Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
File: 38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /MXZJxsX6UtELAwKOaM40bqnJmapPSYXhzrmAQZZqmE=
Subject key identifier: 6F:5A:EC:48:D2:AD:3D:FE:A9:30:A6:F6:CA:5D:CA:64:93:B6:26:F0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 289C193767CCE9C27ED5D03B2CBA380282ABF81F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:09:19 +0000
ROA not before: Sun 14 Jan 2024 18:04:19 +0000
ROA not after: Sun 12 Jan 2025 18:09:19 +0000
asID: 136787
IP address blocks: 88.218.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:9c:19:37:67:cc:e9:c2:7e:d5:d0:3b:2c:ba:38:02:82:ab:f8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:04:19 2024 GMT
Not After : Jan 12 18:09:19 2025 GMT
Subject: CN=6F5AEC48D2AD3DFEA930A6F6CA5DCA6493B626F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d2:c9:b0:7d:d4:1e:97:74:2d:5e:c2:78:c3:
d4:e5:6d:ad:27:5f:2f:b5:7a:a6:b2:09:48:cb:4b:
37:14:47:a1:b4:ce:4f:b3:4d:65:ef:0b:a1:dd:8b:
17:fd:20:ba:14:a3:67:2f:7a:8e:ca:8e:40:0d:b5:
02:f5:e8:cb:73:1d:2e:28:3f:0d:32:4e:db:fa:de:
19:d6:2d:87:95:2c:ac:0a:42:74:fe:f1:13:92:ab:
19:de:e8:86:be:8a:99:37:d5:a5:8e:d6:20:31:d0:
3e:fb:eb:a9:8b:e0:f7:49:77:bf:7f:47:e2:c5:be:
7f:3d:34:e9:5c:a5:f5:8c:9f:1f:46:f5:71:d9:06:
42:da:b4:e2:51:8f:46:68:98:6b:9b:d9:92:0b:32:
10:e4:1a:6c:26:75:cd:eb:6a:7d:3c:51:06:4b:dd:
38:b7:3b:12:2e:75:d0:8b:78:5f:b9:19:c2:20:39:
51:d2:ff:c1:9b:15:61:3c:f6:d0:60:57:82:d1:bb:
ea:5e:16:01:a9:9b:df:ce:aa:bb:28:80:80:cd:b1:
89:70:f4:d4:4a:18:43:24:a0:5a:05:a8:7b:c6:4a:
3d:41:1e:72:9a:90:a5:a6:18:50:4b:d0:43:8d:94:
cd:26:66:30:13:d6:ae:f3:f3:d5:1d:4a:99:22:08:
6f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5A:EC:48:D2:AD:3D:FE:A9:30:A6:F6:CA:5D:CA:64:93:B6:26:F0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.202.0/24
Signature Algorithm: sha256WithRSAEncryption
83:51:0b:a9:60:ab:bd:0a:fc:11:01:d4:51:68:b6:17:ca:8b:
99:83:a1:4d:e9:57:67:8f:e1:31:75:9d:ad:35:03:ad:03:65:
36:d7:f4:93:99:d8:58:8c:2f:00:35:c5:82:9f:10:ff:24:2c:
4a:c6:bc:7f:c8:a8:c6:f9:a6:21:66:a2:31:73:df:e9:73:e0:
fd:d1:3a:8d:83:73:1d:1e:ee:84:ca:36:44:47:21:b7:af:e6:
b3:29:c9:d8:6b:6a:59:e9:55:70:5d:7e:be:13:7f:a5:e8:f9:
b4:88:47:d1:c2:49:fd:cb:d6:b9:76:bf:ed:a8:0d:2b:06:dd:
8c:e0:3a:32:16:d0:4a:6f:48:6e:ea:c7:01:d2:12:fc:ae:b2:
ba:a7:5a:f0:8e:1d:6b:9a:69:a2:77:6c:6b:34:60:94:ee:be:
88:94:73:1a:fd:2c:7c:45:76:84:bd:df:50:fd:c1:93:07:f8:
b0:be:a5:04:14:4a:2f:88:45:30:8a:aa:72:6c:f2:58:05:c8:
5a:f0:f9:b4:9a:e3:20:07:4f:29:04:89:5e:e7:e4:68:51:a3:
52:cb:47:27:62:d5:58:65:fa:8f:7b:3b:03:9b:0f:38:90:3a:
62:df:93:5a:d2:e7:67:74:dd:4e:08:10:a1:61:6b:32:78:7b:
e8:61:68:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKJwZN2fM6cJ+1dA7LLo4AoKr+B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODA0MTlaFw0yNTAxMTIxODA5MTlaMDMxMTAvBgNV
BAMTKDZGNUFFQzQ4RDJBRDNERkVBOTMwQTZGNkNBNURDQTY0OTNCNjI2RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ0smwfdQel3QtXsJ4w9Tlba0n
Xy+1eqayCUjLSzcUR6G0zk+zTWXvC6Hdixf9ILoUo2cveo7KjkANtQL16MtzHS4o
Pw0yTtv63hnWLYeVLKwKQnT+8ROSqxne6Ia+ipk31aWO1iAx0D7766mL4PdJd79/
R+LFvn89NOlcpfWMnx9G9XHZBkLatOJRj0ZomGub2ZILMhDkGmwmdc3ran08UQZL
3Ti3OxIuddCLeF+5GcIgOVHS/8GbFWE89tBgV4LRu+peFgGpm9/OqrsogIDNsYlw
9NRKGEMkoFoFqHvGSj1BHnKakKWmGFBL0EONlM0mZjAT1q7z89UdSpkiCG9fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUb1rsSNKtPf6pMKb2yl3KZJO2JvAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzODJlMzIzMTM4MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABY2sowDQYJKoZIhvcNAQELBQADggEBAINRC6lgq70K/BEB1FFothfKi5mDoU3p
V2eP4TF1na01A60DZTbX9JOZ2FiMLwA1xYKfEP8kLErGvH/IqMb5piFmojFz3+lz
4P3ROo2Dcx0e7oTKNkRHIbev5rMpydhralnpVXBdfr4Tf6Xo+bSIR9HCSf3L1rl2
v+2oDSsG3YzgOjIW0EpvSG7qxwHSEvyusrqnWvCOHWuaaaJ3bGs0YJTuvoiUcxr9
LHxFdoS931D9wZMH+LC+pQQUSi+IRTCKqnJs8lgFyFrw+bSa4yAHTykEiV7n5GhR
o1LLRydi1Vhl+o97OwObDziQOmLfk1rS52d03U4IEKFhazJ4e+hhaBo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:49 2024 by rpki-client on console-ams.rpki-client.org