Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e36342e302f32322d3332203d3e203430303231.roa
File: 38322e3139372e36342e302f32322d3332203d3e203430303231.roa (raw, json)
Hash identifier: R6/rD3euB/wzX56RHIwrlsesw1t3Q0qeDb2ZoDpd9o4=
Subject key identifier: 13:56:14:2F:AD:5A:6D:AA:AF:97:36:70:A4:59:A0:54:E8:3F:56:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2306E52E6971CFE1F7FC94E2833494FD8E475DF9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e36342e302f32322d3332203d3e203430303231.roa
Signing time: Tue 19 Mar 2024 11:06:24 +0000
ROA not before: Tue 19 Mar 2024 11:01:24 +0000
ROA not after: Tue 18 Mar 2025 11:06:24 +0000
asID: 40021
IP address blocks: 82.197.64.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:06:e5:2e:69:71:cf:e1:f7:fc:94:e2:83:34:94:fd:8e:47:5d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 19 11:01:24 2024 GMT
Not After : Mar 18 11:06:24 2025 GMT
Subject: CN=1356142FAD5A6DAAAF973670A459A054E83F5672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ac:59:2e:0a:24:7c:c9:11:e1:bb:6f:13:8a:
17:bf:c1:ac:17:7d:2c:c8:e2:9e:80:6e:49:b4:25:
85:f4:66:95:63:57:ca:db:e3:2c:ce:d9:e7:6b:25:
c8:4c:d4:dc:a5:86:e8:45:dd:66:6a:48:18:80:69:
7b:a7:8a:d7:e3:4d:b8:76:03:df:93:f0:7b:34:e2:
73:6e:46:32:c7:f7:b3:ab:00:8d:f6:9e:c7:d4:65:
ad:bb:a4:15:56:3c:89:b9:5e:73:d8:42:b6:b4:69:
ac:58:a3:e9:c7:69:41:e7:6a:98:7c:9d:72:dc:6d:
76:4a:43:ed:90:2d:73:2c:d4:58:8b:46:48:ca:ff:
a8:85:f9:be:54:d5:e9:6f:bf:ff:70:2b:37:97:02:
71:6c:a1:1f:b2:f1:60:3d:55:95:38:9b:37:6e:35:
c5:20:cf:38:fb:90:d6:96:56:a0:aa:87:01:34:06:
ab:ca:d4:5e:2a:e2:b3:e1:c2:03:98:9f:a3:7f:8a:
6f:bf:ca:82:db:4d:83:c1:39:ac:bc:e2:40:2f:40:
90:d8:6f:6c:14:64:aa:d1:ae:84:3c:56:db:cf:79:
34:61:ae:fd:59:9a:29:3e:e6:b5:c4:56:58:6b:32:
ce:e0:24:42:9d:60:10:b1:70:ed:f0:52:b2:6a:d0:
7d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:56:14:2F:AD:5A:6D:AA:AF:97:36:70:A4:59:A0:54:E8:3F:56:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e36342e302f32322d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.64.0/22
Signature Algorithm: sha256WithRSAEncryption
97:96:fd:61:ab:60:65:a5:73:12:28:11:f4:60:42:e5:a7:21:
06:a4:77:74:55:d0:77:ea:6d:c6:9c:ef:e8:6f:01:16:f5:36:
99:a4:57:91:6f:13:2e:b5:4f:8a:79:e6:a4:11:2d:ce:f6:81:
bd:3e:da:57:d0:3d:57:fc:2b:80:85:24:1b:23:4a:cb:b8:b7:
fc:61:c1:e6:a1:51:5b:52:cd:b7:bb:dd:79:b8:1c:4b:19:c4:
e1:3b:31:2e:84:79:e0:99:47:66:bf:ea:a3:96:9b:c6:b2:3e:
8c:ed:72:e4:b2:fd:c5:80:24:44:03:d0:b2:97:8b:02:05:5d:
7f:fe:fd:ac:c2:6c:73:3b:48:97:e7:42:59:e4:e9:73:ed:e3:
f8:d8:b8:6b:22:ac:4d:9f:39:d2:33:ab:50:20:91:f2:c1:9b:
4e:b0:9f:8b:b8:1a:42:3d:dd:8e:f6:73:d5:2e:d3:dd:50:a5:
03:19:07:c6:43:d9:d5:d6:20:03:e5:ed:d0:da:27:64:9a:0e:
70:1a:96:ff:e5:b5:dc:28:00:a1:1d:99:a0:49:08:2d:e7:e7:
d4:4e:3b:9d:d8:62:a4:13:5f:95:28:a8:a6:3b:ed:3e:c1:ec:
f2:e1:ac:f5:0c:dd:ba:23:3b:08:49:cd:ce:43:fc:cb:75:a7:
1f:27:2a:4a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUIwblLmlxz+H3/JTigzSU/Y5HXfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMTkxMTAxMjRaFw0yNTAzMTgxMTA2MjRaMDMxMTAvBgNV
BAMTKDEzNTYxNDJGQUQ1QTZEQUFBRjk3MzY3MEE0NTlBMDU0RTgzRjU2NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUrFkuCiR8yRHhu28Tihe/wawX
fSzI4p6Abkm0JYX0ZpVjV8rb4yzO2edrJchM1NylhuhF3WZqSBiAaXunitfjTbh2
A9+T8Hs04nNuRjLH97OrAI32nsfUZa27pBVWPIm5XnPYQra0aaxYo+nHaUHnaph8
nXLcbXZKQ+2QLXMs1FiLRkjK/6iF+b5U1elvv/9wKzeXAnFsoR+y8WA9VZU4mzdu
NcUgzzj7kNaWVqCqhwE0BqvK1F4q4rPhwgOYn6N/im+/yoLbTYPBOay84kAvQJDY
b2wUZKrRroQ8VtvPeTRhrv1Zmik+5rXEVlhrMs7gJEKdYBCxcO3wUrJq0H2pAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUE1YUL61abaqvlzZwpFmgVOg/VnIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM3MmUzNjM0
MmUzMDJmMzIzMjJkMzMzMjIwM2QzZTIwMzQzMDMwMzIzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlLF
QDANBgkqhkiG9w0BAQsFAAOCAQEAl5b9YatgZaVzEigR9GBC5achBqR3dFXQd+pt
xpzv6G8BFvU2maRXkW8TLrVPinnmpBEtzvaBvT7aV9A9V/wrgIUkGyNKy7i3/GHB
5qFRW1LNt7vdebgcSxnE4TsxLoR54JlHZr/qo5abxrI+jO1y5LL9xYAkRAPQspeL
AgVdf/79rMJscztIl+dCWeTpc+3j+Ni4ayKsTZ850jOrUCCR8sGbTrCfi7gaQj3d
jvZz1S7T3VClAxkHxkPZ1dYgA+Xt0NonZJoOcBqW/+W13CgAoR2ZoEkILefn1E47
ndhipBNflSiopjvtPsHs8uGs9QzduiM7CEnNzkP8y3WnHycqSg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org