Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
File: 38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa (raw, json)
Hash identifier: WKdQ51rBEp9RwfB3KgAhbKbLuW5QnlhjR9ruH+AbECQ=
Subject key identifier: F9:A8:81:E2:37:8B:FC:68:A9:1F:88:80:19:AE:65:9E:41:71:A7:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7D0966C3691AD01CD74DFA59E71AC5A3A17BA2D9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
Signing time: Wed 15 Jan 2025 12:44:45 +0000
ROA not before: Wed 15 Jan 2025 12:39:45 +0000
ROA not after: Wed 14 Jan 2026 12:44:45 +0000
asID: 141995
IP address blocks: 84.247.144.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:09:66:c3:69:1a:d0:1c:d7:4d:fa:59:e7:1a:c5:a3:a1:7b:a2:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 15 12:39:45 2025 GMT
Not After : Jan 14 12:44:45 2026 GMT
Subject: CN=F9A881E2378BFC68A91F888019AE659E4171A7C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:42:0e:c9:fd:9f:35:c7:ce:cd:db:fc:51:
95:64:ac:0e:84:4a:80:a6:3f:c8:3a:47:3f:10:5d:
d2:8d:18:0f:93:9a:79:a5:6b:a3:79:69:ba:21:5d:
e9:0f:94:01:36:5e:1c:05:0d:e2:8b:20:b1:d8:9a:
b5:fe:61:0c:7e:f5:9f:1c:f6:68:b8:37:db:78:eb:
0e:d7:23:33:dc:75:11:f1:b4:b9:38:d6:f8:93:58:
6d:76:bb:df:99:30:0c:a1:65:ad:2c:4d:6c:5d:0f:
4e:ea:5c:8e:1f:ea:f7:92:ff:1e:23:06:d6:60:97:
6b:1d:ae:7c:c1:e5:09:cd:8f:f3:87:e0:99:e6:d1:
ce:cb:36:eb:3b:ad:db:f7:c4:f5:27:0c:c6:a0:f9:
6a:85:9d:65:f0:42:4b:c9:fa:46:a1:d1:70:40:29:
e8:2c:2d:5c:8a:be:39:c5:9f:c9:55:bc:e3:f3:67:
5c:0b:aa:de:29:0f:13:6c:cb:6b:9e:5e:b3:fa:71:
d5:48:9d:ad:05:f2:45:3d:89:23:1b:04:bb:ff:5f:
1d:63:e3:95:eb:74:98:de:c5:ee:db:4c:0e:cb:67:
4d:9d:00:01:b4:f3:7e:d3:c3:32:20:01:79:94:2c:
d5:c2:b7:1b:71:2b:db:01:e9:24:b8:82:f5:15:a3:
51:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A8:81:E2:37:8B:FC:68:A9:1F:88:80:19:AE:65:9E:41:71:A7:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3134342e302f32302d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.144.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:4c:7e:38:91:bc:ce:ee:dc:3c:98:03:04:50:ca:93:5a:01:
86:ad:3d:5a:a3:d5:00:5d:4b:99:f2:ed:01:a4:9a:3b:b2:0d:
ed:fa:a1:8b:92:a0:8a:04:2c:08:c3:87:a1:5c:cc:87:da:b1:
07:ae:67:98:46:86:9a:60:83:18:4a:95:2f:53:ce:0e:23:20:
df:c7:b3:5a:9c:fa:38:7d:99:12:1f:20:92:f1:ea:d3:f6:71:
58:a7:f0:74:84:40:2b:ef:a0:84:41:21:29:c9:81:eb:3e:3f:
1a:1c:19:85:c7:62:1e:75:c2:0f:bd:ea:4b:71:59:65:91:b2:
e4:ea:31:e1:64:9d:56:67:58:df:e5:94:f7:08:d2:00:4e:88:
ce:2b:c6:42:45:d9:33:5c:71:f4:58:8a:d1:97:db:fa:08:3f:
cb:b8:50:2f:1e:d9:8f:dc:00:10:2c:0e:6e:af:01:4d:6b:5b:
af:d7:3d:14:10:97:43:05:25:f9:37:db:d2:b6:f8:35:54:22:
cf:0a:9c:de:50:33:39:b8:08:c3:f4:74:72:c0:55:d2:ab:c7:
36:7c:41:bd:49:95:58:0a:12:34:b8:1a:65:c7:0c:c2:95:cf:
ed:12:96:2d:b2:3e:27:3e:20:39:e2:1e:ab:96:0d:a7:d2:ce:
6a:fb:65:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfQlmw2ka0BzXTfpZ5xrFo6F7otkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMTUxMjM5NDVaFw0yNjAxMTQxMjQ0NDVaMDMxMTAvBgNV
BAMTKEY5QTg4MUUyMzc4QkZDNjhBOTFGODg4MDE5QUU2NTlFNDE3MUE3QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy4UIOyf2fNcfOzdv8UZVkrA6E
SoCmP8g6Rz8QXdKNGA+Tmnmla6N5abohXekPlAE2XhwFDeKLILHYmrX+YQx+9Z8c
9mi4N9t46w7XIzPcdRHxtLk41viTWG12u9+ZMAyhZa0sTWxdD07qXI4f6veS/x4j
BtZgl2sdrnzB5QnNj/OH4Jnm0c7LNus7rdv3xPUnDMag+WqFnWXwQkvJ+kah0XBA
KegsLVyKvjnFn8lVvOPzZ1wLqt4pDxNsy2ueXrP6cdVIna0F8kU9iSMbBLv/Xx1j
45XrdJjexe7bTA7LZ02dAAG0837TwzIgAXmULNXCtxtxK9sB6SS4gvUVo1EhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+aiB4jeL/GipH4iAGa5lnkFxp8QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzIzNDM3MmUzMTM0
MzQyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BARU95AwDQYJKoZIhvcNAQELBQADggEBAG1MfjiRvM7u3DyYAwRQypNaAYatPVqj
1QBdS5ny7QGkmjuyDe36oYuSoIoELAjDh6FczIfasQeuZ5hGhppggxhKlS9Tzg4j
IN/Hs1qc+jh9mRIfIJLx6tP2cVin8HSEQCvvoIRBISnJges+PxocGYXHYh51wg+9
6ktxWWWRsuTqMeFknVZnWN/llPcI0gBOiM4rxkJF2TNccfRYitGX2/oIP8u4UC8e
2Y/cABAsDm6vAU1rW6/XPRQQl0MFJfk329K2+DVUIs8KnN5QMzm4CMP0dHLAVdKr
xzZ8Qb1JlVgKEjS4GmXHDMKVz+0Sli2yPic+IDniHquWDafSzmr7ZZg=
-----END CERTIFICATE-----
Generated at Thu Apr 3 03:37:46 2025 by rpki-client