Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa
File: 38342e3234372e3136302e302f31392d3332203d3e203531313637.roa (raw, json)
Hash identifier: 9flIJFuxv6z+Au3kt2FKGKwJ9NhTp956KUi9xm/tIVU=
Subject key identifier: 06:E3:33:A8:F3:47:2A:14:45:4F:C7:50:49:D4:6E:0D:04:92:12:15
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A9CE8458258FAE89233F7F40C1DA6D63F1F7D99
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa
Signing time: Mon 15 Jan 2024 17:12:22 +0000
ROA not before: Mon 15 Jan 2024 17:07:22 +0000
ROA not after: Mon 13 Jan 2025 17:12:22 +0000
asID: 51167
IP address blocks: 84.247.160.0/19 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:9c:e8:45:82:58:fa:e8:92:33:f7:f4:0c:1d:a6:d6:3f:1f:7d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 15 17:07:22 2024 GMT
Not After : Jan 13 17:12:22 2025 GMT
Subject: CN=06E333A8F3472A14454FC75049D46E0D04921215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:39:83:ab:ee:7b:c9:52:c1:10:03:e0:01:a1:
9b:4e:91:db:8e:92:db:47:cb:3c:79:01:0b:90:ed:
93:2b:e5:4b:a2:9b:50:d0:cd:48:11:c8:87:68:e4:
7b:f1:27:77:b8:d3:91:2d:76:c9:e7:f6:ec:cb:15:
d5:41:5b:c1:37:af:35:4a:c1:c1:e6:cd:cc:f2:6e:
6f:52:31:c8:40:9a:f4:a7:e1:2a:a2:75:8a:9e:59:
6e:32:f5:98:87:f7:81:07:67:c5:10:42:f1:cc:2b:
df:06:bb:84:f1:98:aa:fe:0d:8b:d5:f1:c7:a1:ad:
30:15:70:dd:9a:c8:a7:f5:28:1e:db:e4:e2:31:f5:
f1:a4:3a:30:36:bf:3f:f9:9c:fb:51:1f:46:de:5b:
b3:a4:52:3a:3b:8b:be:ec:32:a9:74:ef:75:64:cc:
32:6a:a5:76:9f:f3:2e:0f:41:fa:ab:72:ea:dd:59:
7f:b8:f1:17:1c:78:87:f8:d0:81:9f:c7:32:7c:eb:
66:72:90:dd:3e:89:3b:78:a0:6e:f7:d3:c7:2d:0a:
50:60:7c:81:14:7c:49:21:50:25:8c:56:a8:4c:95:
56:33:21:b4:e8:84:58:a8:90:a7:fd:08:37:78:d0:
9e:57:62:e7:6e:b7:7c:89:0c:7c:05:b1:f7:c5:71:
c3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E3:33:A8:F3:47:2A:14:45:4F:C7:50:49:D4:6E:0D:04:92:12:15
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.160.0/19
Signature Algorithm: sha256WithRSAEncryption
8d:1b:e2:74:c7:2d:13:be:c0:16:2b:ae:77:14:45:b8:cc:1b:
75:bb:c5:f0:51:8b:49:75:de:d0:33:7a:ca:bc:87:96:b1:43:
3b:60:16:a3:75:98:9c:63:f6:45:4f:7c:09:2e:f7:07:7c:25:
2b:0e:4c:fd:b3:fb:e3:5c:d3:52:8a:13:ca:57:db:d9:6a:c4:
23:ea:bc:7d:6d:d5:fb:3e:34:7b:ea:5f:65:b3:1e:40:29:68:
69:51:26:55:e4:28:7d:b0:2b:41:e7:b2:d5:7a:86:43:52:f6:
78:fd:7d:1f:a3:c1:54:ac:df:b0:14:08:af:d6:6d:87:05:0a:
1c:c8:b6:a1:44:00:f1:e9:f1:c1:f5:69:ea:3c:6c:0c:b4:6f:
d7:aa:f7:50:76:c1:42:fc:5a:c5:fe:49:df:7a:0c:a5:9a:3b:
87:dc:97:e4:da:1e:a2:4c:bc:29:8c:b4:7f:3c:67:d5:7b:ac:
e7:fd:65:b0:d4:60:16:f3:fe:95:bb:4f:85:2d:52:69:f1:fc:
d7:12:6a:bb:93:9d:d0:73:cf:fe:1b:c3:3f:cf:5b:58:b8:b1:
6a:89:d1:c2:15:db:bd:e0:78:7c:c8:d7:8a:c1:f7:9c:8c:0a:
af:79:c4:70:1b:25:23:f7:bf:a9:34:ac:1e:26:53:f6:da:57:
0d:51:7c:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCpzoRYJY+uiSM/f0DB2m1j8ffZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTUxNzA3MjJaFw0yNTAxMTMxNzEyMjJaMDMxMTAvBgNV
BAMTKDA2RTMzM0E4RjM0NzJBMTQ0NTRGQzc1MDQ5RDQ2RTBEMDQ5MjEyMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOYOr7nvJUsEQA+ABoZtOkduO
kttHyzx5AQuQ7ZMr5Uuim1DQzUgRyIdo5HvxJ3e405Etdsnn9uzLFdVBW8E3rzVK
wcHmzczybm9SMchAmvSn4SqidYqeWW4y9ZiH94EHZ8UQQvHMK98Gu4TxmKr+DYvV
8cehrTAVcN2ayKf1KB7b5OIx9fGkOjA2vz/5nPtRH0beW7OkUjo7i77sMql073Vk
zDJqpXaf8y4PQfqrcurdWX+48RcceIf40IGfxzJ862ZykN0+iTt4oG7308ctClBg
fIEUfEkhUCWMVqhMlVYzIbTohFiokKf9CDd40J5XYudut3yJDHwFsffFccO9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBuMzqPNHKhRFT8dQSdRuDQSSEhUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzIzNDM3MmUzMTM2
MzAyZTMwMmYzMTM5MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
VPegMA0GCSqGSIb3DQEBCwUAA4IBAQCNG+J0xy0TvsAWK653FEW4zBt1u8XwUYtJ
dd7QM3rKvIeWsUM7YBajdZicY/ZFT3wJLvcHfCUrDkz9s/vjXNNSihPKV9vZasQj
6rx9bdX7PjR76l9lsx5AKWhpUSZV5Ch9sCtB57LVeoZDUvZ4/X0fo8FUrN+wFAiv
1m2HBQocyLahRADx6fHB9WnqPGwMtG/XqvdQdsFC/FrF/knfegylmjuH3Jfk2h6i
TLwpjLR/PGfVe6zn/WWw1GAW8/6Vu0+FLVJp8fzXEmq7k53Qc8/+G8M/z1tYuLFq
idHCFdu94Hh8yNeKwfecjAqvecRwGyUj97+pNKweJlP22lcNUXwq
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:50 2024 by rpki-client on console-ams.rpki-client.org