Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
File: 38332e3137312e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: qDllAD62U5Iu3t87KPTaU71urVcUvKTfMKolREqtUvk=
Subject key identifier: 43:B4:69:2F:30:65:A3:81:F6:ED:69:33:75:24:D0:A4:3D:EA:06:1B
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 5DB026934456EB951E825C15B9CDE77BF3427733
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:48 +0000
ROA not before: Mon 26 Feb 2024 08:48:48 +0000
ROA not after: Mon 24 Feb 2025 08:53:48 +0000
asID: 51167
IP address blocks: 83.171.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b0:26:93:44:56:eb:95:1e:82:5c:15:b9:cd:e7:7b:f3:42:77:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:48 2024 GMT
Not After : Feb 24 08:53:48 2025 GMT
Subject: CN=43B4692F3065A381F6ED69337524D0A43DEA061B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cd:82:5c:1e:3d:9e:0d:63:2c:29:5c:6d:c9:
a8:96:50:5a:ef:72:47:b8:66:a0:4a:35:e4:28:46:
a9:10:8a:47:4a:db:55:6f:ca:47:75:fa:65:c3:bf:
14:0c:10:88:95:ec:87:2b:9a:b7:64:c9:11:62:51:
f1:87:f6:fb:68:f4:fb:5f:93:98:0c:e4:27:93:98:
60:c4:e2:30:72:a3:d9:bb:06:4c:a2:94:46:b6:72:
0f:06:28:6e:c4:3e:97:a2:68:7f:18:6b:4c:76:d1:
1c:8d:ad:1c:9e:dc:65:e1:e9:1f:45:25:30:a4:8e:
bc:1f:78:f0:28:eb:9c:5d:38:85:2e:31:92:86:ed:
1b:54:f3:3d:ae:62:de:fc:c1:ce:84:aa:77:98:86:
43:14:e3:12:80:ac:6c:7d:eb:2b:2a:cc:3e:9f:34:
52:0c:c7:ba:81:e6:2b:0d:28:e4:3c:86:0f:f9:4a:
c2:9d:a2:84:03:48:fa:b0:a1:2b:e9:6f:f2:e6:30:
0f:cf:45:03:a9:a8:98:6d:30:0d:32:09:69:25:29:
c2:3a:ea:64:5d:c2:52:4e:04:c4:e5:2d:60:a5:8c:
3b:c7:8e:15:d1:82:cf:27:fb:79:a1:23:9b:1e:e0:
e4:fb:e6:95:82:89:19:18:72:14:f5:49:81:25:c2:
2f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B4:69:2F:30:65:A3:81:F6:ED:69:33:75:24:D0:A4:3D:EA:06:1B
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.248.0/23
Signature Algorithm: sha256WithRSAEncryption
72:4a:74:4d:95:dc:29:9e:fb:54:ac:2e:12:30:2a:3a:96:99:
f6:13:37:91:0a:10:dc:9b:a7:74:d2:66:cc:8e:bd:49:d2:39:
ad:6b:74:b4:35:67:7c:6a:80:52:59:03:1a:f1:a5:9f:94:f8:
b9:1d:61:45:e1:a0:25:02:67:fb:f4:7f:79:41:d1:dd:33:d5:
a3:04:6c:fb:bd:f7:71:5d:be:74:c3:78:09:ba:76:e5:67:01:
77:48:ba:44:b0:7c:76:e2:62:4d:41:5d:1f:a2:d5:27:5e:d5:
b1:dd:fb:0d:73:a3:3b:df:d6:06:04:e9:08:d0:19:d0:09:7c:
a8:7c:4c:e5:51:4b:92:2d:55:ac:2f:00:92:d6:1a:59:b3:f1:
a2:6b:cc:a9:94:f5:50:c5:df:40:a0:01:7c:42:14:c2:79:ed:
c6:87:af:d9:b7:49:29:40:c8:cf:f2:72:82:b7:5b:d6:eb:ba:
62:8c:54:4e:99:59:6d:b9:39:3f:32:d2:08:3c:25:a1:9b:ce:
ad:93:35:42:a5:a3:ad:8e:6a:15:d3:6f:75:e3:16:6b:a2:d1:
bb:d7:0d:da:89:70:52:99:7b:4d:75:7e:2a:06:60:c5:62:b5:
5c:a0:9c:0a:21:60:83:ef:79:74:e5:e7:03:ad:11:90:b0:f5:
4b:6a:1b:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXbAmk0RW65UeglwVuc3ne/NCdzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NDhaFw0yNTAyMjQwODUzNDhaMDMxMTAvBgNV
BAMTKDQzQjQ2OTJGMzA2NUEzODFGNkVENjkzMzc1MjREMEE0M0RFQTA2MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjzYJcHj2eDWMsKVxtyaiWUFrv
cke4ZqBKNeQoRqkQikdK21Vvykd1+mXDvxQMEIiV7IcrmrdkyRFiUfGH9vto9Ptf
k5gM5CeTmGDE4jByo9m7BkyilEa2cg8GKG7EPpeiaH8Ya0x20RyNrRye3GXh6R9F
JTCkjrwfePAo65xdOIUuMZKG7RtU8z2uYt78wc6EqneYhkMU4xKArGx96ysqzD6f
NFIMx7qB5isNKOQ8hg/5SsKdooQDSPqwoSvpb/LmMA/PRQOpqJhtMA0yCWklKcI6
6mRdwlJOBMTlLWCljDvHjhXRgs8n+3mhI5se4OT75pWCiRkYchT1SYElwi8LAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQ7RpLzBlo4H27WkzdSTQpD3qBhswHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzMzJlMzEzNzMxMmUzMjM0
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
U6v4MA0GCSqGSIb3DQEBCwUAA4IBAQBySnRNldwpnvtUrC4SMCo6lpn2EzeRChDc
m6d00mbMjr1J0jmta3S0NWd8aoBSWQMa8aWflPi5HWFF4aAlAmf79H95QdHdM9Wj
BGz7vfdxXb50w3gJunblZwF3SLpEsHx24mJNQV0fotUnXtWx3fsNc6M739YGBOkI
0BnQCXyofEzlUUuSLVWsLwCS1hpZs/Gia8yplPVQxd9AoAF8QhTCee3Gh6/Zt0kp
QMjP8nKCt1vW67pijFROmVltuTk/MtIIPCWhm86tkzVCpaOtjmoV02914xZrotG7
1w3aiXBSmXtNdX4qBmDFYrVcoJwKIWCD73l05ecDrRGQsPVLahsT
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:03 2024 by rpki-client on console-ams.rpki-client.org