Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38312e302f32342d3234203d3e20313336373837.roa
File: 38322e3134392e38312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: PO7Jh2hu1IcXgXK/A0PQJQvDQrG0RFgbLocKw1i0GhQ=
Subject key identifier: 23:FE:93:61:65:E4:F3:8A:B1:2A:23:8D:C7:56:B3:F4:88:D2:72:B4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 563B8870492DEA0F89D5C60C72BD54D8B8BC8C11
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:41 +0000
ROA not before: Fri 27 Dec 2024 19:39:41 +0000
ROA not after: Fri 26 Dec 2025 19:44:41 +0000
asID: 136787
IP address blocks: 82.149.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:3b:88:70:49:2d:ea:0f:89:d5:c6:0c:72:bd:54:d8:b8:bc:8c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:41 2024 GMT
Not After : Dec 26 19:44:41 2025 GMT
Subject: CN=23FE936165E4F38AB12A238DC756B3F488D272B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:54:e0:84:fe:f9:6a:16:e9:4f:ec:e1:a6:
66:85:c8:7d:99:3e:c3:41:2b:79:d3:b1:66:d6:b2:
eb:90:d7:f2:85:c3:c6:3c:9c:19:57:c6:9e:08:45:
93:0e:48:3d:e9:7f:bf:f4:b3:72:01:7b:62:00:4b:
56:e9:d9:3f:ae:70:cd:47:ed:c0:ff:d6:3d:a1:49:
60:d0:d4:cf:bc:e2:a4:6d:f5:2e:f8:32:f8:46:e9:
ab:4a:ac:8f:91:8a:75:2d:58:f6:36:a0:e1:c9:00:
4a:b6:57:f3:25:ec:8f:a2:36:4b:85:84:66:cf:05:
d4:3e:d0:3b:57:bb:e4:c6:98:22:6a:fd:e7:20:d5:
34:a9:3b:ed:0c:ea:d3:b2:27:25:5f:5e:8c:9e:fd:
09:18:64:d2:05:98:a1:0f:44:78:50:b3:46:38:df:
7f:c6:a5:e4:f8:92:58:3a:13:d8:29:22:19:66:28:
5d:74:d2:0e:57:57:36:37:e3:d5:3e:e6:34:f0:cb:
5c:48:8a:df:fd:49:c6:99:d1:a9:5c:b7:1d:d3:da:
f5:38:b7:cf:cb:01:ca:e1:36:73:51:00:72:07:b0:
a4:db:24:11:cf:ec:b8:9b:ee:39:06:ef:4c:64:06:
74:bb:ce:76:b8:15:a6:4b:f1:57:bb:8b:29:bb:93:
3b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FE:93:61:65:E4:F3:8A:B1:2A:23:8D:C7:56:B3:F4:88:D2:72:B4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.81.0/24
Signature Algorithm: sha256WithRSAEncryption
57:09:01:2c:54:d5:d2:ec:b5:e8:94:4a:d8:6e:26:05:95:8c:
ad:19:fb:f3:f9:3a:f6:e5:d8:31:23:81:f4:63:e8:ad:05:63:
49:68:10:d8:b5:4b:ad:90:08:2a:ba:a1:e3:3c:4a:7e:22:c8:
f6:f5:21:a9:00:82:2e:95:9f:dd:81:aa:fa:b5:e7:75:5b:42:
d8:88:cc:64:10:16:cf:15:86:4d:56:b7:50:2d:0c:67:61:ef:
91:6e:12:3a:06:6c:2e:e3:ca:1f:87:25:a7:e2:86:98:78:63:
f0:39:7a:dd:36:3d:0c:eb:74:10:c1:9d:60:21:1b:88:0e:fb:
1b:c8:5f:51:d3:5c:cb:4e:12:75:62:d5:22:71:e1:62:71:71:
fe:07:36:16:52:77:6f:03:9b:3d:6a:6f:16:ab:55:66:59:25:
42:79:dd:91:70:cf:5f:09:21:e5:3d:2a:52:a7:0c:f0:43:a2:
dd:12:d8:8c:f3:2b:2d:44:08:04:8a:47:df:19:e5:1f:bb:3d:
4a:95:2b:19:a1:07:aa:22:a9:56:84:27:d0:3f:d1:2a:0a:c2:
49:26:ed:00:f1:fa:7c:96:f8:60:dd:3e:89:dd:50:c7:c6:ca:
f0:49:a9:19:c4:e6:aa:24:da:cf:a6:74:38:d0:0a:9c:aa:92:
81:6d:87:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVjuIcEkt6g+J1cYMcr1U2Li8jBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5NDFaFw0yNTEyMjYxOTQ0NDFaMDMxMTAvBgNV
BAMTKDIzRkU5MzYxNjVFNEYzOEFCMTJBMjM4REM3NTZCM0Y0ODhEMjcyQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClmlTghP75ahbpT+zhpmaFyH2Z
PsNBK3nTsWbWsuuQ1/KFw8Y8nBlXxp4IRZMOSD3pf7/0s3IBe2IAS1bp2T+ucM1H
7cD/1j2hSWDQ1M+84qRt9S74MvhG6atKrI+RinUtWPY2oOHJAEq2V/Ml7I+iNkuF
hGbPBdQ+0DtXu+TGmCJq/ecg1TSpO+0M6tOyJyVfXoye/QkYZNIFmKEPRHhQs0Y4
33/GpeT4klg6E9gpIhlmKF100g5XVzY349U+5jTwy1xIit/9ScaZ0alctx3T2vU4
t8/LAcrhNnNRAHIHsKTbJBHP7Lib7jkG70xkBnS7zna4FaZL8Ve7iym7kzuNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUI/6TYWXk84qxKiONx1az9IjScrQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzODMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVRMA0GCSqGSIb3DQEBCwUAA4IBAQBXCQEsVNXS7LXolErYbiYFlYytGfvz+Tr2
5dgxI4H0Y+itBWNJaBDYtUutkAgquqHjPEp+Isj29SGpAIIulZ/dgar6ted1W0LY
iMxkEBbPFYZNVrdQLQxnYe+RbhI6Bmwu48ofhyWn4oaYeGPwOXrdNj0M63QQwZ1g
IRuIDvsbyF9R01zLThJ1YtUiceFicXH+BzYWUndvA5s9am8Wq1VmWSVCed2RcM9f
CSHlPSpSpwzwQ6LdEtiM8ystRAgEikffGeUfuz1KlSsZoQeqIqlWhCfQP9EqCsJJ
Ju0A8fp8lvhg3T6J3VDHxsrwSakZxOaqJNrPpnQ40AqcqpKBbYdl
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:29:40 2025 by rpki-client