Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
File: 38392e3134372e3130322e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: wJtqngKbtOr3zlb543MsGBWMJjCgUKa92kzFFkXatBY=
Subject key identifier: 2A:F7:EF:B0:07:53:5B:B2:8F:15:0C:10:BE:38:C2:A4:51:DF:BA:1F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3340C755A501B0323F2560582AC88D8F59BF5D8C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
Signing time: Thu 30 May 2024 20:38:54 +0000
ROA not before: Thu 30 May 2024 20:33:54 +0000
ROA not after: Thu 29 May 2025 20:38:54 +0000
asID: 51167
IP address blocks: 89.147.102.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:40:c7:55:a5:01:b0:32:3f:25:60:58:2a:c8:8d:8f:59:bf:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 30 20:33:54 2024 GMT
Not After : May 29 20:38:54 2025 GMT
Subject: CN=2AF7EFB007535BB28F150C10BE38C2A451DFBA1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:51:ee:4b:84:48:62:16:8a:3c:34:15:92:b0:
0c:3b:6f:b2:51:61:03:9f:3b:b9:3d:30:2f:f5:f7:
dd:58:cd:8e:6a:7a:00:dd:a4:af:d8:9c:8d:78:58:
a7:3e:71:61:95:72:d6:ba:37:a1:ea:25:7a:47:61:
47:66:cc:68:d2:5a:3e:9e:5b:2e:0c:e4:5e:fb:7b:
c1:9d:1e:69:e2:36:3d:38:4e:62:5d:15:b2:ea:b5:
e9:03:ec:47:52:ea:53:fe:93:3a:32:d9:6f:30:b6:
42:42:ba:0a:bb:f4:11:d5:4f:5a:8c:8a:42:00:93:
5b:45:51:96:cc:a1:98:90:54:c1:56:19:0e:1a:84:
5a:2a:84:b4:23:05:50:bd:e4:d3:de:d4:c0:e8:d9:
2b:94:ee:0f:13:41:84:f1:fc:89:80:33:d7:e5:80:
19:64:6b:84:ef:f8:6d:40:fd:c3:a0:1b:1e:b5:3b:
69:05:b0:eb:1e:7c:d6:68:23:40:07:4a:ec:6b:90:
d5:b9:38:70:a0:c8:03:a0:1e:0d:5e:ce:9e:1d:36:
39:dd:29:1c:37:0c:fc:a6:dc:d6:21:b6:f0:60:0a:
5a:33:5c:c0:65:dd:32:6b:f9:d5:c3:34:44:4c:07:
c0:dc:f5:6f:3d:8a:13:56:b7:6c:fd:11:f6:30:ae:
2b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F7:EF:B0:07:53:5B:B2:8F:15:0C:10:BE:38:C2:A4:51:DF:BA:1F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.102.0/23
Signature Algorithm: sha256WithRSAEncryption
73:01:c2:c8:87:f5:b7:db:bf:44:1f:a7:4c:13:f7:1e:bf:58:
10:0a:72:48:9e:56:56:65:7f:67:59:04:a1:27:a1:52:61:f3:
51:43:95:12:33:78:e6:0e:55:ed:eb:14:7c:86:08:a2:4c:d1:
ab:60:fd:c0:4a:a2:4d:a3:ab:96:0f:28:da:0e:88:ed:70:c8:
ee:fe:00:1c:13:83:32:10:d7:6d:6a:ab:c8:f6:09:be:ea:32:
06:19:70:7d:16:4b:fb:e9:a1:e3:83:ff:84:b7:d4:e6:3e:8a:
71:9b:5b:98:a2:d1:8a:ea:00:9c:63:e2:07:80:c4:f4:af:ca:
ff:cb:21:90:51:1b:36:77:08:00:5c:79:9a:57:90:83:7b:28:
66:e7:71:03:4a:da:5f:c2:0c:ed:31:19:cc:73:dd:0d:c6:2d:
40:fa:14:da:86:e1:c5:06:6b:c5:6b:e6:20:d4:41:46:0b:da:
4d:94:83:4e:0e:ce:18:e7:a8:36:02:f5:b3:00:bb:86:15:7a:
ce:55:46:49:1a:17:7a:fc:e1:ee:b0:39:20:dc:b8:bc:e1:de:
dd:b2:27:86:fb:b3:41:46:ab:07:9d:a8:46:68:96:1e:4e:bc:
4b:75:67:b4:17:d3:c3:75:e6:a4:0c:b1:5d:80:ae:e6:49:ff:
52:e4:28:49
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM0DHVaUBsDI/JWBYKsiNj1m/XYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MzAyMDMzNTRaFw0yNTA1MjkyMDM4NTRaMDMxMTAvBgNV
BAMTKDJBRjdFRkIwMDc1MzVCQjI4RjE1MEMxMEJFMzhDMkE0NTFERkJBMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsUe5LhEhiFoo8NBWSsAw7b7JR
YQOfO7k9MC/1991YzY5qegDdpK/YnI14WKc+cWGVcta6N6HqJXpHYUdmzGjSWj6e
Wy4M5F77e8GdHmniNj04TmJdFbLqtekD7EdS6lP+kzoy2W8wtkJCugq79BHVT1qM
ikIAk1tFUZbMoZiQVMFWGQ4ahFoqhLQjBVC95NPe1MDo2SuU7g8TQYTx/ImAM9fl
gBlka4Tv+G1A/cOgGx61O2kFsOsefNZoI0AHSuxrkNW5OHCgyAOgHg1ezp4dNjnd
KRw3DPym3NYhtvBgClozXMBl3TJr+dXDNERMB8Dc9W89ihNWt2z9EfYwriutAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKvfvsAdTW7KPFQwQvjjCpFHfuh8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzOTJlMzEzNDM3MmUzMTMw
MzIyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
WZNmMA0GCSqGSIb3DQEBCwUAA4IBAQBzAcLIh/W3279EH6dME/cev1gQCnJInlZW
ZX9nWQShJ6FSYfNRQ5USM3jmDlXt6xR8hgiiTNGrYP3ASqJNo6uWDyjaDojtcMju
/gAcE4MyENdtaqvI9gm+6jIGGXB9Fkv76aHjg/+Et9TmPopxm1uYotGK6gCcY+IH
gMT0r8r/yyGQURs2dwgAXHmaV5CDeyhm53EDStpfwgztMRnMc90Nxi1A+hTahuHF
BmvFa+Yg1EFGC9pNlINODs4Y56g2AvWzALuGFXrOVUZJGhd6/OHusDkg3Li84d7d
sieG+7NBRqsHnahGaJYeTrxLdWe0F9PDdeakDLFdgK7mSf9S5ChJ
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:59 2024 by rpki-client on console-fra.rpki-client.org