Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138332e302f32342d3234203d3e20313336373837.roa
File: 38332e3133362e3138332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6u8NH8pj/5BcK1lwDB12NMkzjcBQSebzvPw+AwHA+qk=
Subject key identifier: F7:63:37:86:00:90:DB:16:75:85:24:A1:2D:F3:9B:83:D2:47:B4:2C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2EA3119A948D1E91425727266DD47EC5ADE3B8C3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Sep 2024 14:05:00 +0000
ROA not before: Fri 20 Sep 2024 14:00:00 +0000
ROA not after: Fri 19 Sep 2025 14:05:00 +0000
asID: 136787
IP address blocks: 83.136.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:a3:11:9a:94:8d:1e:91:42:57:27:26:6d:d4:7e:c5:ad:e3:b8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 14:00:00 2024 GMT
Not After : Sep 19 14:05:00 2025 GMT
Subject: CN=F76337860090DB16758524A12DF39B83D247B42C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:1e:8b:59:97:e9:3c:0c:b5:08:6f:97:c4:
6d:d3:0a:7b:ae:a1:24:9a:2b:a7:0f:72:f8:c0:ed:
60:02:16:6b:ef:90:13:07:9d:31:cf:05:c5:e6:a0:
88:06:31:25:69:2f:42:e5:ae:48:a4:94:d8:b6:67:
68:91:be:c6:ff:90:3b:8e:43:a5:82:61:b2:b0:89:
d7:96:04:5d:66:40:f3:c7:25:5d:be:24:94:23:46:
ba:e6:87:2e:62:9e:dc:48:34:12:d5:ff:f9:3e:21:
24:ad:d7:45:97:6c:16:be:80:e2:6b:75:1e:e9:6c:
89:7c:0a:79:9c:99:31:01:b6:bf:ec:75:48:d8:98:
3e:65:9d:ec:0d:d8:db:ca:23:a7:b6:10:c7:dc:39:
5a:f6:ee:94:09:98:63:e3:da:09:73:bb:e5:31:8d:
f0:f3:d2:4f:ff:8e:ed:c2:33:fe:32:a6:29:94:89:
ba:f3:6e:b4:7e:37:e9:ae:3f:2d:50:56:93:04:70:
a2:15:95:79:1c:3c:51:2f:e3:58:aa:29:7b:86:49:
6c:c1:ca:b7:18:37:af:4b:fd:db:06:c8:d4:84:e2:
b9:02:07:43:7c:80:78:ae:af:60:f9:f6:ad:79:3c:
1c:31:b0:16:cd:00:93:5b:e9:b0:c5:90:35:07:5e:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:63:37:86:00:90:DB:16:75:85:24:A1:2D:F3:9B:83:D2:47:B4:2C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.183.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ba:4b:c3:ca:25:bd:a3:de:9e:e1:9e:24:4b:99:33:33:5e:
7f:21:9e:53:64:b6:c4:07:1a:45:d5:b3:d6:d6:63:a4:fb:26:
88:81:d5:6f:a8:07:1a:7d:53:e2:f2:f4:4c:d4:b5:d8:87:2c:
42:a2:62:0a:e8:a7:0f:86:9f:f8:fb:93:87:98:1b:43:b7:71:
cd:02:c8:72:1a:6a:48:7a:32:1b:3f:ae:03:e8:58:fd:f5:4c:
28:20:68:4e:bc:f7:cb:3e:1e:39:6a:7b:c0:0b:49:0a:ff:c9:
c1:03:6e:02:88:17:1e:9d:de:5a:c6:bd:e9:2f:8f:b5:e3:14:
09:c7:49:75:14:67:a9:41:28:7e:48:df:34:fc:90:49:9c:0f:
23:8e:6f:58:f9:5f:ad:8c:a8:4b:6e:e0:41:d6:59:cb:e6:ba:
1f:bd:88:00:d5:73:0b:91:34:01:18:22:d2:b8:3d:23:9b:bd:
13:e0:00:ce:8a:ad:9c:f6:d6:4f:31:be:75:a5:9c:b6:92:d9:
50:09:65:65:d4:05:5c:9f:00:56:39:9f:98:83:0e:65:c7:b6:
5e:70:7b:81:0f:84:94:24:2c:fe:a0:41:6e:28:b6:b6:90:22:
82:0e:53:87:3d:bb:ca:4d:b6:e9:d4:de:e0:47:72:a4:4d:7b:
fe:82:5c:fd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULqMRmpSNHpFCVycmbdR+xa3juMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxNDAwMDBaFw0yNTA5MTkxNDA1MDBaMDMxMTAvBgNV
BAMTKEY3NjMzNzg2MDA5MERCMTY3NTg1MjRBMTJERjM5QjgzRDI0N0I0MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZB6LWZfpPAy1CG+XxG3TCnuu
oSSaK6cPcvjA7WACFmvvkBMHnTHPBcXmoIgGMSVpL0LlrkiklNi2Z2iRvsb/kDuO
Q6WCYbKwideWBF1mQPPHJV2+JJQjRrrmhy5intxINBLV//k+ISSt10WXbBa+gOJr
dR7pbIl8CnmcmTEBtr/sdUjYmD5lnewN2NvKI6e2EMfcOVr27pQJmGPj2glzu+Ux
jfDz0k//ju3CM/4ypimUibrzbrR+N+muPy1QVpMEcKIVlXkcPFEv41iqKXuGSWzB
yrcYN69L/dsGyNSE4rkCB0N8gHiur2D59q15PBwxsBbNAJNb6bDFkDUHXv93AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU92M3hgCQ2xZ1hSShLfObg9JHtCwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLcwDQYJKoZIhvcNAQELBQADggEBAEK6S8PKJb2j3p7hniRLmTMzXn8hnlNk
tsQHGkXVs9bWY6T7JoiB1W+oBxp9U+Ly9EzUtdiHLEKiYgropw+Gn/j7k4eYG0O3
cc0CyHIaakh6Mhs/rgPoWP31TCggaE6898s+Hjlqe8ALSQr/ycEDbgKIFx6d3lrG
vekvj7XjFAnHSXUUZ6lBKH5I3zT8kEmcDyOOb1j5X62MqEtu4EHWWcvmuh+9iADV
cwuRNAEYItK4PSObvRPgAM6KrZz21k8xvnWlnLaS2VAJZWXUBVyfAFY5n5iDDmXH
tl5we4EPhJQkLP6gQW4otraQIoIOU4c9u8pNtunU3uBHcqRNe/6CXP0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org