Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa
File: 38362e34382e31332e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: Z8Qv0dVCEzDasKmsxu4xka6py0LOdfkLk++LJ2kCddM=
Subject key identifier: D1:01:2D:22:0A:FA:B1:FF:1C:8D:3A:E1:A4:43:A8:69:B5:8E:18:3E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2945835404AAE74BE19CB2E1D4A7265FBD8DBF09
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:15 +0000
ROA not before: Mon 26 Feb 2024 08:48:15 +0000
ROA not after: Mon 24 Feb 2025 08:53:15 +0000
asID: 136787
IP address blocks: 86.48.13.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:45:83:54:04:aa:e7:4b:e1:9c:b2:e1:d4:a7:26:5f:bd:8d:bf:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:15 2024 GMT
Not After : Feb 24 08:53:15 2025 GMT
Subject: CN=D1012D220AFAB1FF1C8D3AE1A443A869B58E183E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:22:cd:82:6a:5b:26:38:56:dc:7c:a0:5d:85:
a4:6f:dd:1f:0c:e0:38:86:98:50:6f:84:e3:8b:90:
45:e1:fe:aa:fa:ce:2c:c7:68:de:98:29:99:80:df:
e4:74:f3:42:23:2b:90:7d:d0:fe:78:5a:a2:71:31:
52:61:76:2c:72:db:85:d0:77:f7:84:ee:73:71:57:
d7:bc:58:d4:69:2a:a5:57:c5:bd:49:85:6e:57:24:
c5:c6:0f:9b:58:68:4b:ea:61:cf:c1:60:0d:5b:da:
ae:ac:b2:6f:fc:0a:c2:80:61:50:c7:38:66:df:4e:
17:74:8c:91:69:59:e8:99:b9:35:f0:c6:49:c7:aa:
a6:03:3f:ca:8f:bf:0f:cd:07:54:8b:f8:ba:4f:73:
c1:ef:5c:8b:9c:7d:37:f0:2b:49:22:13:88:51:c8:
14:8f:8f:1d:92:e1:eb:87:1f:fd:f0:88:91:84:ec:
75:e6:93:23:2f:8d:96:1f:24:c7:95:02:45:dc:29:
6d:ca:34:f0:03:17:a9:27:ad:48:aa:88:5f:46:aa:
f9:79:b3:ed:11:5e:e5:07:f3:eb:a3:a7:ab:2c:15:
30:82:17:63:2f:fc:3c:4d:b8:8f:af:a7:fb:59:fa:
5f:b9:32:3a:ef:86:4e:99:b4:67:68:e2:93:8b:c7:
9e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:01:2D:22:0A:FA:B1:FF:1C:8D:3A:E1:A4:43:A8:69:B5:8E:18:3E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.13.0/24
Signature Algorithm: sha256WithRSAEncryption
75:15:bc:66:70:6f:f0:e8:24:be:2a:8d:c4:d5:0b:44:96:7e:
6a:b5:70:82:6d:08:4c:2f:64:72:2c:73:cc:25:04:0f:0d:38:
0e:8d:0f:af:67:24:cd:ef:9a:1d:79:dd:cb:95:b6:46:a4:2c:
19:df:cd:e8:65:44:44:0f:ef:f0:4c:37:c9:c3:b7:fb:86:4d:
c7:ce:87:38:6d:3b:11:be:61:cb:7e:33:5e:4c:83:6f:23:ef:
88:29:62:22:b7:b7:72:e8:1b:bd:79:00:4c:47:52:59:b1:2b:
80:c6:ce:6d:9f:e1:69:71:b6:24:62:62:0b:3e:75:79:b4:ec:
fa:a1:4b:c3:37:d0:2f:eb:25:f1:77:56:d8:b6:2f:88:57:36:
7f:a1:e4:a5:8e:08:54:8a:e9:b2:a2:34:d3:50:62:89:97:fc:
7c:b9:e8:46:46:12:0a:c0:ec:12:68:65:08:9b:e2:72:f3:d7:
79:35:55:80:58:90:5a:93:86:4d:b0:78:47:c7:86:a8:29:3c:
56:8b:a6:39:1c:39:7d:6e:11:5e:e5:47:05:34:4b:5a:f9:4f:
fe:25:55:ac:30:aa:9a:dd:f9:40:38:66:2a:74:be:69:6a:46:
3f:6b:f5:16:19:89:25:65:53:67:42:c3:bb:e4:b3:8f:18:60:
83:01:bd:2d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKUWDVASq50vhnLLh1KcmX72NvwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTVaFw0yNTAyMjQwODUzMTVaMDMxMTAvBgNV
BAMTKEQxMDEyRDIyMEFGQUIxRkYxQzhEM0FFMUE0NDNBODY5QjU4RTE4M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFIs2CalsmOFbcfKBdhaRv3R8M
4DiGmFBvhOOLkEXh/qr6zizHaN6YKZmA3+R080IjK5B90P54WqJxMVJhdixy24XQ
d/eE7nNxV9e8WNRpKqVXxb1JhW5XJMXGD5tYaEvqYc/BYA1b2q6ssm/8CsKAYVDH
OGbfThd0jJFpWeiZuTXwxknHqqYDP8qPvw/NB1SL+LpPc8HvXIucfTfwK0kiE4hR
yBSPjx2S4euHH/3wiJGE7HXmkyMvjZYfJMeVAkXcKW3KNPADF6knrUiqiF9Gqvl5
s+0RXuUH8+ujp6ssFTCCF2Mv/DxNuI+vp/tZ+l+5Mjrvhk6ZtGdo4pOLx55fAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU0QEtIgr6sf8cjTrhpEOoabWOGD4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzMzJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFYw
DTANBgkqhkiG9w0BAQsFAAOCAQEAdRW8ZnBv8OgkviqNxNULRJZ+arVwgm0ITC9k
cixzzCUEDw04Do0Pr2ckze+aHXndy5W2RqQsGd/N6GVERA/v8Ew3ycO3+4ZNx86H
OG07Eb5hy34zXkyDbyPviCliIre3cugbvXkATEdSWbErgMbObZ/haXG2JGJiCz51
ebTs+qFLwzfQL+sl8XdW2LYviFc2f6HkpY4IVIrpsqI001BiiZf8fLnoRkYSCsDs
EmhlCJvicvPXeTVVgFiQWpOGTbB4R8eGqCk8VoumORw5fW4RXuVHBTRLWvlP/iVV
rDCqmt35QDhmKnS+aWpGP2v1FhmJJWVTZ0LDu+SzjxhggwG9LQ==
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org