Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/38332e39372e3131342e302f32342d3234203d3e20323039383534.roa
File: 38332e39372e3131342e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: RaCMgqle7r6fRiIIIW6GLOcKJEiV4HQ05+qdiseFP+g=
Subject key identifier: FC:69:C3:25:74:F7:1E:68:A6:C2:4F:D6:70:C9:FA:DC:06:AE:65:A5
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 46257838A6B9AC71277493E560070ABA47514683
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/38332e39372e3131342e302f32342d3234203d3e20323039383534.roa
Signing time: Tue 30 Jul 2024 14:04:28 +0000
ROA not before: Tue 30 Jul 2024 13:59:28 +0000
ROA not after: Tue 29 Jul 2025 14:04:28 +0000
asID: 209854
IP address blocks: 83.97.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:25:78:38:a6:b9:ac:71:27:74:93:e5:60:07:0a:ba:47:51:46:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jul 30 13:59:28 2024 GMT
Not After : Jul 29 14:04:28 2025 GMT
Subject: CN=FC69C32574F71E68A6C24FD670C9FADC06AE65A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5a:d8:bc:78:8c:9a:af:89:4e:e7:97:ce:39:
ce:43:17:3d:55:b3:06:7f:32:46:09:5b:77:58:94:
55:45:1d:54:67:4b:3e:9a:e1:0f:d1:16:25:ac:71:
cd:82:0f:3a:5c:c7:32:db:4b:60:73:60:2b:54:8f:
7c:15:ff:78:4b:79:da:80:d5:8b:21:5f:91:fe:c6:
6a:31:9c:ac:51:08:14:52:46:80:a2:49:a4:db:09:
1b:08:dc:aa:5d:43:3f:1c:bc:63:8c:6b:c2:76:94:
3b:2f:9f:88:1a:ef:74:65:14:a4:01:1c:ff:ab:45:
3b:40:ed:1e:2b:79:4c:84:eb:8f:d1:84:2b:1c:17:
a5:2b:82:e7:3b:02:79:30:bf:2b:93:24:fb:04:13:
22:04:f9:9c:7d:5b:bd:fa:65:5d:c6:28:0c:76:12:
a9:2c:df:f7:5d:81:95:8d:ca:2c:c6:0f:72:6f:fb:
9a:0d:51:90:e6:47:88:11:ae:c6:c0:26:cf:05:fb:
99:d1:42:2c:b6:d3:56:28:6c:12:c9:e2:e6:33:25:
68:77:6b:ba:1f:bd:49:5f:d5:d2:38:a1:ce:b6:6c:
6e:78:97:b4:03:27:a7:47:fd:5c:28:6d:3f:21:f6:
07:92:85:91:54:71:51:81:aa:98:13:28:b7:22:d2:
4f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:69:C3:25:74:F7:1E:68:A6:C2:4F:D6:70:C9:FA:DC:06:AE:65:A5
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/38332e39372e3131342e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.114.0/24
Signature Algorithm: sha256WithRSAEncryption
03:07:ca:f8:41:2e:a6:aa:a5:86:97:10:15:7d:b9:b1:02:34:
b8:01:89:f7:76:73:a7:69:5a:e0:b9:fc:a6:0b:90:9b:cc:01:
e8:f7:3e:bc:63:7d:1c:f0:94:81:5a:0e:51:73:c7:d3:5b:43:
05:92:37:dd:f2:3d:74:96:73:3a:09:f8:e9:92:df:10:c2:dc:
47:36:42:14:d7:0a:c8:30:32:76:8b:06:18:27:62:eb:e0:66:
8d:d9:2e:9b:f8:85:6e:14:97:c6:ec:30:5f:e8:3e:92:03:15:
11:f8:b6:d4:a7:36:55:be:60:b0:23:24:b1:1c:ff:67:cd:b2:
bb:a8:bd:ff:f1:4c:87:a5:af:a5:e0:04:4d:78:ad:2d:45:21:
75:f4:fe:e5:05:0a:65:d3:3a:bf:19:81:0b:38:b9:e8:a5:1e:
97:01:26:a4:5c:ed:b3:fc:88:3e:80:6c:74:3d:9c:84:2e:b2:
ea:11:6a:70:b5:12:c5:b0:a6:d5:ba:bc:9b:ce:e7:5e:0d:a0:
9d:8c:30:46:83:9a:cb:95:18:02:b9:de:36:df:7e:d5:37:d5:
b8:01:c6:88:40:20:11:86:c7:5d:43:74:b8:1b:3d:5d:c6:4c:
01:69:c5:5f:89:e9:79:a0:3b:8d:cf:05:67:12:91:00:8f:db:
77:c9:a9:30
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURiV4OKa5rHEndJPlYAcKukdRRoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA3MzAxMzU5MjhaFw0yNTA3MjkxNDA0MjhaMDMxMTAvBgNV
BAMTKEZDNjlDMzI1NzRGNzFFNjhBNkMyNEZENjcwQzlGQURDMDZBRTY1QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvWti8eIyar4lO55fOOc5DFz1V
swZ/MkYJW3dYlFVFHVRnSz6a4Q/RFiWscc2CDzpcxzLbS2BzYCtUj3wV/3hLedqA
1YshX5H+xmoxnKxRCBRSRoCiSaTbCRsI3KpdQz8cvGOMa8J2lDsvn4ga73RlFKQB
HP+rRTtA7R4reUyE64/RhCscF6Urguc7AnkwvyuTJPsEEyIE+Zx9W736ZV3GKAx2
Eqks3/ddgZWNyizGD3Jv+5oNUZDmR4gRrsbAJs8F+5nRQiy201YobBLJ4uYzJWh3
a7ofvUlf1dI4oc62bG54l7QDJ6dH/VwobT8h9geShZFUcVGBqpgTKLci0k/1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/GnDJXT3Hmimwk/WcMn63AauZaUwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzgzMzJlMzkzNzJlMzEzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzgzNTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
U2FyMA0GCSqGSIb3DQEBCwUAA4IBAQADB8r4QS6mqqWGlxAVfbmxAjS4AYn3dnOn
aVrgufymC5CbzAHo9z68Y30c8JSBWg5Rc8fTW0MFkjfd8j10lnM6Cfjpkt8QwtxH
NkIU1wrIMDJ2iwYYJ2Lr4GaN2S6b+IVuFJfG7DBf6D6SAxUR+LbUpzZVvmCwIySx
HP9nzbK7qL3/8UyHpa+l4ARNeK0tRSF19P7lBQpl0zq/GYELOLnopR6XASakXO2z
/Ig+gGx0PZyELrLqEWpwtRLFsKbVurybzudeDaCdjDBGg5rLlRgCud42337VN9W4
AcaIQCARhsddQ3S4Gz1dxkwBacVfiel5oDuNzwVnEpEAj9t3yakw
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:45 2024 by rpki-client on console-ams.rpki-client.org