Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa
File: 38362e34382e31362e302f32302d3332203d3e203430303231.roa (raw, json)
Hash identifier: J2AGa8r2Ta2CJfESyDi3nSWPup0uy4FzihejGMoRgH8=
Subject key identifier: 11:E4:F0:5C:FE:06:96:43:0C:B8:DF:B6:CD:44:D4:DE:A2:13:CF:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3200AD5C2049BE7E62393B3F28B2215D58AAE524
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:18 +0000
ROA not before: Mon 27 Jan 2025 09:40:18 +0000
ROA not after: Mon 26 Jan 2026 09:45:18 +0000
asID: 40021
IP address blocks: 86.48.16.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:00:ad:5c:20:49:be:7e:62:39:3b:3f:28:b2:21:5d:58:aa:e5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:18 2025 GMT
Not After : Jan 26 09:45:18 2026 GMT
Subject: CN=11E4F05CFE0696430CB8DFB6CD44D4DEA213CFB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:04:3d:1b:0b:3f:6c:bf:44:9d:a9:3f:0a:
95:cd:2f:af:a6:59:74:ea:87:2e:c1:20:c4:fd:f0:
e3:25:57:39:10:54:81:80:7f:d3:17:eb:61:51:85:
0d:e9:c1:87:07:ba:c7:51:3c:ed:36:f1:d7:c6:47:
56:53:12:95:8a:27:94:1a:95:87:81:04:a1:63:57:
36:a6:dc:18:af:0d:66:03:56:16:0c:d5:e5:d1:bc:
af:42:29:95:fd:e2:2e:0a:9f:22:13:1c:33:3c:c4:
1c:0c:65:f2:73:4f:90:58:2f:e2:f6:c3:be:64:38:
b5:8b:b3:ec:8e:d9:35:cf:8c:cd:bd:df:9d:94:00:
8e:9a:99:dc:ab:e9:ce:b5:0a:92:9f:a5:14:af:c1:
64:21:e6:fc:91:3e:af:04:78:c5:ce:87:81:cf:84:
bd:2c:6b:e3:0b:64:38:d0:d1:ed:e7:41:f5:58:14:
aa:8b:cd:2b:8d:1f:c5:6e:9e:21:96:1e:ce:60:ab:
21:c8:e5:06:a5:69:ff:7f:2b:4c:10:b6:0b:52:c0:
cf:9c:20:35:f0:ed:5b:c5:78:dc:1c:8f:02:9b:4b:
66:36:44:7f:1f:37:eb:3b:9f:9e:2c:d2:c4:ad:5c:
e3:f2:10:15:4b:a4:11:72:25:31:4e:14:84:96:ed:
7d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E4:F0:5C:FE:06:96:43:0C:B8:DF:B6:CD:44:D4:DE:A2:13:CF:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.16.0/20
Signature Algorithm: sha256WithRSAEncryption
57:d0:80:22:ad:b7:63:6e:9d:f6:cd:de:4a:c9:ef:0a:d4:24:
92:d0:92:26:8d:a7:f3:88:e3:2f:f6:44:96:33:81:c4:44:2b:
1a:f4:e3:cb:f5:4c:f4:57:46:9e:82:8d:7d:a8:ca:cf:95:9c:
dc:a4:ce:38:3c:3d:4c:a9:06:07:60:dd:84:8f:eb:5e:ec:1d:
21:e9:a3:bd:cf:7b:43:d4:ad:41:db:1c:d1:65:4f:73:b0:a4:
6e:04:1c:bb:21:30:d9:b8:9e:43:85:fc:43:83:b1:07:c2:39:
bb:3f:d4:56:95:b8:33:c8:cd:46:b6:d6:b5:bb:90:52:bd:98:
15:2b:3b:b5:62:b6:c5:2f:0f:4b:8a:4d:09:83:8f:22:10:da:
b7:34:07:4b:cf:a7:b3:6f:d2:d5:b7:30:3e:dd:8d:4d:0f:95:
8d:5e:c5:11:c7:e5:a9:05:ee:3b:d1:e8:f6:54:c2:83:9b:a0:
6b:e8:a6:51:72:83:40:55:fb:ce:be:eb:3d:8b:11:ab:d3:07:
ef:84:93:60:dd:56:68:5f:de:e2:9a:18:69:8b:20:8a:f9:27:
4c:7a:e8:94:96:d4:c0:25:0d:8b:71:54:1d:14:40:b8:10:85:
0c:fe:0a:dc:54:61:45:45:6a:ae:91:12:6e:67:86:54:37:4f:
2a:09:db:78
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUMgCtXCBJvn5iOTs/KLIhXViq5SQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMThaFw0yNjAxMjYwOTQ1MThaMDMxMTAvBgNV
BAMTKDExRTRGMDVDRkUwNjk2NDMwQ0I4REZCNkNENDRENERFQTIxM0NGQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ogQ9Gws/bL9Enak/CpXNL6+m
WXTqhy7BIMT98OMlVzkQVIGAf9MX62FRhQ3pwYcHusdRPO028dfGR1ZTEpWKJ5Qa
lYeBBKFjVzam3BivDWYDVhYM1eXRvK9CKZX94i4KnyITHDM8xBwMZfJzT5BYL+L2
w75kOLWLs+yO2TXPjM29352UAI6amdyr6c61CpKfpRSvwWQh5vyRPq8EeMXOh4HP
hL0sa+MLZDjQ0e3nQfVYFKqLzSuNH8VuniGWHs5gqyHI5Qalaf9/K0wQtgtSwM+c
IDXw7VvFeNwcjwKbS2Y2RH8fN+s7n54s0sStXOPyEBVLpBFyJTFOFISW7X1FAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUEeTwXP4GlkMMuN+2zUTU3qITz7IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzNjJl
MzAyZjMyMzAyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARWMBAw
DQYJKoZIhvcNAQELBQADggEBAFfQgCKtt2NunfbN3krJ7wrUJJLQkiaNp/OI4y/2
RJYzgcREKxr048v1TPRXRp6CjX2oys+VnNykzjg8PUypBgdg3YSP617sHSHpo73P
e0PUrUHbHNFlT3OwpG4EHLshMNm4nkOF/EODsQfCObs/1FaVuDPIzUa21rW7kFK9
mBUrO7VitsUvD0uKTQmDjyIQ2rc0B0vPp7Nv0tW3MD7djU0PlY1exRHH5akF7jvR
6PZUwoOboGvoplFyg0BV+86+6z2LEavTB++Ek2DdVmhf3uKaGGmLIIr5J0x66JSW
1MAlDYtxVB0UQLgQhQz+CtxUYUVFaq6REm5nhlQ3TyoJ23g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:52:09 2025 by rpki-client