Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: VVz8UWGK6FlqfRGoQH0Gwq7paiQjxJ7PmGj0+rtHsz4=
Subject key identifier: 05:CD:DB:27:B2:87:51:7C:55:37:99:73:02:24:A1:B1:74:76:00:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F51826971E460D0B29FF512FB121F5177003B5F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 17 Jul 2024 14:04:14 +0000
ROA not before: Wed 17 Jul 2024 13:59:14 +0000
ROA not after: Wed 16 Jul 2025 14:04:14 +0000
asID: 204170
IP address blocks: 82.149.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:51:82:69:71:e4:60:d0:b2:9f:f5:12:fb:12:1f:51:77:00:3b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 17 13:59:14 2024 GMT
Not After : Jul 16 14:04:14 2025 GMT
Subject: CN=05CDDB27B287517C553799730224A1B1747600AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:c4:88:1b:78:29:2f:7a:07:ca:b4:9d:99:
51:53:a7:af:1c:ce:bc:28:41:9a:79:db:a1:e3:ee:
04:28:07:ca:2b:f1:72:17:fd:6d:45:f4:48:1e:eb:
f6:c2:f8:4d:85:73:7e:f6:95:77:75:e1:24:ac:ea:
c4:c4:19:71:15:27:27:54:b1:91:e9:14:fe:4d:56:
89:57:96:b3:6d:80:6c:be:d2:9d:1c:67:14:a4:14:
b7:32:01:a2:72:50:99:be:d8:8b:92:cc:70:0b:39:
c1:d7:f4:a0:cc:13:88:dd:53:c8:0b:44:6b:ea:8e:
f8:79:87:2a:0d:0b:bc:bd:30:e4:ff:c4:b4:be:07:
52:f1:e3:16:23:d0:0e:4a:1a:61:89:91:ab:ce:f5:
ba:47:ca:87:47:43:f7:c7:e2:1f:65:12:5f:ff:fb:
80:e9:4e:06:0f:3d:34:e1:0a:22:03:ba:c1:a4:52:
a0:98:f4:42:a4:a1:81:15:56:cb:6f:4d:25:fd:89:
d9:d9:73:75:b4:2f:ba:ad:1f:4e:32:03:76:f2:9c:
77:29:a2:57:ff:e1:7a:a7:c1:d1:a9:4a:6c:30:bd:
4d:22:1c:4e:31:9e:1a:df:e7:3a:92:05:38:65:ee:
9d:3b:40:11:15:0a:2c:b4:bc:ba:a1:20:73:2c:b4:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:CD:DB:27:B2:87:51:7C:55:37:99:73:02:24:A1:B1:74:76:00:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.75.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a1:02:0f:39:db:b8:18:5e:cb:70:ba:ea:34:28:ed:a3:53:
02:15:ca:30:87:84:66:df:18:24:50:41:f5:8a:5d:ba:90:1b:
65:25:02:47:e7:2a:8e:4f:4f:ab:02:48:bc:48:83:e0:09:82:
84:20:85:74:8e:3b:9f:0a:f2:a2:fd:e8:3b:a4:a4:5c:14:86:
b0:c5:c4:41:4e:b1:f5:ba:e4:65:50:a4:5c:96:7b:86:46:2c:
f1:75:dc:65:12:c9:e8:81:0f:f5:ca:7a:06:5c:f1:67:f2:b5:
dc:b6:69:70:7f:3e:04:9c:8b:9c:2e:a6:34:e7:c0:d1:e3:b8:
e3:6f:11:59:ee:36:4c:ca:b2:11:11:8c:e9:98:7d:19:4d:51:
eb:b7:3a:21:29:99:04:b9:8a:32:70:01:97:f5:bb:f7:4a:05:
80:04:94:60:d4:e6:b5:ff:f3:e9:8d:0a:2c:08:15:48:e3:3a:
12:1c:62:09:ac:75:da:69:05:87:44:44:34:ea:aa:23:24:46:
8f:60:02:9c:bf:72:d1:90:7f:e4:6d:a0:98:e1:54:42:2f:49:
79:ba:43:5c:a7:2e:02:97:75:57:f6:d7:13:ba:12:3e:d2:d6:
16:26:52:70:fe:4e:c9:e6:7e:2b:b7:6a:79:3c:65:bf:2c:0a:
19:10:f2:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUH1GCaXHkYNCyn/US+xIfUXcAO18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MTcxMzU5MTRaFw0yNTA3MTYxNDA0MTRaMDMxMTAvBgNV
BAMTKDA1Q0REQjI3QjI4NzUxN0M1NTM3OTk3MzAyMjRBMUIxNzQ3NjAwQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC868SIG3gpL3oHyrSdmVFTp68c
zrwoQZp526Hj7gQoB8or8XIX/W1F9Ege6/bC+E2Fc372lXd14SSs6sTEGXEVJydU
sZHpFP5NVolXlrNtgGy+0p0cZxSkFLcyAaJyUJm+2IuSzHALOcHX9KDME4jdU8gL
RGvqjvh5hyoNC7y9MOT/xLS+B1Lx4xYj0A5KGmGJkavO9bpHyodHQ/fH4h9lEl//
+4DpTgYPPTThCiIDusGkUqCY9EKkoYEVVstvTSX9idnZc3W0L7qtH04yA3bynHcp
olf/4XqnwdGpSmwwvU0iHE4xnhrf5zqSBThl7p07QBEVCiy0vLqhIHMstKr7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBc3bJ7KHUXxVN5lzAiShsXR2AKowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVLMA0GCSqGSIb3DQEBCwUAA4IBAQAPoQIPOdu4GF7LcLrqNCjto1MCFcowh4Rm
3xgkUEH1il26kBtlJQJH5yqOT0+rAki8SIPgCYKEIIV0jjufCvKi/eg7pKRcFIaw
xcRBTrH1uuRlUKRclnuGRizxddxlEsnogQ/1ynoGXPFn8rXctmlwfz4EnIucLqY0
58DR47jjbxFZ7jZMyrIREYzpmH0ZTVHrtzohKZkEuYoycAGX9bv3SgWABJRg1Oa1
//PpjQosCBVI4zoSHGIJrHXaaQWHREQ06qojJEaPYAKcv3LRkH/kbaCY4VRCL0l5
ukNcpy4Cl3VX9tcTuhI+0tYWJlJw/k7J5n4rt2p5PGW/LAoZEPKe
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org