Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
File: 38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: Pnf8wrMnwO/5uDyOge4JHQ8i6tO9r8XUEA485JkUn+U=
Subject key identifier: 6E:5A:73:BC:CF:41:BB:43:FA:24:F2:FF:28:5F:AF:7E:0F:73:E7:29
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11FCC983F58AAA9A51DCD0ACBFE5056074458C6E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 20 Sep 2024 14:04:50 +0000
ROA not before: Fri 20 Sep 2024 13:59:50 +0000
ROA not after: Fri 19 Sep 2025 14:04:50 +0000
asID: 141039
IP address blocks: 83.136.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:fc:c9:83:f5:8a:aa:9a:51:dc:d0:ac:bf:e5:05:60:74:45:8c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:50 2024 GMT
Not After : Sep 19 14:04:50 2025 GMT
Subject: CN=6E5A73BCCF41BB43FA24F2FF285FAF7E0F73E729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:61:01:e8:b9:c9:96:95:49:5e:8e:7c:77:6f:
f3:60:89:52:92:b5:87:3e:59:19:be:1c:ae:cf:2f:
8a:ae:08:d0:71:1d:fe:af:1d:13:c8:91:5a:79:45:
54:53:a1:68:55:60:d7:2c:1c:40:3e:07:38:e3:f7:
8f:20:80:27:71:60:42:72:ab:4e:2f:72:af:a9:37:
46:93:72:eb:eb:8e:95:7d:82:82:15:e3:84:b4:5c:
bf:bd:50:f4:39:5d:06:b3:8b:e7:1b:14:c7:21:38:
8e:4d:f1:56:c3:9a:31:c6:e8:f9:14:ff:cb:31:5e:
a0:9a:0e:9c:b6:63:76:41:d9:0b:a7:aa:83:46:e9:
49:a8:a9:b9:49:43:3f:37:fd:c7:33:64:46:67:5c:
b5:84:48:d0:c6:ba:fa:a7:5f:cf:69:a7:5b:f2:77:
2e:00:7f:26:14:49:e4:dc:ef:8c:dd:fc:6f:b3:f1:
a1:81:d9:5e:cd:87:51:dc:97:ca:f7:7e:68:8f:5f:
0f:a1:9d:d0:56:76:40:29:00:b8:a1:b7:13:d9:48:
71:74:df:70:42:37:a7:eb:a4:04:29:3e:31:36:f3:
6e:f4:cc:d2:42:96:bf:ff:b8:c1:f2:0d:3c:30:32:
9a:d4:20:7d:f1:2e:fa:cc:04:d7:79:7a:ec:95:5c:
35:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5A:73:BC:CF:41:BB:43:FA:24:F2:FF:28:5F:AF:7E:0F:73:E7:29
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.182.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:43:96:d0:a6:47:12:83:7f:04:c6:e9:e1:ee:3f:19:8b:60:
09:10:52:97:59:89:22:33:ea:e9:ed:33:d2:56:73:2a:7d:48:
23:a7:2a:70:6f:5f:6d:b6:53:05:52:1f:d3:5e:98:2d:ad:60:
81:f1:70:57:2e:e2:3b:02:a3:8c:f6:4a:90:08:2e:fb:92:2c:
c1:d5:39:ee:0f:e4:ed:a4:cb:f3:97:ae:37:ab:0a:15:d2:45:
04:27:5a:1e:06:00:4a:10:04:3a:be:d2:f1:7e:53:95:42:3d:
cf:95:b6:d7:4b:45:c2:4f:7d:0e:1e:4a:fb:c2:c3:b8:d9:82:
a8:df:d2:fa:a7:92:cb:1f:24:59:32:82:19:c7:16:67:94:2a:
85:96:6c:5f:50:ae:04:49:24:38:af:78:67:3f:dc:f3:3f:28:
de:8b:d8:ff:b0:c7:74:33:f8:7c:a9:05:37:ae:0a:f4:32:e0:
76:1d:c0:44:3b:35:78:02:9b:b9:6c:5f:96:92:3b:d9:a5:f7:
fc:8a:e4:2b:ef:00:4c:b5:b8:43:9b:ff:13:d9:e5:4b:d8:e4:
cb:0f:4d:2f:96:a4:0f:03:5b:72:b9:3a:b3:22:41:67:f2:6c:
c1:fb:e2:d1:80:a1:7e:35:ac:0d:9c:07:65:b0:8b:19:85:fb:
51:df:0f:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEfzJg/WKqppR3NCsv+UFYHRFjG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NTBaFw0yNTA5MTkxNDA0NTBaMDMxMTAvBgNV
BAMTKDZFNUE3M0JDQ0Y0MUJCNDNGQTI0RjJGRjI4NUZBRjdFMEY3M0U3MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmYQHoucmWlUlejnx3b/NgiVKS
tYc+WRm+HK7PL4quCNBxHf6vHRPIkVp5RVRToWhVYNcsHEA+Bzjj948ggCdxYEJy
q04vcq+pN0aTcuvrjpV9goIV44S0XL+9UPQ5XQazi+cbFMchOI5N8VbDmjHG6PkU
/8sxXqCaDpy2Y3ZB2QunqoNG6UmoqblJQz83/cczZEZnXLWESNDGuvqnX89pp1vy
dy4AfyYUSeTc74zd/G+z8aGB2V7Nh1Hcl8r3fmiPXw+hndBWdkApALihtxPZSHF0
33BCN6frpAQpPjE28270zNJClr//uMHyDTwwMprUIH3xLvrMBNd5euyVXDVlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUblpzvM9Bu0P6JPL/KF+vfg9z5ykwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLYwDQYJKoZIhvcNAQELBQADggEBAExDltCmRxKDfwTG6eHuPxmLYAkQUpdZ
iSIz6untM9JWcyp9SCOnKnBvX222UwVSH9NemC2tYIHxcFcu4jsCo4z2SpAILvuS
LMHVOe4P5O2ky/OXrjerChXSRQQnWh4GAEoQBDq+0vF+U5VCPc+VttdLRcJPfQ4e
SvvCw7jZgqjf0vqnkssfJFkyghnHFmeUKoWWbF9QrgRJJDiveGc/3PM/KN6L2P+w
x3Qz+HypBTeuCvQy4HYdwEQ7NXgCm7lsX5aSO9ml9/yK5CvvAEy1uEOb/xPZ5UvY
5MsPTS+WpA8DW3K5OrMiQWfybMH74tGAoX41rA2cB2WwixmF+1HfDxs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org