Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136392e302f32342d3234203d3e20313336373837.roa
File: 38342e32312e3136392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Js469LLI+v7BHdCrSe9ZtG3x8zOpkLLUcojB6LlHDL4=
Subject key identifier: B7:FB:77:0A:EE:DC:3B:DB:7C:23:E3:16:B7:49:34:32:81:F2:27:59
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 73AC19903B154AB3F10D193637323FDB37FD238D
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:20 +0000
ROA not before: Mon 01 Apr 2024 13:58:20 +0000
ROA not after: Mon 31 Mar 2025 14:03:20 +0000
asID: 136787
IP address blocks: 84.21.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ac:19:90:3b:15:4a:b3:f1:0d:19:36:37:32:3f:db:37:fd:23:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 1 13:58:20 2024 GMT
Not After : Mar 31 14:03:20 2025 GMT
Subject: CN=B7FB770AEEDC3BDB7C23E316B749343281F22759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:04:1d:1a:73:e0:cc:df:98:7c:2d:1c:9e:19:
2f:41:81:e8:f5:8d:49:17:dc:c4:27:32:3e:35:ca:
aa:ad:4f:90:04:36:45:2f:a0:b9:73:59:7e:d8:29:
c4:54:3d:89:55:54:92:af:98:50:dc:91:b3:93:ed:
ba:3e:0c:5a:86:74:7d:c7:8a:2b:aa:6e:71:19:92:
52:9b:25:87:de:3f:05:6a:b6:6f:97:6a:09:41:bf:
55:dd:9d:a0:ae:9d:d9:6f:ec:fc:c1:fa:cb:1e:4a:
7d:8b:91:b4:ee:d0:66:aa:03:c7:32:36:41:fd:e1:
4e:a6:8e:b9:f4:7b:81:e2:62:32:58:ae:af:f3:40:
c4:23:73:b1:17:69:0f:7e:c0:db:51:e7:ef:c2:bb:
ec:2a:bb:63:e0:11:41:80:71:87:6f:3b:2a:c3:0b:
71:a5:99:4c:8e:40:70:e4:93:9f:5f:bf:e3:e6:c5:
90:22:d5:03:58:50:5b:be:24:e1:fe:4d:d4:59:be:
42:c9:97:28:9a:14:0d:0e:0e:08:bc:5b:d5:d2:3e:
26:1c:1e:32:66:1c:a1:73:eb:d5:97:a1:1e:53:43:
e1:8d:1a:b3:c2:ba:6f:5a:81:a8:37:a5:85:e3:c1:
dc:b2:79:60:e5:48:04:de:94:9b:5d:23:82:b6:dd:
d9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FB:77:0A:EE:DC:3B:DB:7C:23:E3:16:B7:49:34:32:81:F2:27:59
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.169.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:45:ce:3f:4c:fd:90:15:ab:24:9a:3f:a2:e9:c8:fc:41:d6:
e2:fd:f2:1b:f9:5b:3d:4b:d2:c6:49:20:a9:e5:b7:99:e4:75:
ad:3a:8c:bd:2f:6d:f6:4f:88:48:d4:d7:3e:12:1e:46:0a:ed:
24:e0:56:1e:6f:9a:13:94:23:04:56:05:80:91:0f:65:86:ad:
eb:45:77:b1:da:27:a8:90:37:68:dd:0e:82:1d:b5:9c:17:02:
87:76:0a:4f:e4:00:04:0b:3b:d2:f4:aa:de:19:f8:9f:41:3a:
5d:5f:c4:db:c6:01:e4:bc:c4:cf:8b:7a:5f:dd:7a:f5:c9:78:
e3:ba:be:8e:4d:99:f9:1e:80:c5:e4:a7:f4:60:a6:a6:7b:14:
53:f3:91:fa:a5:4c:a4:67:0c:e3:35:0c:81:28:e6:6e:e7:d7:
83:bc:e2:44:6c:f0:c9:d9:a5:e3:d2:8f:6a:3a:2e:d0:5c:cb:
11:f0:6c:c1:09:68:6f:0b:05:74:78:cc:a3:43:f5:ec:61:52:
da:d8:b3:ac:25:ef:80:9c:75:f2:a6:ac:11:87:73:1c:f8:26:
65:6e:ba:e4:7d:b4:e7:7c:30:2e:55:5b:40:35:22:29:81:65:
69:cc:c0:89:65:5d:1c:72:1e:2d:98:ae:63:8d:b4:c7:d0:d4:
b0:33:1d:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc6wZkDsVSrPxDRk2NzI/2zf9I40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDA0MDExMzU4MjBaFw0yNTAzMzExNDAzMjBaMDMxMTAvBgNV
BAMTKEI3RkI3NzBBRUVEQzNCREI3QzIzRTMxNkI3NDkzNDMyODFGMjI3NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6BB0ac+DM35h8LRyeGS9Bgej1
jUkX3MQnMj41yqqtT5AENkUvoLlzWX7YKcRUPYlVVJKvmFDckbOT7bo+DFqGdH3H
iiuqbnEZklKbJYfePwVqtm+XaglBv1XdnaCundlv7PzB+sseSn2LkbTu0GaqA8cy
NkH94U6mjrn0e4HiYjJYrq/zQMQjc7EXaQ9+wNtR5+/Cu+wqu2PgEUGAcYdvOyrD
C3GlmUyOQHDkk59fv+PmxZAi1QNYUFu+JOH+TdRZvkLJlyiaFA0ODgi8W9XSPiYc
HjJmHKFz69WXoR5TQ+GNGrPCum9agag3pYXjwdyyeWDlSATelJtdI4K23dkZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUt/t3Cu7cO9t8I+MWt0k0MoHyJ1kwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzNDJlMzIzMTJlMzEzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VBWpMA0GCSqGSIb3DQEBCwUAA4IBAQA7Rc4/TP2QFaskmj+i6cj8Qdbi/fIb+Vs9
S9LGSSCp5beZ5HWtOoy9L232T4hI1Nc+Eh5GCu0k4FYeb5oTlCMEVgWAkQ9lhq3r
RXex2ieokDdo3Q6CHbWcFwKHdgpP5AAECzvS9KreGfifQTpdX8TbxgHkvMTPi3pf
3Xr1yXjjur6OTZn5HoDF5Kf0YKamexRT85H6pUykZwzjNQyBKOZu59eDvOJEbPDJ
2aXj0o9qOi7QXMsR8GzBCWhvCwV0eMyjQ/XsYVLa2LOsJe+AnHXypqwRh3Mc+CZl
brrkfbTnfDAuVVtANSIpgWVpzMCJZV0cch4tmK5jjbTH0NSwMx1Y
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:27 2024 by rpki-client on console-fra.rpki-client.org