Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
File: 38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa (raw, json)
Hash identifier: hxXc8iq+tXiiymN6iNKIILBBL/Ac2+MmX+zz8gaktV0=
Subject key identifier: 19:FB:C0:A5:0B:D6:7B:7D:82:1A:4C:47:2A:CC:46:B7:97:EC:6D:44
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 22A631264EA3FF587671282CDFB4D2EFA209E282
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
Signing time: Wed 14 Feb 2024 12:38:55 +0000
ROA not before: Wed 14 Feb 2024 12:33:55 +0000
ROA not after: Wed 12 Feb 2025 12:38:55 +0000
asID: 141995
IP address blocks: 84.247.144.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:a6:31:26:4e:a3:ff:58:76:71:28:2c:df:b4:d2:ef:a2:09:e2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 14 12:33:55 2024 GMT
Not After : Feb 12 12:38:55 2025 GMT
Subject: CN=19FBC0A50BD67B7D821A4C472ACC46B797EC6D44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:90:41:e6:5d:0d:6e:e7:1f:38:01:07:c4:
50:6c:fb:9f:e9:d2:bf:f1:ad:a4:11:27:00:16:1e:
ca:34:f3:44:74:03:3a:14:74:26:73:d6:74:77:b0:
b4:96:fe:db:44:de:cc:64:3c:51:02:c8:00:da:b6:
29:be:6a:52:6a:b4:33:49:ef:87:72:3c:26:4f:84:
ae:f5:8e:41:27:4f:b8:ba:2b:ae:83:69:33:d9:ac:
d1:27:26:01:7f:80:ed:a0:f5:d1:04:a6:d6:14:3b:
3f:10:0e:6c:47:bb:91:b7:54:26:de:21:d1:b5:e1:
f2:44:5e:0f:a2:fe:9a:02:65:f7:00:6a:72:82:c4:
ac:55:e3:70:b8:50:e2:6c:0e:8b:56:f0:a0:d8:f6:
68:6f:f4:b1:74:37:6d:1f:f9:69:ce:40:db:53:d3:
67:9e:bc:5f:8d:5b:24:88:56:7d:ea:74:dc:17:b6:
80:41:a0:f5:e2:56:07:4c:22:67:10:b8:48:13:01:
fd:1a:0f:ad:34:b9:87:b8:63:14:dd:b4:c4:43:67:
c3:27:44:5c:70:b3:c1:af:75:45:32:30:5c:a7:5c:
98:65:cc:2d:fb:5c:f7:8b:08:d7:55:f2:f5:67:6d:
1d:a9:15:a1:11:38:bc:e9:f8:99:5f:d2:7e:4d:58:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FB:C0:A5:0B:D6:7B:7D:82:1A:4C:47:2A:CC:46:B7:97:EC:6D:44
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.144.0/20
Signature Algorithm: sha256WithRSAEncryption
53:51:b5:8d:b9:0b:e3:46:d0:e6:15:1e:1f:63:88:61:1d:4b:
32:9f:5d:60:d8:1f:ed:15:3f:9b:e2:8c:92:aa:6c:5c:bb:dd:
9d:90:6b:d4:05:28:51:39:b1:c9:02:aa:20:9e:2c:d1:ef:f0:
7d:9b:5f:f6:85:39:93:b1:ae:80:9b:f4:81:75:9f:61:9c:ac:
19:ba:af:b8:51:0c:de:5f:65:21:64:0b:4d:17:fd:f2:bb:51:
99:b2:bc:e9:80:e0:6c:93:52:f7:9b:87:08:11:b1:de:9e:16:
d1:23:91:02:f1:f1:89:e9:31:c2:9f:aa:e6:a4:be:fa:d6:1e:
c9:5e:1c:fe:1e:60:38:37:3f:cd:06:76:9a:5a:38:48:02:70:
7a:0d:9d:82:4d:5d:93:52:4f:54:b3:d1:64:14:fd:9f:86:50:
c4:3b:0c:35:37:6e:95:f4:3f:f7:d8:06:0f:8c:60:7a:0a:3a:
9e:df:14:ff:6d:41:fc:b0:09:59:a6:e9:56:e0:33:6c:27:01:
5e:80:f3:4f:7a:14:d4:d2:3f:8e:68:26:84:bb:04:87:2e:f5:
76:e9:7c:35:5a:65:51:ee:d4:41:64:bf:51:54:d2:11:4a:83:
3f:2e:a1:7d:52:5b:40:f2:35:03:1f:69:d3:3b:98:ac:29:bf:
bb:da:86:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIqYxJk6j/1h2cSgs37TS76IJ4oIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMTQxMjMzNTVaFw0yNTAyMTIxMjM4NTVaMDMxMTAvBgNV
BAMTKDE5RkJDMEE1MEJENjdCN0Q4MjFBNEM0NzJBQ0M0NkI3OTdFQzZENDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJQZBB5l0NbucfOAEHxFBs+5/p
0r/xraQRJwAWHso080R0AzoUdCZz1nR3sLSW/ttE3sxkPFECyADatim+alJqtDNJ
74dyPCZPhK71jkEnT7i6K66DaTPZrNEnJgF/gO2g9dEEptYUOz8QDmxHu5G3VCbe
IdG14fJEXg+i/poCZfcAanKCxKxV43C4UOJsDotW8KDY9mhv9LF0N20f+WnOQNtT
02eevF+NWySIVn3qdNwXtoBBoPXiVgdMImcQuEgTAf0aD600uYe4YxTdtMRDZ8Mn
RFxws8GvdUUyMFynXJhlzC37XPeLCNdV8vVnbR2pFaEROLzp+Jlf0n5NWII3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGfvApQvWe32CGkxHKsxGt5fsbUQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzIzNDM3MmUzMTM0
MzQyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BARU95AwDQYJKoZIhvcNAQELBQADggEBAFNRtY25C+NG0OYVHh9jiGEdSzKfXWDY
H+0VP5vijJKqbFy73Z2Qa9QFKFE5sckCqiCeLNHv8H2bX/aFOZOxroCb9IF1n2Gc
rBm6r7hRDN5fZSFkC00X/fK7UZmyvOmA4GyTUvebhwgRsd6eFtEjkQLx8YnpMcKf
quakvvrWHsleHP4eYDg3P80GdppaOEgCcHoNnYJNXZNST1Sz0WQU/Z+GUMQ7DDU3
bpX0P/fYBg+MYHoKOp7fFP9tQfywCVmm6VbgM2wnAV6A8096FNTSP45oJoS7BIcu
9XbpfDVaZVHu1EFkv1FU0hFKgz8uoX1SW0DyNQMfadM7mKwpv7vahiQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:04 2024 by rpki-client on console-fra.rpki-client.org