Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa
File: 38322e3138302e3137322e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: pmXMsib8T3VM8grFK9RNBBrhPlKf9uPLGuqh06sWJHQ=
Subject key identifier: E9:9E:90:AB:3A:60:4C:3F:EC:61:E8:F1:EF:C9:D1:F1:14:B3:DC:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53C7292779CC5FBBFA83CF36C96747D730ADF3C4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa
Signing time: Mon 26 Feb 2024 08:53:01 +0000
ROA not before: Mon 26 Feb 2024 08:48:01 +0000
ROA not after: Mon 24 Feb 2025 08:53:01 +0000
asID: 47583
IP address blocks: 82.180.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c7:29:27:79:cc:5f:bb:fa:83:cf:36:c9:67:47:d7:30:ad:f3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:01 2024 GMT
Not After : Feb 24 08:53:01 2025 GMT
Subject: CN=E99E90AB3A604C3FEC61E8F1EFC9D1F114B3DCA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:9c:6a:b8:91:f9:cd:02:56:b4:32:fb:0d:
17:7b:75:7d:36:c9:52:f7:24:20:d2:a5:5a:bb:3f:
68:09:2d:67:55:64:32:3b:79:77:b2:31:3a:d9:f4:
6e:f6:41:d7:c1:03:cd:9e:cb:4a:9c:53:c3:af:85:
35:cf:a8:71:2f:b0:10:25:bb:19:0f:cf:9f:bb:7f:
f9:5f:e8:15:15:f4:f1:67:ca:27:ac:79:b2:e7:3e:
63:f3:40:1a:c7:67:bd:7b:57:fb:ab:2f:8d:f5:48:
b2:1e:72:42:0a:c4:50:9e:c2:a8:fb:98:16:30:67:
bf:d6:cf:ef:c4:c9:98:70:57:48:59:c9:19:df:43:
b4:12:3c:4a:b4:a2:63:49:52:4f:aa:11:07:99:78:
24:c7:72:c9:0e:c6:95:f5:e9:20:98:df:5b:06:14:
87:e4:2e:2b:fd:13:c4:cd:5a:41:17:c0:e5:2a:57:
d4:51:7c:48:05:2f:53:e9:d5:a8:0a:25:3f:0b:2a:
00:c3:c1:01:e4:95:c1:6a:ab:ad:81:81:d4:e8:08:
92:0b:f7:59:57:f1:c6:fb:8c:c0:1e:95:58:05:d7:
3f:fa:06:f0:86:b2:47:4c:f5:06:ed:fa:a2:ff:7c:
48:28:47:d3:2f:69:76:aa:6b:52:99:0e:eb:10:25:
e3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9E:90:AB:3A:60:4C:3F:EC:61:E8:F1:EF:C9:D1:F1:14:B3:DC:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.172.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:2f:a4:22:af:bc:14:dc:7a:9f:eb:69:36:d5:85:f9:c3:09:
1d:ee:92:d0:5d:c5:9e:e4:6c:0b:50:47:30:ed:96:07:e8:2c:
17:b3:2f:b3:62:5c:cb:7e:33:08:88:04:ff:65:15:6e:9d:98:
9e:8c:99:41:28:d6:f4:38:89:89:2a:97:7c:e3:0d:a5:e2:e8:
f6:46:07:da:c2:7f:d1:c0:29:3a:41:dc:db:ed:35:af:f6:86:
c1:8c:4d:84:d1:7a:12:f6:59:3b:f7:ff:72:72:c4:22:71:fe:
17:0b:1f:62:57:6c:34:70:b9:6f:96:dc:6b:c5:a0:36:53:36:
cb:eb:48:fb:0b:1a:d3:3c:e3:c2:6a:74:32:b1:b4:bd:fe:00:
38:40:9c:7a:f7:46:0f:50:7d:5e:07:89:ab:7e:1e:4a:a9:28:
fa:d5:e3:c5:db:37:39:db:ef:36:1f:3a:bf:d1:ed:19:58:61:
a6:d5:82:cd:ed:71:be:aa:7a:9e:67:c8:b3:21:ea:89:79:dd:
f0:0c:6e:12:c4:2f:33:c4:63:52:14:ba:d9:3c:64:9f:b0:5d:
a4:86:0f:20:73:6c:1d:c5:dc:dc:77:f9:f1:f4:90:ac:ab:4b:
18:19:69:d7:b0:26:c5:cc:83:62:56:3e:16:58:78:b1:a0:13:
09:2a:de:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU8cpJ3nMX7v6g882yWdH1zCt88QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDFaFw0yNTAyMjQwODUzMDFaMDMxMTAvBgNV
BAMTKEU5OUU5MEFCM0E2MDRDM0ZFQzYxRThGMUVGQzlEMUYxMTRCM0RDQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb8JxquJH5zQJWtDL7DRd7dX02
yVL3JCDSpVq7P2gJLWdVZDI7eXeyMTrZ9G72QdfBA82ey0qcU8OvhTXPqHEvsBAl
uxkPz5+7f/lf6BUV9PFnyiesebLnPmPzQBrHZ717V/urL431SLIeckIKxFCewqj7
mBYwZ7/Wz+/EyZhwV0hZyRnfQ7QSPEq0omNJUk+qEQeZeCTHcskOxpX16SCY31sG
FIfkLiv9E8TNWkEXwOUqV9RRfEgFL1Pp1agKJT8LKgDDwQHklcFqq62BgdToCJIL
91lX8cb7jMAelVgF1z/6BvCGskdM9Qbt+qL/fEgoR9MvaXaqa1KZDusQJeMJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6Z6QqzpgTD/sYejx78nR8RSz3KAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM3
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UrSsMA0GCSqGSIb3DQEBCwUAA4IBAQBLL6Qir7wU3Hqf62k21YX5wwkd7pLQXcWe
5GwLUEcw7ZYH6CwXsy+zYlzLfjMIiAT/ZRVunZiejJlBKNb0OImJKpd84w2l4uj2
Rgfawn/RwCk6Qdzb7TWv9obBjE2E0XoS9lk79/9ycsQicf4XCx9iV2w0cLlvltxr
xaA2UzbL60j7CxrTPOPCanQysbS9/gA4QJx690YPUH1eB4mrfh5KqSj61ePF2zc5
2+82Hzq/0e0ZWGGm1YLN7XG+qnqeZ8izIeqJed3wDG4SxC8zxGNSFLrZPGSfsF2k
hg8gc2wdxdzcd/nx9JCsq0sYGWnXsCbFzINiVj4WWHixoBMJKt5d
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org