Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37392e302f32342d3234203d3e20313336373837.roa
File: 38322e3134392e37392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 9syFUoofjH6lRncYqvGYtsSACFt5ClTL1sVKOn5VaUA=
Subject key identifier: 86:E7:8D:A6:04:0F:6B:72:F9:E5:63:FD:36:99:9E:86:15:E2:27:65
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A3FE7611FF307DB76D2F1ED430B1EBCFAF16FC3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 30 Jan 2024 19:25:52 +0000
ROA not before: Tue 30 Jan 2024 19:20:52 +0000
ROA not after: Tue 28 Jan 2025 19:25:52 +0000
asID: 136787
IP address blocks: 82.149.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3f:e7:61:1f:f3:07:db:76:d2:f1:ed:43:0b:1e:bc:fa:f1:6f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 30 19:20:52 2024 GMT
Not After : Jan 28 19:25:52 2025 GMT
Subject: CN=86E78DA6040F6B72F9E563FD36999E8615E22765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6c:5d:76:e4:8a:75:3b:dd:70:45:2e:7f:de:
ba:21:fa:37:7e:32:09:03:02:bd:58:86:de:04:24:
ea:db:91:85:bf:ba:03:e3:14:e4:59:fc:b5:3f:6b:
b0:2f:c3:7a:9a:5c:c2:82:62:e0:be:e9:3e:41:8c:
a2:60:eb:a5:29:4a:44:2c:d7:32:c6:1f:54:19:fb:
d5:6b:8b:13:9e:71:12:4f:9d:e7:5f:e8:38:ce:85:
a0:86:54:ab:55:2d:c1:b6:75:7d:56:fb:f3:63:b8:
49:ed:61:95:42:06:62:18:7c:09:fb:83:31:2d:a1:
ad:64:f5:8f:e3:7a:0c:0c:86:8e:d9:c2:18:3b:c5:
aa:84:e4:0d:9b:41:17:c5:9a:0c:79:d5:67:53:7c:
31:61:d2:d1:88:25:17:33:42:cf:89:8a:c6:b1:14:
05:8e:9b:77:7a:83:95:17:6a:0a:03:a8:53:d6:d5:
69:bc:65:0e:9e:c0:f1:e6:b5:c6:7e:ba:bb:4a:48:
63:00:a3:ff:b8:3d:67:5f:35:39:35:ab:9f:70:ce:
08:8c:05:de:54:1c:41:66:83:f0:15:30:d1:a2:90:
33:8d:9d:05:46:f4:c2:ac:34:29:02:95:ce:51:f7:
8f:fb:fc:79:05:1b:3f:d1:fd:cf:20:87:ff:3c:8b:
71:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E7:8D:A6:04:0F:6B:72:F9:E5:63:FD:36:99:9E:86:15:E2:27:65
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.79.0/24
Signature Algorithm: sha256WithRSAEncryption
40:03:95:61:1d:10:d4:4d:8f:14:26:0e:79:db:a8:ba:76:d7:
78:4b:60:58:63:b7:fa:15:0d:9f:fa:64:f5:33:6d:59:94:ae:
1e:e6:fc:3b:9f:1b:d3:81:26:b5:33:e6:50:b6:82:7a:ca:69:
74:22:fa:ec:b2:07:44:ec:2e:1e:d7:d0:a0:b4:a7:3e:03:57:
a4:06:33:db:d8:7b:ca:f3:81:3e:32:23:07:89:92:28:26:d9:
c3:f0:cc:27:a7:77:42:92:05:1d:93:4a:cc:af:28:b6:2e:9d:
6a:57:6e:93:0d:a4:f8:bc:3b:ee:60:fc:5d:81:bf:6a:8b:b4:
f3:0c:77:f9:93:05:a7:2e:c7:6a:c9:ee:3d:65:17:04:30:a4:
c6:ea:7a:a1:77:b1:d2:5f:2f:2a:b6:d2:b6:96:7c:c1:3b:2e:
55:4f:86:fd:62:ba:f1:a4:b6:04:df:d8:1c:1f:e3:b9:47:74:
36:78:2e:17:88:4e:52:15:1f:c5:e6:2f:f4:35:2a:19:91:b1:
22:b9:bd:6e:3e:44:d5:d1:ed:eb:5e:78:fc:ed:d8:24:09:1c:
e7:90:0c:6f:c6:78:78:0f:30:1d:01:83:c9:77:76:e0:a1:6f:
e8:6e:9e:f0:f4:69:c1:cc:54:60:88:32:ba:cc:43:a9:b4:b4:
a9:08:61:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWj/nYR/zB9t20vHtQwsevPrxb8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMzAxOTIwNTJaFw0yNTAxMjgxOTI1NTJaMDMxMTAvBgNV
BAMTKDg2RTc4REE2MDQwRjZCNzJGOUU1NjNGRDM2OTk5RTg2MTVFMjI3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDibF125Ip1O91wRS5/3roh+jd+
MgkDAr1Yht4EJOrbkYW/ugPjFORZ/LU/a7Avw3qaXMKCYuC+6T5BjKJg66UpSkQs
1zLGH1QZ+9VrixOecRJPnedf6DjOhaCGVKtVLcG2dX1W+/NjuEntYZVCBmIYfAn7
gzEtoa1k9Y/jegwMho7Zwhg7xaqE5A2bQRfFmgx51WdTfDFh0tGIJRczQs+Jisax
FAWOm3d6g5UXagoDqFPW1Wm8ZQ6ewPHmtcZ+urtKSGMAo/+4PWdfNTk1q59wzgiM
Bd5UHEFmg/AVMNGikDONnQVG9MKsNCkClc5R94/7/HkFGz/R/c8gh/88i3FHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhueNpgQPa3L55WP9NpmehhXiJ2UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVPMA0GCSqGSIb3DQEBCwUAA4IBAQBAA5VhHRDUTY8UJg5526i6dtd4S2BYY7f6
FQ2f+mT1M21ZlK4e5vw7nxvTgSa1M+ZQtoJ6yml0IvrssgdE7C4e19CgtKc+A1ek
BjPb2HvK84E+MiMHiZIoJtnD8Mwnp3dCkgUdk0rMryi2Lp1qV26TDaT4vDvuYPxd
gb9qi7TzDHf5kwWnLsdqye49ZRcEMKTG6nqhd7HSXy8qttK2lnzBOy5VT4b9Yrrx
pLYE39gcH+O5R3Q2eC4XiE5SFR/F5i/0NSoZkbEiub1uPkTV0e3rXnj87dgkCRzn
kAxvxnh4DzAdAYPJd3bgoW/obp7w9GnBzFRgiDK6zEOptLSpCGFC
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org