Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203634323637.roa
File: 38352e3230392e3233312e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: NkSMVVKLdbRHwCmLwl+XV+yre8LxJqQqTVnQZ9iV6UY=
Subject key identifier: 32:BB:B8:8A:D9:AE:22:B7:BC:56:DA:DE:AF:70:72:BF:E8:B5:1B:56
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7DE0AB7210F4FB981A446A5DFDCF390FFA8BEBEE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203634323637.roa
Signing time: Fri 22 Dec 2023 08:05:08 +0000
ROA not before: Fri 22 Dec 2023 08:00:08 +0000
ROA not after: Fri 20 Dec 2024 08:05:08 +0000
asID: 64267
IP address blocks: 85.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e0:ab:72:10:f4:fb:98:1a:44:6a:5d:fd:cf:39:0f:fa:8b:eb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 22 08:00:08 2023 GMT
Not After : Dec 20 08:05:08 2024 GMT
Subject: CN=32BBB88AD9AE22B7BC56DADEAF7072BFE8B51B56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:c2:2d:18:a8:a8:73:53:9f:9d:26:21:82:
da:16:73:9a:a0:a3:9a:33:ce:31:8f:4d:c2:39:2e:
cd:ba:2d:e7:b7:ff:97:59:af:1f:49:ab:44:d2:7a:
a0:c3:5d:76:60:f8:88:a7:c1:d9:2b:fe:2b:52:9a:
bd:c2:20:a9:fa:71:2f:ca:76:99:3e:6d:e0:c2:b2:
26:6e:13:54:5c:3f:fe:f6:bb:1e:76:4e:cf:0f:02:
84:8c:69:4b:cf:d4:62:67:d9:98:bf:b0:8e:18:b2:
74:03:e7:ed:6f:bb:7f:3e:9c:0a:62:6b:ea:ad:f0:
82:0a:de:1c:32:e6:dc:3b:bb:f2:90:f4:54:89:9c:
5c:18:8f:87:de:24:fb:5a:25:f6:bd:46:a1:3c:1a:
1a:77:e5:37:b8:bf:63:cc:33:94:a9:ab:86:9c:de:
49:9e:0c:6c:36:91:64:b1:e4:a3:f5:91:2b:e8:3f:
91:bf:db:1d:92:92:78:9b:8a:95:3d:54:a0:73:ad:
82:ec:01:bd:8f:ad:3e:27:9d:46:98:c5:60:97:28:
fe:c7:23:1a:20:56:8e:ba:4f:d4:8a:c9:1b:3d:17:
8f:97:6f:52:a8:28:36:7d:81:33:9e:9a:d6:a1:81:
f5:5d:de:f7:47:13:c7:f6:4e:19:b2:a5:d5:6c:3a:
1e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BB:B8:8A:D9:AE:22:B7:BC:56:DA:DE:AF:70:72:BF:E8:B5:1B:56
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a5:b8:5a:26:c3:49:26:44:90:83:23:a0:aa:df:04:19:d9:
51:0a:a5:fc:51:6f:f6:a5:07:78:39:7f:6b:ef:e0:8a:0b:e4:
e2:86:a7:ed:23:31:72:e1:d4:b5:03:ea:ea:f4:ae:09:ef:7f:
f6:0e:9f:f6:2c:c2:59:e5:b0:13:7e:e8:48:6a:b8:b4:a5:7e:
c2:50:84:3d:54:3d:17:45:29:59:5d:0d:01:5c:f5:48:c7:a7:
af:bf:08:79:be:63:c3:74:be:ec:4c:a4:97:85:9c:e6:7f:f2:
fe:79:b8:9c:6a:2b:d8:fe:de:4f:45:ba:ba:1e:81:3c:a0:81:
c7:c7:5c:e6:18:be:b4:31:28:d7:ef:f7:e6:56:20:0e:4d:97:
de:38:f3:02:5f:33:39:90:f0:f7:06:c4:6c:1e:68:d4:2b:f7:
bc:70:b4:bc:12:53:fd:f2:79:9d:76:d3:91:b9:6a:5b:17:01:
6f:e9:d3:58:88:17:de:ac:fe:38:5f:b2:65:fd:70:ba:ab:d4:
a1:ba:72:82:18:98:04:02:09:09:d4:45:37:27:0b:d5:46:63:
96:38:48:ea:3e:19:2e:fa:57:c4:2a:30:c9:93:08:51:18:30:
05:45:e4:1e:10:6a:89:09:42:fe:85:ae:7c:77:85:95:5a:de:
be:ac:26:f1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfeCrchD0+5gaRGpd/c85D/qL6+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjIwODAwMDhaFw0yNDEyMjAwODA1MDhaMDMxMTAvBgNV
BAMTKDMyQkJCODhBRDlBRTIyQjdCQzU2REFERUFGNzA3MkJGRThCNTFCNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk5sItGKioc1OfnSYhgtoWc5qg
o5ozzjGPTcI5Ls26Lee3/5dZrx9Jq0TSeqDDXXZg+Iinwdkr/itSmr3CIKn6cS/K
dpk+beDCsiZuE1RcP/72ux52Ts8PAoSMaUvP1GJn2Zi/sI4YsnQD5+1vu38+nApi
a+qt8IIK3hwy5tw7u/KQ9FSJnFwYj4feJPtaJfa9RqE8Ghp35Te4v2PMM5Spq4ac
3kmeDGw2kWSx5KP1kSvoP5G/2x2SknibipU9VKBzrYLsAb2PrT4nnUaYxWCXKP7H
IxogVo66T9SKyRs9F4+Xb1KoKDZ9gTOemtahgfVd3vdHE8f2ThmypdVsOh57AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMru4itmuIre8Vtrer3Byv+i1G1YwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHnMA0GCSqGSIb3DQEBCwUAA4IBAQBspbhaJsNJJkSQgyOgqt8EGdlRCqX8UW/2
pQd4OX9r7+CKC+TihqftIzFy4dS1A+rq9K4J73/2Dp/2LMJZ5bATfuhIari0pX7C
UIQ9VD0XRSlZXQ0BXPVIx6evvwh5vmPDdL7sTKSXhZzmf/L+ebicaivY/t5PRbq6
HoE8oIHHx1zmGL60MSjX7/fmViAOTZfeOPMCXzM5kPD3BsRsHmjUK/e8cLS8ElP9
8nmddtORuWpbFwFv6dNYiBferP44X7Jl/XC6q9ShunKCGJgEAgkJ1EU3JwvVRmOW
OEjqPhku+lfEKjDJkwhRGDAFReQeEGqJCUL+ha58d4WVWt6+rCbx
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:37:32 2024 by rpki-client on console-ams.rpki-client.org