Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
File: 38342e33392e3135312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Rg9cpFoFR/ji4rLVfwCdwnHrvLieGoEmtuGJ80gPsQg=
Subject key identifier: 50:BF:47:B3:C4:10:39:8B:B1:06:E7:02:1D:DE:29:36:74:38:BC:3D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 68392C07964770085E541734814BC6A1F13D5E9B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 25 Sep 2024 19:05:04 +0000
ROA not before: Wed 25 Sep 2024 19:00:04 +0000
ROA not after: Wed 24 Sep 2025 19:05:04 +0000
asID: 136787
IP address blocks: 84.39.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:39:2c:07:96:47:70:08:5e:54:17:34:81:4b:c6:a1:f1:3d:5e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 25 19:00:04 2024 GMT
Not After : Sep 24 19:05:04 2025 GMT
Subject: CN=50BF47B3C410398BB106E7021DDE29367438BC3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7f:be:9c:9d:5e:d8:4a:09:bc:c6:f1:23:01:
af:5e:2c:5b:48:eb:8b:b0:13:e9:04:e9:8c:bb:78:
b7:32:a7:3c:66:d3:a0:62:87:c2:43:f2:af:a3:e3:
c0:fc:13:d8:99:81:8e:b6:43:60:5e:4b:d3:2c:e7:
0b:92:a8:cf:d0:20:5c:76:08:e1:50:bd:13:7d:30:
46:5a:20:90:7b:72:45:78:15:ee:5d:a6:fc:20:60:
4f:cc:af:15:01:5a:4f:87:97:a2:01:a3:5f:e9:78:
8d:42:cc:54:8b:8a:f2:b7:cf:ac:c9:43:e0:a4:75:
6d:45:72:84:7b:04:b6:b6:5e:98:79:a1:d6:b5:7b:
6d:26:c9:1d:b4:cd:c2:69:84:ee:fc:71:d0:88:97:
f0:8a:35:2a:16:cd:65:b3:a9:4a:24:ea:6a:ca:79:
78:a0:a9:28:c2:20:cc:f4:33:cc:cd:d1:62:71:f0:
95:c7:df:65:9c:0d:8f:ec:00:a2:69:67:6d:57:40:
29:9b:67:6b:d1:7b:c7:76:16:e9:26:b7:e6:6a:f8:
15:ae:8f:a4:c3:b9:12:84:34:6d:65:b1:ff:f9:c0:
f0:3a:c9:3b:0d:2d:5e:35:2d:c9:38:09:a4:b8:76:
e9:d5:b6:02:0e:f6:f3:d8:ca:4f:72:c7:40:32:89:
70:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BF:47:B3:C4:10:39:8B:B1:06:E7:02:1D:DE:29:36:74:38:BC:3D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.151.0/24
Signature Algorithm: sha256WithRSAEncryption
30:32:16:2c:9f:bf:2a:41:c2:d7:d9:40:46:c7:13:eb:dd:36:
0d:aa:b7:91:c5:f3:e7:c4:2f:27:f3:f2:c2:82:d9:bd:f8:9e:
e3:cc:f3:ba:35:31:f0:c0:3e:15:7b:88:6d:ad:21:d0:96:b6:
c2:92:1e:21:4c:d5:5d:5b:33:22:37:53:08:24:2b:ac:00:56:
cf:5e:e4:f2:aa:8c:0a:35:d7:a4:68:c0:2c:93:40:db:9a:fc:
43:f6:69:a4:21:40:d1:70:1f:83:c3:6f:82:64:23:d2:87:87:
2c:d5:4d:72:27:1b:60:48:91:ef:0b:cf:2f:ee:c8:99:75:7e:
1a:a3:ee:af:f0:39:1a:f1:8e:0b:c5:c8:4b:1a:b1:0c:72:d2:
cd:29:01:ef:88:16:fe:21:9c:e0:4f:94:b6:18:67:95:f4:34:
82:53:0d:16:51:e2:ca:d7:63:20:eb:ce:d4:5d:d3:9e:d5:05:
f5:24:ed:76:ee:d8:cb:a7:4d:6a:84:a2:26:93:9b:0f:91:bb:
5a:86:bc:1a:0d:5f:b9:9f:c1:56:8c:9c:12:fb:78:97:18:f0:
8a:bd:43:a8:e6:53:d9:11:c3:61:89:b1:bd:82:cf:3a:54:4a:
bd:57:4d:36:e6:b5:12:7a:e6:33:42:86:6e:97:aa:ed:5e:52:
42:8c:95:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaDksB5ZHcAheVBc0gUvGofE9XpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjUxOTAwMDRaFw0yNTA5MjQxOTA1MDRaMDMxMTAvBgNV
BAMTKDUwQkY0N0IzQzQxMDM5OEJCMTA2RTcwMjFEREUyOTM2NzQzOEJDM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDff76cnV7YSgm8xvEjAa9eLFtI
64uwE+kE6Yy7eLcypzxm06Bih8JD8q+j48D8E9iZgY62Q2BeS9Ms5wuSqM/QIFx2
COFQvRN9MEZaIJB7ckV4Fe5dpvwgYE/MrxUBWk+Hl6IBo1/peI1CzFSLivK3z6zJ
Q+CkdW1FcoR7BLa2Xph5oda1e20myR20zcJphO78cdCIl/CKNSoWzWWzqUok6mrK
eXigqSjCIMz0M8zN0WJx8JXH32WcDY/sAKJpZ21XQCmbZ2vRe8d2Fukmt+Zq+BWu
j6TDuRKENG1lsf/5wPA6yTsNLV41Lck4CaS4dunVtgIO9vPYyk9yx0AyiXDbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUL9Hs8QQOYuxBucCHd4pNnQ4vD0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzMzOTJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VCeXMA0GCSqGSIb3DQEBCwUAA4IBAQAwMhYsn78qQcLX2UBGxxPr3TYNqreRxfPn
xC8n8/LCgtm9+J7jzPO6NTHwwD4Ve4htrSHQlrbCkh4hTNVdWzMiN1MIJCusAFbP
XuTyqowKNdekaMAsk0DbmvxD9mmkIUDRcB+Dw2+CZCPSh4cs1U1yJxtgSJHvC88v
7siZdX4ao+6v8Dka8Y4LxchLGrEMctLNKQHviBb+IZzgT5S2GGeV9DSCUw0WUeLK
12Mg687UXdOe1QX1JO127tjLp01qhKImk5sPkbtahrwaDV+5n8FWjJwS+3iXGPCK
vUOo5lPZEcNhibG9gs86VEq9V0025rUSeuYzQoZul6rtXlJCjJXi
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:15 2024 by rpki-client on console-ams.rpki-client.org