Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135302e302f32342d3234203d3e20313336373837.roa
File: 38322e3138302e3135302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Z9WWj/CmF/51XOTrkhW8OiThsj5jBSYQp+vn23zn41c=
Subject key identifier: AF:06:41:85:60:41:C8:C7:90:0D:0A:F6:F2:22:6F:32:A1:78:3E:C9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 666CB9B8820030F9CA72ADA80619F47792C4BF73
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135302e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:20 +0000
ROA not before: Mon 26 Feb 2024 08:48:20 +0000
ROA not after: Mon 24 Feb 2025 08:53:20 +0000
asID: 136787
IP address blocks: 82.180.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:6c:b9:b8:82:00:30:f9:ca:72:ad:a8:06:19:f4:77:92:c4:bf:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:20 2024 GMT
Not After : Feb 24 08:53:20 2025 GMT
Subject: CN=AF0641856041C8C7900D0AF6F2226F32A1783EC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e8:de:33:c6:91:88:23:f1:18:46:10:98:9b:
8a:39:06:cb:55:5f:f5:e0:9e:36:5e:67:e8:f5:cd:
40:52:45:38:c3:66:2f:ec:e1:41:18:64:04:1f:ee:
7b:4c:d6:fc:94:6b:ef:17:cc:c5:a0:94:03:77:6e:
a6:69:00:90:5a:f0:5f:a2:b5:58:bb:8f:91:3f:8b:
36:db:14:c1:44:40:8a:19:46:fc:b6:ee:5f:0a:f5:
4e:c7:b2:ec:1a:e8:93:73:ad:9d:b7:5b:db:50:3c:
cb:61:5a:10:ac:26:81:05:64:02:30:b2:3f:c4:ef:
b7:24:e9:a8:12:52:11:90:94:6b:61:9a:b0:d0:55:
e7:48:85:30:13:ae:da:50:29:91:47:9d:a8:10:ef:
74:85:51:f2:38:d9:7b:a8:c7:dd:68:82:e7:f1:cd:
53:64:0c:39:9d:be:e3:30:27:d7:a4:4a:ca:12:44:
ad:f5:c3:ca:14:40:d1:f3:25:2c:37:6c:59:9e:2d:
e1:ed:22:54:cc:ed:47:75:cc:1e:af:67:4a:58:9a:
44:1a:5a:ab:87:80:55:ef:5c:c5:69:3b:de:83:ea:
0e:87:8b:ca:b4:b7:99:5c:c4:a5:55:6b:30:13:18:
00:83:8b:d1:80:7f:da:4a:ad:ff:aa:94:e9:ce:ec:
10:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:06:41:85:60:41:C8:C7:90:0D:0A:F6:F2:22:6F:32:A1:78:3E:C9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.150.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7b:de:1c:3d:42:d3:29:ee:e0:b7:b7:95:5a:e3:88:36:f4:
1d:77:41:40:3c:74:2d:62:fb:28:58:43:f0:b4:f8:12:e1:09:
c2:a0:89:aa:31:7c:f1:36:c9:20:54:cb:13:28:4c:af:16:4b:
19:6e:fc:34:cd:06:55:06:7c:67:69:3c:d5:02:b1:51:59:d3:
f1:33:41:23:e9:d3:31:08:f7:24:22:b2:9a:6c:d1:0f:43:b1:
90:02:0a:c2:24:6b:e1:a3:4e:af:b2:85:13:0f:68:eb:1a:24:
68:9c:63:b8:0a:26:87:29:86:63:fc:73:a6:4c:7f:92:47:63:
01:88:97:d2:ee:26:37:74:94:8b:d7:69:91:58:35:2f:bf:6d:
d6:28:5f:d6:19:15:3e:12:09:cb:d4:2b:83:c6:bb:00:45:1a:
75:1c:46:99:58:ad:95:ab:ab:68:02:ba:f3:98:5a:d7:17:55:
39:da:2a:6e:dd:3d:28:62:f5:69:bc:94:f6:f4:49:45:81:4b:
9d:0a:84:b2:d4:bc:af:30:6b:3f:11:63:36:68:e1:d1:68:ee:
25:b5:4e:95:4d:2a:dc:00:6e:8b:4c:bd:a7:cc:f4:58:db:fe:
f1:28:63:8e:d3:19:87:8f:37:3e:d3:95:ab:54:a5:9f:d8:42:
1a:f5:46:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZmy5uIIAMPnKcq2oBhn0d5LEv3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjBaFw0yNTAyMjQwODUzMjBaMDMxMTAvBgNV
BAMTKEFGMDY0MTg1NjA0MUM4Qzc5MDBEMEFGNkYyMjI2RjMyQTE3ODNFQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS6N4zxpGII/EYRhCYm4o5BstV
X/XgnjZeZ+j1zUBSRTjDZi/s4UEYZAQf7ntM1vyUa+8XzMWglAN3bqZpAJBa8F+i
tVi7j5E/izbbFMFEQIoZRvy27l8K9U7Hsuwa6JNzrZ23W9tQPMthWhCsJoEFZAIw
sj/E77ck6agSUhGQlGthmrDQVedIhTATrtpQKZFHnagQ73SFUfI42Xuox91ogufx
zVNkDDmdvuMwJ9ekSsoSRK31w8oUQNHzJSw3bFmeLeHtIlTM7Ud1zB6vZ0pYmkQa
WquHgFXvXMVpO96D6g6Hi8q0t5lcxKVVazATGACDi9GAf9pKrf+qlOnO7BAZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrwZBhWBByMeQDQr28iJvMqF4PskwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABStJYwDQYJKoZIhvcNAQELBQADggEBAHh73hw9QtMp7uC3t5Va44g29B13QUA8
dC1i+yhYQ/C0+BLhCcKgiaoxfPE2ySBUyxMoTK8WSxlu/DTNBlUGfGdpPNUCsVFZ
0/EzQSPp0zEI9yQispps0Q9DsZACCsIka+GjTq+yhRMPaOsaJGicY7gKJocphmP8
c6ZMf5JHYwGIl9LuJjd0lIvXaZFYNS+/bdYoX9YZFT4SCcvUK4PGuwBFGnUcRplY
rZWrq2gCuvOYWtcXVTnaKm7dPShi9Wm8lPb0SUWBS50KhLLUvK8waz8RYzZo4dFo
7iW1TpVNKtwAbotMvafM9Fjb/vEoY47TGYePNz7TlatUpZ/YQhr1RoA=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org