Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
File: 38342e33392e3135312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: LAGp8bRrtlZwWhx/y003Kk2UFJW0vkm8ejxiHv0obGQ=
Subject key identifier: 54:D6:1D:B9:7D:6E:78:4E:25:14:BE:A2:4C:41:C6:07:D9:B9:15:65
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 10F2CCBEFE34AA61C21F47BD1F579D4272A064A9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 25 Oct 2023 18:30:34 +0000
ROA not before: Wed 25 Oct 2023 18:25:34 +0000
ROA not after: Wed 23 Oct 2024 18:30:34 +0000
asID: 136787
IP address blocks: 84.39.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:f2:cc:be:fe:34:aa:61:c2:1f:47:bd:1f:57:9d:42:72:a0:64:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 25 18:25:34 2023 GMT
Not After : Oct 23 18:30:34 2024 GMT
Subject: CN=54D61DB97D6E784E2514BEA24C41C607D9B91565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:dc:14:92:53:de:74:94:4a:4e:9b:56:85:7b:
85:88:b6:26:bb:3c:c6:13:d3:de:5e:88:bb:73:c9:
16:a9:e8:2c:c1:b0:6c:e7:08:a9:c6:92:86:0a:89:
1b:d6:75:4a:cb:0f:63:75:f9:f8:35:78:68:2e:62:
f0:62:3a:26:ff:8f:38:32:a2:56:f2:e8:02:07:16:
c2:99:0f:1c:7a:28:f8:5b:e1:f0:16:dc:c0:6b:c3:
21:13:7e:1a:a5:cf:59:f0:93:ee:19:d3:50:62:cb:
cd:22:67:93:39:66:9e:73:aa:dc:7f:32:6a:6c:56:
f0:8c:ad:c6:44:2d:96:66:c4:c4:21:26:e7:d1:45:
94:c2:92:a8:55:60:73:ad:5a:14:16:2d:eb:4e:d4:
c0:8b:46:95:44:f1:1a:f1:01:70:c0:0a:cb:0c:91:
69:e5:b2:a4:cc:23:f0:2f:c7:df:f6:4c:3d:00:d9:
74:58:fa:4f:1a:c2:99:a2:5c:19:06:ff:df:57:4a:
c0:f4:9f:08:d0:78:7e:12:b8:b0:0d:03:d2:2c:b1:
2a:a7:6b:31:e2:6a:e7:21:9b:93:f3:dd:1b:f5:0c:
87:18:97:a3:bc:5c:bd:80:af:69:a6:73:95:38:8c:
16:f4:35:06:62:55:fb:1d:a8:f1:09:8a:ec:8d:38:
60:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D6:1D:B9:7D:6E:78:4E:25:14:BE:A2:4C:41:C6:07:D9:B9:15:65
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e7:17:32:46:b4:27:61:21:95:73:f6:94:3a:33:eb:ac:2d:
c7:06:4a:c0:06:b3:47:2d:a1:14:fd:50:8e:28:8d:93:93:bf:
be:80:56:fa:39:88:b5:fa:9b:b1:88:3a:c3:f7:81:44:9e:27:
a0:ca:d9:72:83:d4:a1:24:04:59:a9:80:45:04:73:79:1f:38:
c4:45:1d:d7:7e:7c:c5:c5:4b:38:ff:a8:8a:c2:33:8c:f7:2c:
4e:37:09:ae:03:ae:bf:71:b9:93:df:6b:d3:c7:f6:69:ef:d7:
26:60:2e:c8:59:6e:b6:ea:bd:af:7f:f3:2e:d6:43:2b:c1:3c:
9c:0f:97:f7:7c:d8:5c:c2:8d:f2:ba:fe:7b:13:5a:2f:1e:77:
54:06:3f:8f:c0:32:66:18:2d:cc:b0:ae:41:6c:2b:c1:b5:db:
ee:85:2e:e2:b2:fa:9d:80:32:a4:97:55:07:46:e5:eb:b5:67:
76:89:0f:ed:26:1a:8d:0e:48:f3:8c:64:b7:74:d2:ed:48:d5:
6e:71:81:48:82:cb:78:d7:46:82:cb:be:32:ad:37:b1:85:9b:
6e:26:7c:cc:eb:4f:2d:2a:c2:52:53:1f:05:bc:fa:74:af:55:
a3:9e:eb:5f:73:88:d5:56:1c:7d:2a:37:9f:ae:4f:48:d4:50:
af:29:42:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEPLMvv40qmHCH0e9H1edQnKgZKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjUxODI1MzRaFw0yNDEwMjMxODMwMzRaMDMxMTAvBgNV
BAMTKDU0RDYxREI5N0Q2RTc4NEUyNTE0QkVBMjRDNDFDNjA3RDlCOTE1NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDv3BSSU950lEpOm1aFe4WItia7
PMYT095eiLtzyRap6CzBsGznCKnGkoYKiRvWdUrLD2N1+fg1eGguYvBiOib/jzgy
olby6AIHFsKZDxx6KPhb4fAW3MBrwyETfhqlz1nwk+4Z01Biy80iZ5M5Zp5zqtx/
MmpsVvCMrcZELZZmxMQhJufRRZTCkqhVYHOtWhQWLetO1MCLRpVE8RrxAXDACssM
kWnlsqTMI/Avx9/2TD0A2XRY+k8awpmiXBkG/99XSsD0nwjQeH4SuLANA9IssSqn
azHiauchm5Pz3Rv1DIcYl6O8XL2Ar2mmc5U4jBb0NQZiVfsdqPEJiuyNOGDxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVNYduX1ueE4lFL6iTEHGB9m5FWUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzMzOTJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VCeXMA0GCSqGSIb3DQEBCwUAA4IBAQB/5xcyRrQnYSGVc/aUOjPrrC3HBkrABrNH
LaEU/VCOKI2Tk7++gFb6OYi1+puxiDrD94FEniegytlyg9ShJARZqYBFBHN5HzjE
RR3XfnzFxUs4/6iKwjOM9yxONwmuA66/cbmT32vTx/Zp79cmYC7IWW626r2vf/Mu
1kMrwTycD5f3fNhcwo3yuv57E1ovHndUBj+PwDJmGC3MsK5BbCvBtdvuhS7isvqd
gDKkl1UHRuXrtWd2iQ/tJhqNDkjzjGS3dNLtSNVucYFIgst410aCy74yrTexhZtu
JnzM608tKsJSUx8FvPp0r1Wjnutfc4jVVhx9Kjefrk9I1FCvKULK
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org