn18zTF
NIJ+dF6H5OgHETEM2f9t0mHyxAszmfqB8FBJga2+E3tcFIMk0G8wN0c2bf/aYVnr
c8p5UK/h1L+eLCEJlYYMm2gsQfSWmSmGI9PjRf9Xwa3YMTsJFN74BVSdBiRzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlB81w3lZw5ZNnmrWMDDCVOHK/s8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVKMA0GCSqGSIb3DQEBCwUAA4IBAQCMVE9JC/arkvUBDCPU2KzD/eIw8WQXU2b0
Y78kwOZfuLS6r57uR53LUK6OneupxCS9ZftRU0745Esf/r+ZSSEzz2M1oHKY8rKS
agXnLVBgQ+2P7WLFqrKe5azWBIyYkv8AfJUhE7CtYzo39wqdyH4vIukrEMlyecKU
hhvmn/51biFpQOqVqYog+Oglpi4XSsVVgAnR2XhhCoKIAmvAH6uTuZAQig5O5B7m
vAV4mu6aQtDQiiRtmhKxTU/zMYRfiPFEzHH0F6QzzT3xuIB5XCxQfh8S9Y8zRa3n
Ay9qqT6J0+cpKYJpJJqGsIjG0/IrcoxRn/wfvXrvnda0JTC/PqlR
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:45 2024 by rpki-client on console-fra.rpki-client.org