Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
File: 38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa (raw, json)
Hash identifier: fwle9PammGydS2ePBXxoCYDqemadciv94Xknk1avbpY=
Subject key identifier: BD:72:BC:E7:41:28:F8:1C:04:23:06:54:E2:87:23:93:5D:EF:D9:EC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1BEBD7FFFB3AE4E2C3FA3A842E031F8B9530C339
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
Signing time: Tue 02 Apr 2024 09:28:31 +0000
ROA not before: Tue 02 Apr 2024 09:23:31 +0000
ROA not after: Tue 01 Apr 2025 09:28:31 +0000
asID: 198247
IP address blocks: 82.180.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:eb:d7:ff:fb:3a:e4:e2:c3:fa:3a:84:2e:03:1f:8b:95:30:c3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 09:23:31 2024 GMT
Not After : Apr 1 09:28:31 2025 GMT
Subject: CN=BD72BCE74128F81C04230654E28723935DEFD9EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4e:cc:26:fe:70:18:10:d9:15:7d:ae:f3:44:
e1:08:6b:df:ed:b6:b0:f0:a5:f2:29:c6:34:4c:e7:
2a:6e:09:98:d8:f1:43:06:ed:0f:f5:17:1f:4b:e0:
8d:61:2f:38:45:d4:c9:6e:ae:05:b4:05:59:77:f9:
fe:90:0d:64:63:3a:45:ae:af:60:85:6d:49:c8:e7:
75:2d:16:3e:3f:61:29:7a:13:e1:59:22:af:57:16:
73:fe:e0:71:37:37:8b:c8:ff:ef:e8:a6:ad:46:05:
a2:4b:a5:a5:bd:27:d8:4d:3f:d4:ba:0a:fc:4e:42:
b8:db:75:56:82:24:e2:fe:ca:3e:76:70:83:2d:83:
c5:10:b9:1f:33:80:9a:f2:46:10:7c:03:3d:38:2a:
ab:76:42:67:c0:3b:93:72:1d:e5:89:22:f6:73:d4:
8a:e8:54:6d:8d:46:18:44:0f:dc:45:cb:a9:6f:53:
12:b2:e3:af:7f:d9:c7:a3:46:83:90:94:dd:f9:15:
cc:14:31:11:1d:88:4b:26:b5:65:8e:4b:56:0c:55:
c2:16:9c:13:11:5d:7a:c7:53:a8:d7:88:a5:3c:2d:
91:4e:fa:dd:34:9e:81:af:d9:66:3a:f5:71:2d:cb:
4f:39:8e:57:ec:79:65:38:5f:87:b9:a0:d8:02:b6:
93:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:72:BC:E7:41:28:F8:1C:04:23:06:54:E2:87:23:93:5D:EF:D9:EC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.176.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e7:45:6b:d1:15:22:33:fc:1d:8a:e5:e3:fa:ae:ed:b0:7f:
c3:b3:7c:99:91:c7:ee:60:03:45:8e:6e:47:b7:c4:39:35:48:
96:cc:76:20:9b:44:4d:fd:14:ed:ad:69:56:fb:c9:a9:39:3a:
df:2f:cb:a1:7d:95:cb:bb:e4:0e:ff:57:a0:93:28:35:2b:92:
78:0c:33:12:fb:d8:75:eb:72:ba:6e:2c:c4:c5:e4:6e:6f:8f:
01:0c:74:95:90:33:8a:ac:5b:aa:4d:75:18:33:d9:ab:58:b4:
a5:6c:a8:5e:c0:73:54:36:25:38:a2:d3:3e:84:1a:e4:3b:ec:
5d:cf:9d:14:82:e7:5a:4c:70:4f:30:2f:ed:e7:43:cf:32:4f:
be:1c:2b:a2:0a:f0:73:8d:2c:a0:a1:9a:4f:01:aa:92:dc:03:
f1:18:61:9d:82:52:e2:18:5e:00:53:68:01:83:e0:43:46:af:
d9:e5:1e:91:6b:a6:82:92:20:bb:bd:56:a2:ab:8e:f4:c9:e5:
da:7d:6a:9e:ae:7c:45:7c:58:77:45:db:23:f5:d7:9b:e8:08:
fa:44:e8:7c:9a:0c:ac:84:4f:b1:f1:b6:97:4d:4c:7a:b0:80:
97:15:da:53:be:c5:67:9b:c5:b4:77:e5:e2:0e:14:b1:7f:f9:
b0:d5:62:23
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG+vX//s65OLD+jqELgMfi5UwwzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDIwOTIzMzFaFw0yNTA0MDEwOTI4MzFaMDMxMTAvBgNV
BAMTKEJENzJCQ0U3NDEyOEY4MUMwNDIzMDY1NEUyODcyMzkzNURFRkQ5RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKTswm/nAYENkVfa7zROEIa9/t
trDwpfIpxjRM5ypuCZjY8UMG7Q/1Fx9L4I1hLzhF1MlurgW0BVl3+f6QDWRjOkWu
r2CFbUnI53UtFj4/YSl6E+FZIq9XFnP+4HE3N4vI/+/opq1GBaJLpaW9J9hNP9S6
CvxOQrjbdVaCJOL+yj52cIMtg8UQuR8zgJryRhB8Az04Kqt2QmfAO5NyHeWJIvZz
1IroVG2NRhhED9xFy6lvUxKy469/2cejRoOQlN35FcwUMREdiEsmtWWOS1YMVcIW
nBMRXXrHU6jXiKU8LZFO+t00noGv2WY69XEty085jlfseWU4X4e5oNgCtpOjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvXK850Eo+BwEIwZU4ocjk13v2ewwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM0Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABStLAwDQYJKoZIhvcNAQELBQADggEBAJrnRWvRFSIz/B2K5eP6ru2wf8OzfJmR
x+5gA0WObke3xDk1SJbMdiCbRE39FO2taVb7yak5Ot8vy6F9lcu75A7/V6CTKDUr
kngMMxL72HXrcrpuLMTF5G5vjwEMdJWQM4qsW6pNdRgz2atYtKVsqF7Ac1Q2JTii
0z6EGuQ77F3PnRSC51pMcE8wL+3nQ88yT74cK6IK8HONLKChmk8BqpLcA/EYYZ2C
UuIYXgBTaAGD4ENGr9nlHpFrpoKSILu9VqKrjvTJ5dp9ap6ufEV8WHdF2yP115vo
CPpE6HyaDKyET7HxtpdNTHqwgJcV2lO+xWebxbR35eIOFLF/+bDVYiM=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:37 2024 by rpki-client on console-fra.rpki-client.org