Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37382e302f32342d3234203d3e20313336373837.roa
File: 38322e3139372e37382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: LTKGLwCX3BUfxuLWa4U9y68ci7mNBP1y+m4u4orxaw4=
Subject key identifier: 35:29:47:6E:FA:A7:08:B4:DE:BD:E9:BA:54:08:3B:5C:1D:09:13:F3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E87EFD906DC6BB90A5F70EDFF797A96699DDC2F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:40 +0000
ROA not before: Fri 27 Dec 2024 19:39:40 +0000
ROA not after: Fri 26 Dec 2025 19:44:40 +0000
asID: 136787
IP address blocks: 82.197.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:87:ef:d9:06:dc:6b:b9:0a:5f:70:ed:ff:79:7a:96:69:9d:dc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:40 2024 GMT
Not After : Dec 26 19:44:40 2025 GMT
Subject: CN=3529476EFAA708B4DEBDE9BA54083B5C1D0913F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:62:eb:ce:d9:e6:22:fa:59:93:92:60:be:2d:
0b:8f:08:ac:dc:7e:3e:d1:29:32:91:f3:6c:4e:86:
70:52:f7:54:24:ae:91:08:60:01:68:36:01:cb:73:
4e:83:df:cd:e8:ee:6a:08:5f:46:50:59:84:3f:87:
d2:71:56:a9:1d:d6:13:b2:bb:e1:25:bb:70:49:c4:
2c:a3:33:15:6a:0e:c9:52:dc:65:82:08:c0:56:f0:
e3:e8:c9:c5:81:29:bb:b1:7b:0c:d4:10:62:f1:90:
b7:36:f6:d4:b7:d5:32:83:a1:2f:d3:51:f2:ab:a5:
8f:07:66:fe:1a:9f:e5:0e:90:02:2c:a8:84:2b:fa:
46:57:45:e7:54:6f:9e:9e:58:85:41:84:a2:14:79:
dd:01:f5:cf:b7:c8:d8:a0:1a:93:d2:43:18:cf:ae:
c5:3c:03:cc:5b:02:e5:6b:91:8e:84:ab:ef:db:01:
5e:01:e4:ec:13:13:ba:a6:b6:ba:dd:d2:6f:d6:03:
e9:c8:2f:6a:3d:fe:8e:bb:dd:ef:b9:fe:5f:90:c2:
0b:8c:c1:d1:f3:f1:bb:d8:1b:75:ad:27:f1:de:cd:
dc:c6:b3:9d:c2:1c:58:a7:0d:08:ca:e4:4f:4a:73:
b9:04:a5:3d:14:74:57:23:44:f9:d9:71:62:c4:2d:
03:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:47:6E:FA:A7:08:B4:DE:BD:E9:BA:54:08:3B:5C:1D:09:13:F3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.78.0/24
Signature Algorithm: sha256WithRSAEncryption
56:79:ed:07:21:23:14:16:70:44:7b:05:0d:d7:82:93:b5:88:
1d:ff:13:8d:d3:12:81:e4:3f:e1:8f:31:fc:49:4a:e5:1e:94:
08:74:c6:01:d3:16:c7:f5:95:89:17:f7:a7:5c:57:41:37:72:
11:4f:cf:c5:a3:b4:95:bf:0a:23:89:72:40:63:30:b3:d2:a1:
cd:50:78:2b:97:a5:00:dd:ef:f9:bc:27:58:15:1d:8a:c2:c8:
44:39:40:b8:0e:29:18:7f:97:8c:e4:d7:4b:84:63:bf:de:fd:
d5:2a:87:63:d9:66:93:c0:0c:84:44:a6:05:0c:6e:1b:c7:b9:
71:2e:a7:5d:b4:88:97:e9:ea:c6:e0:a8:df:85:5f:c1:71:81:
85:8e:f5:94:98:78:66:fc:ad:3f:b5:c7:f1:8d:bc:45:49:4b:
84:98:60:2b:5f:6b:06:30:9c:19:63:c8:18:19:9a:8c:b2:dd:
e7:9b:34:cd:b4:d7:50:62:35:ce:52:7e:9e:b7:4d:73:d2:5c:
06:5a:a5:76:89:0d:92:93:11:fd:27:c0:66:4e:30:27:0b:fb:
f0:47:fe:a6:c0:10:4d:86:d6:00:05:c9:be:5f:14:71:9d:0f:
86:4a:fa:32:91:c7:09:52:cb:26:96:7b:ac:73:87:12:40:03:
6d:7a:57:2f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTofv2Qbca7kKX3Dt/3l6lmmd3C8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5NDBaFw0yNTEyMjYxOTQ0NDBaMDMxMTAvBgNV
BAMTKDM1Mjk0NzZFRkFBNzA4QjRERUJERTlCQTU0MDgzQjVDMUQwOTEzRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFYuvO2eYi+lmTkmC+LQuPCKzc
fj7RKTKR82xOhnBS91QkrpEIYAFoNgHLc06D383o7moIX0ZQWYQ/h9JxVqkd1hOy
u+Elu3BJxCyjMxVqDslS3GWCCMBW8OPoycWBKbuxewzUEGLxkLc29tS31TKDoS/T
UfKrpY8HZv4an+UOkAIsqIQr+kZXRedUb56eWIVBhKIUed0B9c+3yNigGpPSQxjP
rsU8A8xbAuVrkY6Eq+/bAV4B5OwTE7qmtrrd0m/WA+nIL2o9/o673e+5/l+QwguM
wdHz8bvYG3WtJ/HezdzGs53CHFinDQjK5E9Kc7kEpT0UdFcjRPnZcWLELQPdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNSlHbvqnCLTevem6VAg7XB0JE/MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM3MmUzNzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UsVOMA0GCSqGSIb3DQEBCwUAA4IBAQBWee0HISMUFnBEewUN14KTtYgd/xON0xKB
5D/hjzH8SUrlHpQIdMYB0xbH9ZWJF/enXFdBN3IRT8/Fo7SVvwojiXJAYzCz0qHN
UHgrl6UA3e/5vCdYFR2KwshEOUC4DikYf5eM5NdLhGO/3v3VKodj2WaTwAyERKYF
DG4bx7lxLqddtIiX6erG4KjfhV/BcYGFjvWUmHhm/K0/tcfxjbxFSUuEmGArX2sG
MJwZY8gYGZqMst3nmzTNtNdQYjXOUn6et01z0lwGWqV2iQ2SkxH9J8BmTjAnC/vw
R/6mwBBNhtYABcm+XxRxnQ+GSvoykccJUssmlnusc4cSQANtelcv
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:59:19 2025 by rpki-client