Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
File: 38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rs90gmyd2b6KtFFFK5f6wEUnbuA0cWQuWhNmsmsCuqs=
Subject key identifier: D2:93:4F:02:44:1F:4E:B2:7C:BA:BA:F2:90:66:CC:CD:68:45:6E:E5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4AD2DF234A8AD706CB628B657F624FD25E85FA4E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 14 Jan 2024 18:09:27 +0000
ROA not before: Sun 14 Jan 2024 18:04:27 +0000
ROA not after: Sun 12 Jan 2025 18:09:27 +0000
asID: 136787
IP address blocks: 88.218.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:d2:df:23:4a:8a:d7:06:cb:62:8b:65:7f:62:4f:d2:5e:85:fa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 14 18:04:27 2024 GMT
Not After : Jan 12 18:09:27 2025 GMT
Subject: CN=D2934F02441F4EB27CBABAF29066CCCD68456EE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:13:8d:62:63:ff:2a:c2:af:b0:a0:22:c1:2e:
aa:3a:46:ee:94:30:89:e1:4a:7d:df:21:61:82:b2:
2f:f7:43:ed:65:ac:fd:b1:2c:55:8c:73:90:ce:d4:
33:7f:db:23:80:07:19:7f:ce:d2:b2:38:dd:8d:fe:
92:4f:db:b7:ca:7f:24:56:73:56:6b:a9:88:e1:48:
13:86:9c:df:4c:d2:aa:48:21:cc:96:4a:44:9f:ed:
8a:72:a9:56:eb:69:5a:3f:6c:b1:c8:4a:0a:d3:16:
c6:60:78:3a:1d:f1:b5:d0:2c:a7:4d:81:c5:26:ef:
5a:90:79:a6:c4:72:47:7f:de:20:38:54:12:b4:68:
24:d0:6e:90:6a:ae:35:eb:ee:77:08:13:5a:28:34:
05:87:8f:ce:98:6d:ef:04:ee:dd:8d:17:14:f6:20:
de:ff:b6:a6:e2:c4:15:6b:45:d6:c7:4a:43:ff:fe:
a5:85:2f:fd:44:da:4a:10:fe:36:a1:1b:33:e9:9b:
f6:5d:34:31:53:90:88:6a:42:a0:dc:55:15:30:8c:
57:16:76:64:51:58:08:75:0c:b3:0e:14:55:d3:9a:
1e:20:0f:e3:08:0d:2a:8e:d0:98:21:fa:f1:48:1d:
16:79:88:16:29:2e:67:f3:33:fa:1a:1e:04:11:73:
7c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:93:4F:02:44:1F:4E:B2:7C:BA:BA:F2:90:66:CC:CD:68:45:6E:E5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:78:54:2b:c0:e5:1b:2e:5d:f7:50:7d:95:b4:1f:f5:70:d4:
93:66:93:1b:50:7a:57:90:7d:1d:02:fb:94:60:e4:6c:fe:06:
5d:56:26:42:91:c8:c8:10:76:ff:b9:3e:9c:ee:ee:bb:e7:01:
9e:b7:ce:39:92:29:27:a6:05:17:ea:51:4a:6c:6b:2b:cd:c1:
1f:28:e2:10:bc:34:aa:d0:c7:a2:dc:1c:80:de:bf:ce:ac:2c:
18:f8:bf:f9:64:20:63:d2:ba:44:ae:40:51:5c:c6:e2:12:0e:
26:c3:8b:86:2c:9d:2f:f7:6b:f2:18:fb:5e:d1:bb:7d:0f:8e:
19:84:3e:78:e5:25:ad:bf:4a:2b:58:83:ae:03:e6:0f:01:ef:
36:51:c2:ab:28:ba:61:ef:a8:63:c7:5a:09:d9:c4:d3:02:7c:
98:c8:e5:4a:a6:9e:99:21:d6:61:f0:24:95:48:5b:d2:9c:95:
37:f6:bd:3e:28:c6:cd:e8:9a:a1:94:c1:a0:6f:b2:af:14:ea:
fd:da:e2:a4:3a:07:86:b4:bf:03:eb:29:63:1d:70:c4:db:9c:
32:b7:c0:c1:77:48:eb:9e:85:da:1c:1a:70:79:69:40:28:2f:
be:0e:18:17:dc:2a:e2:03:45:39:f6:21:d5:a9:e9:a4:ae:76:
b9:11:ca:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUStLfI0qK1wbLYotlf2JP0l6F+k4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODA0MjdaFw0yNTAxMTIxODA5MjdaMDMxMTAvBgNV
BAMTKEQyOTM0RjAyNDQxRjRFQjI3Q0JBQkFGMjkwNjZDQ0NENjg0NTZFRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNE41iY/8qwq+woCLBLqo6Ru6U
MInhSn3fIWGCsi/3Q+1lrP2xLFWMc5DO1DN/2yOABxl/ztKyON2N/pJP27fKfyRW
c1ZrqYjhSBOGnN9M0qpIIcyWSkSf7YpyqVbraVo/bLHISgrTFsZgeDod8bXQLKdN
gcUm71qQeabEckd/3iA4VBK0aCTQbpBqrjXr7ncIE1ooNAWHj86Ybe8E7t2NFxT2
IN7/tqbixBVrRdbHSkP//qWFL/1E2koQ/jahGzPpm/ZdNDFTkIhqQqDcVRUwjFcW
dmRRWAh1DLMOFFXTmh4gD+MIDSqO0Jgh+vFIHRZ5iBYpLmfzM/oaHgQRc3xhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0pNPAkQfTrJ8urrykGbMzWhFbuUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzODJlMzIzMTM4MmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABY2sswDQYJKoZIhvcNAQELBQADggEBAB94VCvA5RsuXfdQfZW0H/Vw1JNmkxtQ
eleQfR0C+5Rg5Gz+Bl1WJkKRyMgQdv+5Ppzu7rvnAZ63zjmSKSemBRfqUUpsayvN
wR8o4hC8NKrQx6LcHIDev86sLBj4v/lkIGPSukSuQFFcxuISDibDi4YsnS/3a/IY
+17Ru30PjhmEPnjlJa2/SitYg64D5g8B7zZRwqsoumHvqGPHWgnZxNMCfJjI5Uqm
npkh1mHwJJVIW9KclTf2vT4oxs3omqGUwaBvsq8U6v3a4qQ6B4a0vwPrKWMdcMTb
nDK3wMF3SOuehdocGnB5aUAoL74OGBfcKuIDRTn2IdWp6aSudrkRytw=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:54 2024 by rpki-client on console-ams.rpki-client.org