Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa
File: 38362e34382e302e302f32322d3332203d3e203531313637.roa (raw, json)
Hash identifier: jGQnX/yNN/2pScV7SuHzdX3SO/Tl7gid8RtkfDlhpuU=
Subject key identifier: D3:58:EF:E1:58:77:89:C0:D4:79:97:62:6A:DC:50:50:8A:43:D6:3E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2C4B5B7A5DA0EC21EA5A07343E753C1A0D62741A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:10 +0000
ROA not before: Mon 27 Jan 2025 09:40:10 +0000
ROA not after: Mon 26 Jan 2026 09:45:10 +0000
asID: 51167
IP address blocks: 86.48.0.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4b:5b:7a:5d:a0:ec:21:ea:5a:07:34:3e:75:3c:1a:0d:62:74:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:10 2025 GMT
Not After : Jan 26 09:45:10 2026 GMT
Subject: CN=D358EFE1587789C0D47997626ADC50508A43D63E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cd:32:e9:43:40:45:ef:c1:b3:08:f4:76:ce:
c2:11:48:db:55:40:02:52:61:fd:35:be:3b:1b:22:
b7:78:82:bc:54:65:54:50:7e:f1:3b:0b:a5:61:87:
04:48:e4:c7:cf:2d:ea:13:91:d0:1d:b4:99:df:13:
da:01:0f:03:00:89:5d:34:c2:4a:17:97:96:bb:80:
b4:b0:c9:09:4e:e6:35:9a:93:d6:01:fe:83:bb:2e:
cd:eb:b6:32:86:29:34:4b:ce:55:7f:01:34:60:45:
6b:e3:fd:5b:96:df:71:5f:57:79:39:93:f8:f7:2e:
dc:b2:99:05:a5:15:43:0b:28:15:85:0b:bc:8a:db:
02:5b:3f:93:0e:8c:1b:01:37:23:48:bc:5b:f8:ab:
5e:81:00:8c:b6:f7:79:90:ee:d6:f2:61:f4:85:b4:
ea:22:13:42:45:99:0e:fd:0e:c9:78:77:69:09:b6:
93:5a:90:f2:bf:11:53:26:80:5e:02:cc:25:53:e5:
8e:7e:ad:ef:1f:c8:d6:c3:9b:3e:b4:6b:a3:0c:19:
98:fb:41:57:6f:a3:4d:fc:74:d2:0e:a4:e8:fd:fc:
b6:57:f0:b2:3c:7c:51:fa:e9:05:11:ea:82:1b:4f:
32:b6:02:d5:80:52:76:85:91:10:02:d4:28:7a:87:
8f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:58:EF:E1:58:77:89:C0:D4:79:97:62:6A:DC:50:50:8A:43:D6:3E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.0.0/22
Signature Algorithm: sha256WithRSAEncryption
99:7f:96:e4:b2:ec:31:dc:7b:d9:fe:27:79:0f:4f:da:ed:73:
5a:e7:cb:f7:f1:32:50:61:e6:4f:43:9c:83:00:ec:48:5c:31:
09:c7:f7:5f:02:b4:20:b3:1d:fb:d0:ed:38:6b:28:de:7e:2d:
08:d8:c6:c8:da:8d:b6:38:ef:26:ba:c6:f5:0a:c3:3c:0a:e2:
6f:3b:c4:67:4c:21:9d:c7:df:50:14:cf:70:ad:82:7e:ea:ae:
75:de:5e:52:fa:90:8a:da:0e:b6:1d:d7:43:db:39:9e:55:02:
fd:9b:38:b9:c3:71:ff:34:37:7a:be:92:d0:a6:bf:d8:cb:17:
67:eb:37:c2:08:e1:59:5f:9a:ce:79:d5:7b:6c:55:9e:08:1c:
1f:59:81:65:11:89:78:93:65:a2:27:7e:e9:fa:9f:d5:02:de:
20:08:ac:ca:70:b8:4a:e9:7a:73:b2:a7:27:b7:a5:33:de:f2:
c6:a0:a9:13:bf:49:2b:5a:7b:c6:ea:f0:80:0b:1b:10:75:83:
a6:88:05:c5:3b:cd:ce:6a:84:60:58:3a:7c:2c:15:b8:f3:3c:
d5:4e:6f:d5:82:ae:fb:7d:cf:20:d6:c9:13:ee:c4:4d:28:66:
be:8a:59:16:e0:e8:ec:c5:77:89:4a:19:5e:95:d0:d1:8f:9f:
de:45:26:9e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULEtbel2g7CHqWgc0PnU8Gg1idBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTBaFw0yNjAxMjYwOTQ1MTBaMDMxMTAvBgNV
BAMTKEQzNThFRkUxNTg3Nzg5QzBENDc5OTc2MjZBREM1MDUwOEE0M0Q2M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2zTLpQ0BF78GzCPR2zsIRSNtV
QAJSYf01vjsbIrd4grxUZVRQfvE7C6VhhwRI5MfPLeoTkdAdtJnfE9oBDwMAiV00
wkoXl5a7gLSwyQlO5jWak9YB/oO7Ls3rtjKGKTRLzlV/ATRgRWvj/VuW33FfV3k5
k/j3LtyymQWlFUMLKBWFC7yK2wJbP5MOjBsBNyNIvFv4q16BAIy293mQ7tbyYfSF
tOoiE0JFmQ79Dsl4d2kJtpNakPK/EVMmgF4CzCVT5Y5+re8fyNbDmz60a6MMGZj7
QVdvo038dNIOpOj9/LZX8LI8fFH66QUR6oIbTzK2AtWAUnaFkRAC1Ch6h4/bAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU01jv4Vh3icDUeZdiatxQUIpD1j4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzAyZTMw
MmYzMjMyMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVjAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZf5bksuwx3HvZ/id5D0/a7XNa58v38TJQYeZPQ5yD
AOxIXDEJx/dfArQgsx370O04ayjefi0I2MbI2o22OO8musb1CsM8CuJvO8RnTCGd
x99QFM9wrYJ+6q513l5S+pCK2g62HddD2zmeVQL9mzi5w3H/NDd6vpLQpr/Yyxdn
6zfCCOFZX5rOedV7bFWeCBwfWYFlEYl4k2WiJ37p+p/VAt4gCKzKcLhK6Xpzsqcn
t6Uz3vLGoKkTv0krWnvG6vCACxsQdYOmiAXFO83OaoRgWDp8LBW48zzVTm/Vgq77
fc8g1skT7sRNKGa+ilkW4OjsxXeJShleldDRj5/eRSae
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:06:56 2025 by rpki-client