Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130312e302f32342d3234203d3e20313437303439.roa
File: 38392e3134372e3130312e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 9msWctKFjwKYK8uRsafEmzKpRyrXuDKhqOqFnn/ALqw=
Subject key identifier: 89:B8:01:FC:4E:D6:3C:E9:03:42:D0:84:9A:9C:11:13:13:49:E5:78
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 504024119C5AD1B32787BDB1FB4C18753021F63C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130312e302f32342d3234203d3e20313437303439.roa
Signing time: Sat 27 Apr 2024 07:48:17 +0000
ROA not before: Sat 27 Apr 2024 07:43:17 +0000
ROA not after: Sat 26 Apr 2025 07:48:17 +0000
asID: 147049
IP address blocks: 89.147.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:40:24:11:9c:5a:d1:b3:27:87:bd:b1:fb:4c:18:75:30:21:f6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 27 07:43:17 2024 GMT
Not After : Apr 26 07:48:17 2025 GMT
Subject: CN=89B801FC4ED63CE90342D0849A9C11131349E578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fc:1d:3e:60:44:88:b1:47:bb:e4:c1:8e:4e:
21:83:32:d7:0f:59:34:b9:f7:22:07:48:30:52:89:
b0:c2:75:7b:33:3f:19:7a:ff:e4:af:3a:cd:43:a2:
74:59:36:d5:04:fd:c2:10:6d:1e:ea:5b:c1:d8:2b:
b9:a4:23:ec:5c:ac:e3:bd:a6:a9:e5:5c:ad:63:06:
51:fb:fa:14:68:10:d8:2e:bd:d5:54:ac:e3:88:41:
7f:b1:f4:3b:62:0f:ff:43:0a:cf:6c:f7:88:a9:05:
3b:73:ec:d2:6c:65:e4:c0:b3:e1:83:20:67:76:0e:
70:7f:26:5d:22:3a:64:64:d8:59:dd:2c:1b:bd:f5:
29:6b:47:8f:52:82:03:ce:4b:ac:0a:d0:70:99:fa:
48:05:e3:a1:d9:e6:5f:ad:cd:03:9b:d2:39:04:53:
f1:3c:9e:7a:40:62:a5:bf:ce:e7:b7:dd:65:a5:86:
a1:97:37:7a:7b:0b:e0:e1:2c:d5:6d:f7:de:17:3c:
0f:e1:21:fa:ca:29:da:3b:94:02:89:7f:b2:65:ee:
10:00:b3:f2:93:00:47:ef:e0:80:4b:b5:b2:1d:df:
63:34:39:6e:28:26:6f:18:34:18:6f:69:d6:8b:f9:
04:4e:b5:ce:b8:5c:79:2b:fe:2e:9e:f5:41:82:72:
e8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B8:01:FC:4E:D6:3C:E9:03:42:D0:84:9A:9C:11:13:13:49:E5:78
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130312e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.101.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:85:69:d7:a2:ea:bf:14:cf:f0:0b:84:ea:82:11:6f:64:7d:
4b:07:69:93:9a:44:c2:e3:7c:7a:22:d2:c8:dd:74:dd:74:2d:
30:2d:0d:a9:46:df:7c:39:b3:13:83:d8:76:8d:86:5d:de:dc:
ae:e0:6c:fe:5b:f1:fd:0b:41:17:d1:8f:66:96:73:85:d6:67:
41:50:14:f1:e8:d9:f5:4f:e2:ca:a1:4e:fe:b4:90:4b:2e:ba:
d3:82:b6:c0:fc:c7:e6:87:cd:7b:da:48:ce:ef:5f:e8:b4:0e:
a2:a2:d9:82:65:e8:5a:62:15:5f:c2:ec:36:f5:d3:9f:64:b7:
f3:57:e6:01:2d:00:18:a4:01:0a:b9:a2:d1:c3:57:19:10:c8:
80:f5:a3:64:0a:a4:7a:6c:48:2c:43:34:5d:c4:98:5a:a7:1c:
13:ca:f8:f7:c6:b9:ab:6d:4a:33:80:47:2c:a0:1b:1e:4d:13:
a7:39:38:4c:99:ec:82:bc:bc:65:1b:71:16:ca:e8:4a:32:28:
84:24:c8:bc:4e:da:22:d7:30:3b:61:18:6f:89:88:5e:66:26:
45:d3:62:bb:f5:a3:80:86:1c:e9:a9:df:bf:0d:87:28:87:25:
6c:42:1b:53:85:0e:26:4f:2a:15:ef:bb:16:f2:4e:88:11:04:
ba:9d:38:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUEAkEZxa0bMnh72x+0wYdTAh9jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MjcwNzQzMTdaFw0yNTA0MjYwNzQ4MTdaMDMxMTAvBgNV
BAMTKDg5QjgwMUZDNEVENjNDRTkwMzQyRDA4NDlBOUMxMTEzMTM0OUU1NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/B0+YESIsUe75MGOTiGDMtcP
WTS59yIHSDBSibDCdXszPxl6/+SvOs1DonRZNtUE/cIQbR7qW8HYK7mkI+xcrOO9
pqnlXK1jBlH7+hRoENguvdVUrOOIQX+x9DtiD/9DCs9s94ipBTtz7NJsZeTAs+GD
IGd2DnB/Jl0iOmRk2FndLBu99SlrR49SggPOS6wK0HCZ+kgF46HZ5l+tzQOb0jkE
U/E8nnpAYqW/zue33WWlhqGXN3p7C+DhLNVt994XPA/hIfrKKdo7lAKJf7Jl7hAA
s/KTAEfv4IBLtbId32M0OW4oJm8YNBhvadaL+QROtc64XHkr/i6e9UGCcuiJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUibgB/E7WPOkDQtCEmpwRExNJ5XgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzOTJlMzEzNDM3MmUzMTMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABZk2UwDQYJKoZIhvcNAQELBQADggEBAD6Fadei6r8Uz/ALhOqCEW9kfUsHaZOa
RMLjfHoi0sjddN10LTAtDalG33w5sxOD2HaNhl3e3K7gbP5b8f0LQRfRj2aWc4XW
Z0FQFPHo2fVP4sqhTv60kEsuutOCtsD8x+aHzXvaSM7vX+i0DqKi2YJl6FpiFV/C
7Db1059kt/NX5gEtABikAQq5otHDVxkQyID1o2QKpHpsSCxDNF3EmFqnHBPK+PfG
uattSjOARyygGx5NE6c5OEyZ7IK8vGUbcRbK6EoyKIQkyLxO2iLXMDthGG+JiF5m
JkXTYrv1o4CGHOmp378NhyiHJWxCG1OFDiZPKhXvuxbyTogRBLqdOHY=
-----END CERTIFICATE-----
Generated at Tue May 21 21:12:37 2024 by rpki-client on console-fra.rpki-client.org