Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e362e302f32342d3332203d3e20313336373837.roa
File: 38362e34382e362e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: RMWgigzjItYR1G+qiyGjtSYXwmoP4xdSgF1mwlEXfeg=
Subject key identifier: 4B:C5:8A:E8:63:4A:76:D9:7D:1D:71:AB:2E:1F:6A:28:B0:6D:65:87
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5508CF9610FD992F0CB9C14B515B8ED46B310520
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e362e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:30 +0000
ROA not before: Mon 26 Feb 2024 08:48:30 +0000
ROA not after: Mon 24 Feb 2025 08:53:30 +0000
asID: 136787
IP address blocks: 86.48.6.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:08:cf:96:10:fd:99:2f:0c:b9:c1:4b:51:5b:8e:d4:6b:31:05:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:30 2024 GMT
Not After : Feb 24 08:53:30 2025 GMT
Subject: CN=4BC58AE8634A76D97D1D71AB2E1F6A28B06D6587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:56:cc:b7:b8:5c:9f:89:42:cc:35:f1:46:3a:
0d:a2:47:ad:03:06:9b:bc:84:5b:5e:c2:fd:25:52:
5c:3a:45:60:ed:9b:d1:35:0b:b1:11:36:e0:61:ea:
c5:89:f4:5a:86:cb:35:73:02:bd:e0:e1:96:75:a3:
b2:de:dd:74:bb:09:cb:a1:13:ea:65:8a:cc:f0:8d:
cc:0d:5f:98:35:b2:20:4b:f5:d0:8d:24:79:84:e3:
be:a9:7e:9a:17:64:69:3f:45:c5:12:af:30:0b:32:
b3:1b:9d:f6:ff:e8:c9:94:b0:ff:f0:87:b1:24:7b:
47:35:35:20:85:df:28:6c:ec:47:58:53:3d:c6:e3:
f0:5f:5f:e0:2d:3b:86:4b:dd:9c:19:aa:1e:45:0f:
31:15:87:27:59:44:1e:af:d5:42:56:2d:03:9a:ed:
63:14:19:cb:a4:9c:03:b5:82:5e:83:6d:26:2b:09:
16:6e:8a:1e:04:e3:15:ea:ac:ff:52:0a:15:68:ee:
86:f8:b8:38:4f:7c:9a:61:c1:af:f2:02:db:32:4c:
28:47:11:01:c9:07:57:2c:3a:df:5a:63:22:d7:71:
aa:d3:62:b5:db:f4:e4:1a:82:7d:88:c6:4c:42:0d:
27:19:01:18:5c:01:33:c1:7a:b2:cb:47:45:65:4a:
77:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C5:8A:E8:63:4A:76:D9:7D:1D:71:AB:2E:1F:6A:28:B0:6D:65:87
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e362e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.6.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:9f:df:46:dc:16:52:0d:8c:76:b6:98:24:2f:b5:92:c7:3b:
0f:94:07:ac:6d:b2:d1:1f:c2:96:a2:1e:3a:6c:f7:6a:d8:45:
90:71:67:b2:c4:47:54:8b:0e:48:fd:a3:6b:50:67:ad:d9:31:
ea:d1:1a:dc:e0:43:15:22:3e:d0:56:0a:e6:c8:7c:2b:02:34:
9f:90:5b:fc:99:6e:8c:26:07:2a:6c:85:da:9e:76:3e:3b:3c:
b9:75:77:60:dc:1e:17:27:db:86:55:67:24:69:58:aa:0b:fb:
e5:49:27:92:0f:ac:21:e0:28:44:7d:ef:20:9f:91:ed:e2:20:
11:61:de:cd:1a:0d:08:27:4b:b4:4e:21:6c:7a:66:07:5b:4e:
2c:60:98:f2:47:ba:75:7b:f8:db:60:52:d3:87:b4:94:76:91:
ff:9d:df:02:ef:b6:d5:c7:c1:d8:bc:67:c4:ec:8c:4d:23:c4:
ad:c2:39:ed:fe:7a:06:f9:3c:08:7c:bf:85:0d:d1:59:17:ea:
ea:a5:a7:ab:ee:ee:ae:e0:41:32:8a:e1:6c:0b:f0:77:e0:af:
fd:ad:5f:0e:62:25:49:c8:b0:6d:6d:f3:d7:ce:24:27:24:ad:
63:91:8b:aa:03:7a:f2:a3:05:af:f2:a0:62:d5:53:ea:71:81:
97:94:98:b0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVQjPlhD9mS8MucFLUVuO1GsxBSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzBaFw0yNTAyMjQwODUzMzBaMDMxMTAvBgNV
BAMTKDRCQzU4QUU4NjM0QTc2RDk3RDFENzFBQjJFMUY2QTI4QjA2RDY1ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjVsy3uFyfiULMNfFGOg2iR60D
Bpu8hFtewv0lUlw6RWDtm9E1C7ERNuBh6sWJ9FqGyzVzAr3g4ZZ1o7Le3XS7Ccuh
E+pliszwjcwNX5g1siBL9dCNJHmE476pfpoXZGk/RcUSrzALMrMbnfb/6MmUsP/w
h7Eke0c1NSCF3yhs7EdYUz3G4/BfX+AtO4ZL3ZwZqh5FDzEVhydZRB6v1UJWLQOa
7WMUGcuknAO1gl6DbSYrCRZuih4E4xXqrP9SChVo7ob4uDhPfJphwa/yAtsyTChH
EQHJB1csOt9aYyLXcarTYrXb9OQagn2IxkxCDScZARhcATPBerLLR0VlSnfdAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUS8WK6GNKdtl9HXGrLh9qKLBtZYcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzYyZTMw
MmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWMAYw
DQYJKoZIhvcNAQELBQADggEBAC6f30bcFlINjHa2mCQvtZLHOw+UB6xtstEfwpai
Hjps92rYRZBxZ7LER1SLDkj9o2tQZ63ZMerRGtzgQxUiPtBWCubIfCsCNJ+QW/yZ
bowmBypshdqedj47PLl1d2DcHhcn24ZVZyRpWKoL++VJJ5IPrCHgKER97yCfke3i
IBFh3s0aDQgnS7ROIWx6ZgdbTixgmPJHunV7+NtgUtOHtJR2kf+d3wLvttXHwdi8
Z8TsjE0jxK3COe3+egb5PAh8v4UN0VkX6uqlp6vu7q7gQTKK4WwL8Hfgr/2tXw5i
JUnIsG1t89fOJCckrWORi6oDevKjBa/yoGLVU+pxgZeUmLA=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org