Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e20313336373837.roa
File: 38342e32312e3137302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: fXXYL1sJI/ajIniRatIYNiqhkqWqZyfy9gTaNokuFp8=
Subject key identifier: E3:49:3D:7A:50:E7:42:64:89:E3:ED:8E:68:25:D2:61:BB:E7:69:0E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 37E2778D3DC8725795AFDA85B3A333B0E25BDE46
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 10:59:21 +0000
ROA not before: Sun 11 Jun 2023 10:54:21 +0000
ROA not after: Sun 09 Jun 2024 10:59:21 +0000
asID: 136787
IP address blocks: 84.21.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e2:77:8d:3d:c8:72:57:95:af:da:85:b3:a3:33:b0:e2:5b:de:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Jun 11 10:54:21 2023 GMT
Not After : Jun 9 10:59:21 2024 GMT
Subject: CN=E3493D7A50E7426489E3ED8E6825D261BBE7690E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:34:ec:8e:ad:d4:7d:b7:bb:e4:33:77:36:29:
81:71:a6:52:00:43:50:6b:91:47:88:26:87:36:79:
c2:ef:81:63:47:24:91:6f:bf:5c:5b:04:0a:9a:16:
a1:9b:b5:ff:ea:16:6b:dd:5b:68:78:a2:27:05:ee:
fd:97:00:a3:79:60:7f:66:7f:7e:9b:04:54:79:4b:
8b:68:d5:da:cc:33:8b:f1:f6:0f:b8:bf:38:70:5c:
41:c7:d1:5a:59:a8:c0:e9:cc:3e:09:2a:92:19:3b:
5a:f5:d1:c1:d5:3e:58:5e:91:05:d6:97:8b:60:06:
dc:21:cc:2a:ed:88:04:03:58:d7:36:7d:65:18:29:
45:47:4a:28:d9:19:29:5d:00:3f:24:28:b4:fd:6c:
a3:05:71:36:ca:7f:f8:57:af:57:1b:26:e7:f1:03:
27:5d:eb:c2:4f:db:d4:0a:c8:94:3a:c3:c2:c1:ee:
fe:06:22:ab:a2:f7:2a:f5:93:7f:17:df:1c:a4:ac:
1d:ba:2b:5a:01:90:8a:f5:65:3a:e1:84:c4:68:46:
ce:ac:7e:37:f9:43:77:d6:85:e3:63:5f:37:58:f0:
bc:de:dd:a5:a2:fb:35:39:a9:66:6e:d1:c1:86:c2:
f0:ce:19:b9:f7:bb:38:dd:f1:19:a1:e4:75:2d:25:
f6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:49:3D:7A:50:E7:42:64:89:E3:ED:8E:68:25:D2:61:BB:E7:69:0E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.170.0/24
Signature Algorithm: sha256WithRSAEncryption
10:6d:63:a5:b9:af:33:43:fb:d6:ee:a6:33:64:4f:fe:66:0a:
aa:ad:33:50:7d:c1:a0:f1:83:67:0b:61:d9:2b:09:6c:df:2c:
7a:be:93:e1:95:b0:af:26:b0:fe:9e:04:80:7a:bf:52:4f:6c:
59:d2:d6:90:f2:d0:16:89:f9:19:2b:a5:26:d7:1f:a8:6d:e5:
a8:f0:af:e1:bc:f3:70:2f:14:f9:d7:ef:0f:71:9b:c4:45:2f:
ae:7d:f5:f5:75:92:f3:b6:07:26:0f:71:59:2a:64:c5:cd:6e:
ef:b9:aa:2f:d9:aa:04:2c:cb:aa:c7:0a:d9:4f:ef:63:10:a8:
ec:a7:be:d0:c8:81:70:65:a8:69:1e:cc:ac:1e:40:29:3f:e6:
05:7c:21:c6:98:ff:ca:10:52:59:c5:36:cb:c9:2e:c1:9b:83:
ec:10:45:c2:2d:8a:4c:25:aa:e6:dc:b9:81:ec:ff:88:19:46:
5d:9e:f7:a0:05:c7:20:7b:c8:a8:21:c2:ac:81:c5:c4:94:b8:
e3:a4:04:bc:b7:cd:b0:e0:8f:4f:2c:11:23:8e:74:b8:89:55:
be:53:a8:15:5b:cb:dd:8d:b9:51:1f:1c:e8:51:98:26:08:6c:
5f:50:0f:40:12:37:52:0e:c5:61:03:66:e1:c2:99:92:a2:e1:
2e:79:b7:71
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN+J3jT3IcleVr9qFs6MzsOJb3kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzA2MTExMDU0MjFaFw0yNDA2MDkxMDU5MjFaMDMxMTAvBgNV
BAMTKEUzNDkzRDdBNTBFNzQyNjQ4OUUzRUQ4RTY4MjVEMjYxQkJFNzY5MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClNOyOrdR9t7vkM3c2KYFxplIA
Q1BrkUeIJoc2ecLvgWNHJJFvv1xbBAqaFqGbtf/qFmvdW2h4oicF7v2XAKN5YH9m
f36bBFR5S4to1drMM4vx9g+4vzhwXEHH0VpZqMDpzD4JKpIZO1r10cHVPlhekQXW
l4tgBtwhzCrtiAQDWNc2fWUYKUVHSijZGSldAD8kKLT9bKMFcTbKf/hXr1cbJufx
Aydd68JP29QKyJQ6w8LB7v4GIqui9yr1k38X3xykrB26K1oBkIr1ZTrhhMRoRs6s
fjf5Q3fWheNjXzdY8Lze3aWi+zU5qWZu0cGGwvDOGbn3uzjd8Rmh5HUtJfatAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU40k9elDnQmSJ4+2OaCXSYbvnaQ4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzNDJlMzIzMTJlMzEzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VBWqMA0GCSqGSIb3DQEBCwUAA4IBAQAQbWOlua8zQ/vW7qYzZE/+ZgqqrTNQfcGg
8YNnC2HZKwls3yx6vpPhlbCvJrD+ngSAer9ST2xZ0taQ8tAWifkZK6Um1x+obeWo
8K/hvPNwLxT51+8PcZvERS+uffX1dZLztgcmD3FZKmTFzW7vuaov2aoELMuqxwrZ
T+9jEKjsp77QyIFwZahpHsysHkApP+YFfCHGmP/KEFJZxTbLyS7Bm4PsEEXCLYpM
Jarm3LmB7P+IGUZdnvegBccge8ioIcKsgcXElLjjpAS8t82w4I9PLBEjjnS4iVW+
U6gVW8vdjblRHxzoUZgmCGxfUA9AEjdSDsVhA2bhwpmSouEuebdx
-----END CERTIFICATE-----
Generated at Wed May 8 11:33:00 2024 by rpki-client on console-ams.rpki-client.org