Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203631333137.roa
File: 38352e3230392e3232382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: FfnGHiuEho8SWAywvjE81YHbDOc91T4mmOCAKPzuC6U=
Subject key identifier: 37:F4:06:09:E2:E4:DB:A6:65:81:FD:F2:97:7D:64:DF:63:18:90:EB
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5174F451383EB2D289AE1F427D7537B04BC0EB4E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203631333137.roa
Signing time: Thu 14 Mar 2024 18:19:19 +0000
ROA not before: Thu 14 Mar 2024 18:14:19 +0000
ROA not after: Thu 13 Mar 2025 18:19:19 +0000
asID: 61317
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:74:f4:51:38:3e:b2:d2:89:ae:1f:42:7d:75:37:b0:4b:c0:eb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 14 18:14:19 2024 GMT
Not After : Mar 13 18:19:19 2025 GMT
Subject: CN=37F40609E2E4DBA66581FDF2977D64DF631890EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:f2:2e:dd:c4:8b:38:59:c9:61:44:43:f4:
a6:0e:24:d9:ee:43:eb:db:a3:f9:8b:68:83:c8:3d:
4d:15:84:10:f5:c4:3b:9d:13:8d:a4:d0:3e:7a:39:
ce:97:a2:4b:ed:4c:e3:90:da:3a:23:3e:a5:c6:a2:
23:cb:c0:fd:5c:b1:02:55:52:5f:d7:e4:8f:56:f4:
7d:cf:0b:6c:b5:0c:15:08:fe:b6:33:94:86:a7:55:
a4:07:20:b5:99:7f:5d:63:75:1b:30:3d:22:6f:e2:
a7:2a:06:13:9b:13:66:cc:3b:c1:91:37:5d:06:04:
05:b7:cf:8d:a4:c8:7b:9f:98:56:e0:70:3a:8c:ea:
e2:0a:c7:12:b8:02:6b:44:d2:28:50:43:a6:f7:2d:
87:f8:2a:7b:ac:fa:9c:e9:21:5a:73:ad:fb:29:05:
3a:08:37:33:5f:fe:f1:d6:ef:7e:7e:45:cc:d2:83:
59:2b:a0:89:3b:1d:de:29:8e:87:de:d3:42:29:9f:
45:75:34:6f:fa:5f:bd:04:fb:9b:4a:6c:1e:6a:08:
60:21:1a:b2:68:f4:d1:db:40:03:32:ee:ae:17:41:
19:f2:54:0d:ea:2c:13:b4:e5:4f:a5:4e:40:5e:2b:
a2:38:18:df:54:97:35:1c:ea:38:ea:20:ff:7e:03:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F4:06:09:E2:E4:DB:A6:65:81:FD:F2:97:7D:64:DF:63:18:90:EB
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
29:87:e1:1c:5f:ec:a0:24:6a:82:43:62:45:74:b9:c6:90:cb:
5a:9a:b9:30:cb:78:b1:16:10:c3:18:ed:6e:69:d8:bb:28:c6:
ee:ae:27:e0:e0:5c:67:71:07:a1:a0:7f:13:6c:12:fc:a0:dc:
f5:d0:59:26:fa:17:b5:93:ec:a2:9f:48:b1:70:ae:3e:38:81:
a3:7e:ca:92:f3:9c:7f:0f:bd:b4:0c:65:9a:53:0c:50:7d:74:
be:dd:76:0f:bb:e1:97:92:7a:6c:c2:5e:3e:51:7d:6b:ca:b8:
37:dd:a7:72:1b:19:d0:aa:d6:d2:fa:62:67:41:89:c4:86:08:
0c:6d:a6:15:38:7f:d5:7e:0b:50:1d:25:94:28:19:e5:e1:90:
cb:d8:a1:58:d1:dc:ff:a3:5e:94:db:b9:4e:27:8e:b8:1a:60:
b5:4a:b7:b3:2a:8f:ef:75:9f:42:61:04:40:81:7f:57:61:c0:
5c:0d:30:80:fb:87:b8:31:ff:e4:88:e6:50:f9:31:44:de:26:
52:11:9a:03:89:a8:0a:3e:dc:8e:91:b2:93:b0:11:55:8c:4e:
7d:54:aa:1c:5c:6b:13:35:dd:0e:23:7e:53:d8:ad:aa:bd:6d:
99:41:ec:e1:2a:d1:6f:c1:d0:57:3c:4a:99:e5:5e:36:60:6f:
65:ab:dd:8a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUXT0UTg+stKJrh9CfXU3sEvA604wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAzMTQxODE0MTlaFw0yNTAzMTMxODE5MTlaMDMxMTAvBgNV
BAMTKDM3RjQwNjA5RTJFNERCQTY2NTgxRkRGMjk3N0Q2NERGNjMxODkwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqC/Iu3cSLOFnJYURD9KYOJNnu
Q+vbo/mLaIPIPU0VhBD1xDudE42k0D56Oc6XokvtTOOQ2jojPqXGoiPLwP1csQJV
Ul/X5I9W9H3PC2y1DBUI/rYzlIanVaQHILWZf11jdRswPSJv4qcqBhObE2bMO8GR
N10GBAW3z42kyHufmFbgcDqM6uIKxxK4AmtE0ihQQ6b3LYf4Knus+pzpIVpzrfsp
BToINzNf/vHW735+RczSg1kroIk7Hd4pjofe00Ipn0V1NG/6X70E+5tKbB5qCGAh
GrJo9NHbQAMy7q4XQRnyVA3qLBO05U+lTkBeK6I4GN9UlzUc6jjqIP9+AxjxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUN/QGCeLk26Zlgf3yl31k32MYkOswHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHkMA0GCSqGSIb3DQEBCwUAA4IBAQAph+EcX+ygJGqCQ2JFdLnGkMtamrkwy3ix
FhDDGO1uadi7KMburifg4FxncQehoH8TbBL8oNz10Fkm+he1k+yin0ixcK4+OIGj
fsqS85x/D720DGWaUwxQfXS+3XYPu+GXknpswl4+UX1ryrg33adyGxnQqtbS+mJn
QYnEhggMbaYVOH/VfgtQHSWUKBnl4ZDL2KFY0dz/o16U27lOJ464GmC1SrezKo/v
dZ9CYQRAgX9XYcBcDTCA+4e4Mf/kiOZQ+TFE3iZSEZoDiagKPtyOkbKTsBFVjE59
VKocXGsTNd0OI35T2K2qvW2ZQezhKtFvwdBXPEqZ5V42YG9lq92K
-----END CERTIFICATE-----
Generated at Sat May 4 15:08:38 2024 by rpki-client on console-fra.rpki-client.org