Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
File: 38342e33392e3134382e302f32332d3234203d3e203630363634.roa (raw, json)
Hash identifier: iaMl9yehwZf+bt52mH9pht1jty239dUmG0PCbJbor+k=
Subject key identifier: 4F:E3:E7:F7:42:D9:81:EE:99:05:F8:CD:80:63:25:D2:2E:F3:01:F4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5AA72F0373DE4186658E7E1C5F382E2A31D9EDB8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
Signing time: Fri 21 Jul 2023 16:43:20 +0000
ROA not before: Fri 21 Jul 2023 16:38:20 +0000
ROA not after: Fri 19 Jul 2024 16:43:20 +0000
asID: 60664
IP address blocks: 84.39.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:a7:2f:03:73:de:41:86:65:8e:7e:1c:5f:38:2e:2a:31:d9:ed:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 16:38:20 2023 GMT
Not After : Jul 19 16:43:20 2024 GMT
Subject: CN=4FE3E7F742D981EE9905F8CD806325D22EF301F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:8b:ca:22:71:5c:fa:32:a5:a3:40:65:62:
7f:e2:3c:a3:88:02:bc:63:f9:3b:2c:6b:b8:ed:9d:
aa:5d:98:46:31:4a:80:0a:04:16:99:61:a7:68:47:
a4:9b:56:72:49:72:43:67:8d:35:bd:85:9f:d1:2e:
be:08:eb:1d:95:f1:33:60:15:5f:f5:95:6e:54:57:
22:e7:6f:f5:df:54:1b:c0:44:12:b1:14:5d:45:86:
7a:ef:9f:ad:e7:a5:1c:90:01:97:a7:07:79:bd:f2:
fd:e7:b0:c1:cd:ba:33:a7:f0:33:8c:d9:f9:44:9c:
b6:2f:a6:ef:88:9b:82:05:ca:c5:3f:7c:79:cb:e6:
73:78:58:b3:af:1c:3d:f9:99:53:76:a7:cc:11:aa:
15:88:04:be:35:b2:dd:d9:7e:b2:15:02:f0:75:da:
17:91:b1:60:79:c1:35:38:b9:3a:bf:e7:7c:d0:a7:
da:db:2f:0a:57:84:26:88:02:6f:bc:44:00:14:44:
98:55:7a:e2:25:e0:59:c3:3c:17:94:26:ed:08:31:
b3:31:e8:4c:cf:52:e5:8a:33:fb:38:48:87:33:17:
56:38:08:3e:26:c0:4b:d0:59:36:fa:e4:eb:0d:4c:
a7:04:08:0d:e2:0a:81:0a:47:1d:bc:73:0b:37:89:
75:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E3:E7:F7:42:D9:81:EE:99:05:F8:CD:80:63:25:D2:2E:F3:01:F4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.148.0/23
Signature Algorithm: sha256WithRSAEncryption
95:7f:86:dd:65:0b:7f:00:0c:4c:4e:a7:f2:b4:db:c5:05:ad:
52:24:8b:42:fe:81:a1:f5:d8:4a:e0:46:ae:1a:1a:c9:74:90:
1b:7e:e1:13:bb:49:7a:01:25:32:45:de:aa:3d:93:03:8b:4f:
b5:36:aa:ea:23:50:09:0d:5b:ca:4e:39:e6:db:bb:a2:7b:a6:
7c:08:9f:c2:17:48:f5:2a:37:77:9c:39:86:fd:7d:45:d6:00:
d5:b0:8a:c7:51:99:58:99:4b:d4:44:07:20:85:f1:f9:f4:68:
4a:65:fa:c5:4f:b4:69:76:3c:b7:7b:4c:17:34:79:de:88:9f:
eb:33:c1:26:52:9b:f3:09:cc:4b:cf:51:d1:5d:a8:21:66:91:
bb:5f:31:5b:31:33:3e:1a:0b:d0:6d:54:66:04:be:b7:42:f1:
cb:d0:7a:63:8b:bf:1a:26:e1:51:ef:b1:ad:83:81:d8:d8:c0:
03:94:d3:b3:eb:b7:32:6b:cf:23:6e:5c:b8:f0:58:a5:fd:04:
d5:7a:6f:f3:66:81:08:b0:89:b7:2b:af:df:09:21:7f:54:ad:
26:bc:6b:cd:8b:34:3e:7e:5f:5d:86:5d:9d:3c:a3:dd:d0:05:
59:d7:07:80:c5:85:96:7b:b7:e3:b3:21:8f:a5:a5:bc:c6:8e:
5f:4c:b7:0f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWqcvA3PeQYZljn4cXzguKjHZ7bgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA3MjExNjM4MjBaFw0yNDA3MTkxNjQzMjBaMDMxMTAvBgNV
BAMTKDRGRTNFN0Y3NDJEOTgxRUU5OTA1RjhDRDgwNjMyNUQyMkVGMzAxRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDReYvKInFc+jKlo0BlYn/iPKOI
Arxj+Tssa7jtnapdmEYxSoAKBBaZYadoR6SbVnJJckNnjTW9hZ/RLr4I6x2V8TNg
FV/1lW5UVyLnb/XfVBvARBKxFF1Fhnrvn63npRyQAZenB3m98v3nsMHNujOn8DOM
2flEnLYvpu+Im4IFysU/fHnL5nN4WLOvHD35mVN2p8wRqhWIBL41st3ZfrIVAvB1
2heRsWB5wTU4uTq/53zQp9rbLwpXhCaIAm+8RAAURJhVeuIl4FnDPBeUJu0IMbMx
6EzPUuWKM/s4SIczF1Y4CD4mwEvQWTb65OsNTKcECA3iCoEKRx28cws3iXXHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUT+Pn90LZge6ZBfjNgGMl0i7zAfQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzMzOTJlMzEzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzYzMDM2MzYzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVQn
lDANBgkqhkiG9w0BAQsFAAOCAQEAlX+G3WULfwAMTE6n8rTbxQWtUiSLQv6BofXY
SuBGrhoayXSQG37hE7tJegElMkXeqj2TA4tPtTaq6iNQCQ1byk455tu7onumfAif
whdI9So3d5w5hv19RdYA1bCKx1GZWJlL1EQHIIXx+fRoSmX6xU+0aXY8t3tMFzR5
3oif6zPBJlKb8wnMS89R0V2oIWaRu18xWzEzPhoL0G1UZgS+t0Lxy9B6Y4u/Gibh
Ue+xrYOB2NjAA5TTs+u3MmvPI25cuPBYpf0E1Xpv82aBCLCJtyuv3wkhf1StJrxr
zYs0Pn5fXYZdnTyj3dAFWdcHgMWFlnu347Mhj6WlvMaOX0y3Dw==
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org