Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32332e302f32342d3332203d3e203531313637.roa
File: 38342e35342e32332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: jlQTOFlLPzhXUnn83T3Y3q9z89Ki+/CmC1MZ2unmpw8=
Subject key identifier: CB:7A:F0:A9:BA:B3:9D:91:D4:A1:59:B6:A8:81:9B:EB:F1:01:70:0B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4B5B0BF19A421237BCADA1259BDA5C1F197E245E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Oct 2023 13:41:57 +0000
ROA not before: Fri 20 Oct 2023 13:36:57 +0000
ROA not after: Fri 18 Oct 2024 13:41:57 +0000
asID: 51167
IP address blocks: 84.54.23.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:5b:0b:f1:9a:42:12:37:bc:ad:a1:25:9b:da:5c:1f:19:7e:24:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:57 2023 GMT
Not After : Oct 18 13:41:57 2024 GMT
Subject: CN=CB7AF0A9BAB39D91D4A159B6A8819BEBF101700B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:02:12:89:6b:3e:96:de:84:b5:df:78:0d:83:
ef:4b:19:da:a7:7f:d3:71:d6:ec:6c:c9:05:53:13:
48:ef:8d:a5:2c:45:08:60:5c:f6:9f:7e:e6:7f:df:
1b:3c:e8:a0:44:fc:5b:72:93:98:e8:0c:ac:e2:76:
f7:b5:30:5b:a9:5b:bc:dc:6d:02:28:74:b8:70:bc:
f8:ce:02:35:e2:ab:1d:2b:f6:bd:2d:59:d1:0c:e4:
62:9d:d2:9a:28:4e:77:72:ca:c8:d3:02:d9:44:54:
5e:00:19:5c:e7:31:9c:78:0d:27:14:6c:5b:4a:54:
08:56:24:b7:09:da:a7:b0:19:62:ac:66:f2:45:92:
5a:eb:54:52:67:ba:7a:40:d6:bc:f0:4c:be:67:4f:
41:3f:e0:82:a3:56:6a:18:5d:a2:a1:60:ec:d2:ec:
d5:db:af:5e:55:17:18:02:1e:db:16:7f:12:ac:9c:
dc:b4:7e:2a:ef:59:37:a4:9d:94:a2:33:e8:ab:62:
be:cb:d3:1e:9f:c3:4c:39:c5:72:b3:fb:5e:ef:68:
98:94:40:82:1f:ff:76:50:d9:04:6d:d6:81:31:24:
15:a1:0a:d0:2d:d8:31:96:5e:43:30:8b:da:31:e1:
74:2c:07:d4:05:6d:f1:d8:b1:28:ac:1f:31:7f:63:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7A:F0:A9:BA:B3:9D:91:D4:A1:59:B6:A8:81:9B:EB:F1:01:70:0B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.23.0/24
Signature Algorithm: sha256WithRSAEncryption
46:19:68:3e:96:ab:65:90:1e:97:c5:60:ca:59:a7:47:f3:c0:
98:91:1f:0d:79:67:ef:22:ea:88:86:00:a4:7b:f6:21:26:14:
9d:53:2f:7b:63:53:8f:e5:f8:b2:49:84:1a:c2:88:65:87:db:
aa:a3:e1:cd:2f:74:5a:38:64:3f:e9:11:32:51:b8:61:a5:55:
e5:ba:fa:a7:ea:b0:98:9c:2a:b9:a9:b9:9b:0c:28:74:9a:a7:
4e:a3:88:94:aa:f5:35:b5:1f:40:19:09:51:4a:3e:de:36:88:
12:7b:b4:0e:4d:2b:4b:06:d1:7f:2d:50:8c:46:15:c5:ac:9c:
fd:dd:99:3e:91:6b:0f:70:d8:74:c2:0c:5c:c9:e8:98:48:f8:
cb:14:21:71:e6:0c:cb:64:31:b5:38:d5:3a:93:84:60:8c:99:
07:96:67:81:1c:dd:bc:33:5d:84:09:24:5d:e8:54:b4:9d:46:
4d:63:3d:4f:47:ea:5e:d2:36:6c:99:47:d7:94:86:03:f4:2e:
f2:68:ce:7a:38:bf:91:05:a1:ef:e4:88:e1:5e:5d:2a:56:9f:
f3:21:6d:cf:5c:df:3b:45:44:b0:c8:c6:5c:98:64:bf:80:49:
f0:60:9f:4a:86:71:59:a2:c8:3a:30:7a:f6:ea:c1:f0:85:2f:
67:54:f7:37
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUS1sL8ZpCEje8raElm9pcHxl+JF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTdaFw0yNDEwMTgxMzQxNTdaMDMxMTAvBgNV
BAMTKENCN0FGMEE5QkFCMzlEOTFENEExNTlCNkE4ODE5QkVCRjEwMTcwMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwAhKJaz6W3oS133gNg+9LGdqn
f9Nx1uxsyQVTE0jvjaUsRQhgXPaffuZ/3xs86KBE/Ftyk5joDKzidve1MFupW7zc
bQIodLhwvPjOAjXiqx0r9r0tWdEM5GKd0pooTndyysjTAtlEVF4AGVznMZx4DScU
bFtKVAhWJLcJ2qewGWKsZvJFklrrVFJnunpA1rzwTL5nT0E/4IKjVmoYXaKhYOzS
7NXbr15VFxgCHtsWfxKsnNy0firvWTeknZSiM+irYr7L0x6fw0w5xXKz+17vaJiU
QIIf/3ZQ2QRt1oExJBWhCtAt2DGWXkMwi9ox4XQsB9QFbfHYsSisHzF/Y3H3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUy3rwqbqznZHUoVm2qIGb6/EBcAswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzUzNDJlMzIzMzJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABUNhcw
DQYJKoZIhvcNAQELBQADggEBAEYZaD6Wq2WQHpfFYMpZp0fzwJiRHw15Z+8i6oiG
AKR79iEmFJ1TL3tjU4/l+LJJhBrCiGWH26qj4c0vdFo4ZD/pETJRuGGlVeW6+qfq
sJicKrmpuZsMKHSap06jiJSq9TW1H0AZCVFKPt42iBJ7tA5NK0sG0X8tUIxGFcWs
nP3dmT6Raw9w2HTCDFzJ6JhI+MsUIXHmDMtkMbU41TqThGCMmQeWZ4Ec3bwzXYQJ
JF3oVLSdRk1jPU9H6l7SNmyZR9eUhgP0LvJozno4v5EFoe/kiOFeXSpWn/Mhbc9c
3ztFRLDIxlyYZL+ASfBgn0qGcVmiyDowevbqwfCFL2dU9zc=
-----END CERTIFICATE-----
Generated at Tue May 21 08:01:46 2024 by rpki-client on console-fra.rpki-client.org