Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
File: 38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: 4lF9aisU1cBm0Ba+/gmeYojzlBD9sHT4UZ4eqEc+ZaQ=
Subject key identifier: F4:24:E3:8C:30:6B:95:4B:17:4D:C8:F7:B6:12:0A:DA:6A:B2:82:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 17D70F2FCB4D40BD3B584B2981FCEF6377C273AE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
Signing time: Mon 26 Feb 2024 08:53:20 +0000
ROA not before: Mon 26 Feb 2024 08:48:20 +0000
ROA not after: Mon 24 Feb 2025 08:53:20 +0000
asID: 207137
IP address blocks: 85.190.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d7:0f:2f:cb:4d:40:bd:3b:58:4b:29:81:fc:ef:63:77:c2:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:20 2024 GMT
Not After : Feb 24 08:53:20 2025 GMT
Subject: CN=F424E38C306B954B174DC8F7B6120ADA6AB28264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b3:28:02:3e:99:d8:d8:0b:cf:a3:eb:8e:02:
ce:60:c8:e5:e1:71:84:85:07:11:e1:3b:85:b0:af:
a3:44:f5:da:86:ed:91:82:43:00:c5:29:94:1a:be:
b8:54:4e:aa:0b:cb:ae:d8:95:5e:af:8a:0f:0c:2b:
eb:24:2c:86:cb:ef:5b:71:0f:e0:86:8e:b0:02:24:
0a:8e:86:1e:69:1d:89:8e:66:3e:f0:21:1e:b8:69:
d9:2b:72:77:fa:e8:0c:05:cd:7b:aa:bf:a3:09:88:
d8:13:6f:68:aa:b6:25:1b:12:3a:d1:ee:94:91:46:
d4:5f:21:a8:97:7e:63:8f:12:a9:6e:2a:0f:e8:5c:
43:f7:20:6d:5f:9d:0f:ec:18:7e:49:29:c6:1c:d4:
b2:d6:10:ae:f2:02:2b:f8:19:73:62:00:a4:d9:da:
58:1e:2d:33:5a:b4:7b:bd:25:47:26:0f:2c:a3:3b:
05:47:ca:f0:3f:b7:96:11:34:19:85:0d:b5:61:82:
2c:5e:70:91:41:fa:c4:1d:01:dd:6e:bc:87:c1:00:
fd:e2:7f:9c:fe:88:22:e3:e4:59:b2:e0:f0:fe:a9:
55:5c:51:9a:21:32:57:fc:f9:f4:da:5f:c2:dc:76:
2b:4e:62:d2:c8:0e:20:68:bc:4d:b4:15:bd:c8:30:
84:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:24:E3:8C:30:6B:95:4B:17:4D:C8:F7:B6:12:0A:DA:6A:B2:82:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.233.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f0:5a:f9:db:aa:c6:c2:6b:14:13:58:75:79:b5:0c:75:b5:
39:b0:55:93:45:f3:f9:16:4e:bf:56:ad:27:b8:11:18:18:73:
58:2d:b1:98:30:01:77:b3:6f:bb:5d:26:0e:5f:fc:27:3b:a1:
b2:fb:20:af:28:88:db:e3:c9:57:4e:75:86:0e:73:1f:b3:be:
04:72:3d:ad:6c:c3:81:f3:23:0a:72:3a:0b:e1:f7:c1:d1:aa:
78:7a:f8:da:e8:bb:4b:83:0d:a2:d4:37:23:f7:db:3f:80:11:
06:5f:83:3f:8b:46:7d:31:a1:ab:40:44:94:05:25:15:91:df:
19:04:fa:9b:f0:86:1b:c0:5e:ab:36:73:87:40:1e:84:92:94:
db:df:64:7c:92:f1:a7:79:21:75:45:ce:b0:ef:8d:4f:96:06:
61:ab:a1:df:67:2c:7d:4c:d1:59:0e:14:83:3f:bb:bf:d8:6b:
50:26:0b:6c:d7:be:86:e6:d2:d4:29:80:a6:98:99:45:c4:9d:
4c:60:6e:b6:21:d8:07:69:26:ac:7f:ef:8d:2f:38:0b:d0:f0:
78:c6:4d:f6:45:be:a7:0c:18:89:c5:62:0f:31:8a:e1:26:83:
f6:3d:70:c3:c1:75:bd:fd:22:a4:31:e0:55:6c:88:d0:32:c4:
30:36:2c:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF9cPL8tNQL07WEspgfzvY3fCc64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjBaFw0yNTAyMjQwODUzMjBaMDMxMTAvBgNV
BAMTKEY0MjRFMzhDMzA2Qjk1NEIxNzREQzhGN0I2MTIwQURBNkFCMjgyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDksygCPpnY2AvPo+uOAs5gyOXh
cYSFBxHhO4Wwr6NE9dqG7ZGCQwDFKZQavrhUTqoLy67YlV6vig8MK+skLIbL71tx
D+CGjrACJAqOhh5pHYmOZj7wIR64adkrcnf66AwFzXuqv6MJiNgTb2iqtiUbEjrR
7pSRRtRfIaiXfmOPEqluKg/oXEP3IG1fnQ/sGH5JKcYc1LLWEK7yAiv4GXNiAKTZ
2lgeLTNatHu9JUcmDyyjOwVHyvA/t5YRNBmFDbVhgixecJFB+sQdAd1uvIfBAP3i
f5z+iCLj5Fmy4PD+qVVcUZohMlf8+fTaX8LcditOYtLIDiBovE20Fb3IMIQLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9CTjjDBrlUsXTcj3thIK2mqygmQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvukwDQYJKoZIhvcNAQELBQADggEBACDwWvnbqsbCaxQTWHV5tQx1tTmwVZNF
8/kWTr9WrSe4ERgYc1gtsZgwAXezb7tdJg5f/Cc7obL7IK8oiNvjyVdOdYYOcx+z
vgRyPa1sw4HzIwpyOgvh98HRqnh6+Nrou0uDDaLUNyP32z+AEQZfgz+LRn0xoatA
RJQFJRWR3xkE+pvwhhvAXqs2c4dAHoSSlNvfZHyS8ad5IXVFzrDvjU+WBmGrod9n
LH1M0VkOFIM/u7/Ya1AmC2zXvobm0tQpgKaYmUXEnUxgbrYh2AdpJqx/740vOAvQ
8HjGTfZFvqcMGInFYg8xiuEmg/Y9cMPBdb39IqQx4FVsiNAyxDA2LNU=
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:47 2024 by rpki-client on console-fra.rpki-client.org