Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
File: 38352e3233392e3233322e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: L8vlgXK/Mhz0sT1M0oTGIbqhpRZbo5i5G8X9N8E8NPc=
Subject key identifier: DA:D4:E8:82:D0:5C:7F:D9:82:85:C5:1D:81:18:70:3B:95:85:03:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0F8EE22546310DB3CE740D4BD728A5C2B480EE92
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
Signing time: Mon 26 Feb 2024 08:53:31 +0000
ROA not before: Mon 26 Feb 2024 08:48:31 +0000
ROA not after: Mon 24 Feb 2025 08:53:31 +0000
asID: 40021
IP address blocks: 85.239.232.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8e:e2:25:46:31:0d:b3:ce:74:0d:4b:d7:28:a5:c2:b4:80:ee:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:31 2024 GMT
Not After : Feb 24 08:53:31 2025 GMT
Subject: CN=DAD4E882D05C7FD98285C51D8118703B958503B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f8:c1:b2:ed:5b:b6:05:f6:17:4a:69:64:55:
f3:66:f5:98:b2:87:ae:88:d0:c3:02:92:26:30:6f:
ac:2e:07:d7:51:dd:4c:c3:b8:9a:2f:63:d6:b5:bb:
6d:3d:6a:ef:2d:07:bc:4a:a8:c6:49:d8:c1:b6:bb:
43:d3:45:fb:f7:2b:e4:64:60:08:c2:65:16:ec:f1:
79:49:e5:29:2f:bd:8a:04:b5:51:a9:32:c5:88:06:
ce:1e:fc:a7:93:88:72:26:9a:86:7f:de:f3:09:d2:
4b:7a:b1:82:e3:b9:66:bc:28:71:d2:66:27:91:ed:
91:18:62:51:40:b6:8c:7e:93:4e:cf:12:df:b4:48:
8a:56:fe:5f:4b:d5:5e:c6:16:60:1c:92:e7:70:47:
c5:8a:60:03:dd:b9:fe:c2:63:54:b5:63:e6:a9:62:
4a:f7:4b:23:fd:d6:35:3f:4a:4b:a6:1d:08:22:75:
7c:6b:fc:fb:5a:e6:45:13:c6:f2:0e:9a:2d:54:8d:
11:07:b8:1a:43:10:e8:92:c9:bd:82:9d:38:e5:c7:
e2:c9:18:0a:b1:b8:bc:de:54:25:bc:bb:c5:39:1d:
fe:b7:18:b0:d3:57:50:ac:d6:ea:49:ec:12:b7:1a:
b7:3a:6c:f2:9f:41:97:1d:66:2d:a5:50:e1:a2:2d:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D4:E8:82:D0:5C:7F:D9:82:85:C5:1D:81:18:70:3B:95:85:03:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.232.0/21
Signature Algorithm: sha256WithRSAEncryption
27:4a:13:f7:de:90:47:3f:0a:6f:22:0f:03:35:99:d2:de:10:
d7:25:1b:79:eb:d6:5d:81:70:aa:0a:f3:0d:f4:a9:e4:2b:77:
e4:d7:2e:6b:30:26:f9:e3:20:2f:c4:b6:3a:73:2b:29:59:55:
ec:18:3c:3a:13:93:44:5d:30:21:2d:8d:c5:5c:48:69:3c:db:
af:2f:56:48:bd:f1:69:cb:1c:6f:a2:ae:77:68:5e:6e:00:e8:
7d:a7:b0:08:3a:63:29:6a:7c:88:cd:58:a8:5f:2d:50:93:c9:
65:44:60:f1:35:20:f8:70:d4:4e:2b:2b:22:9a:e0:89:ae:21:
b0:d2:6b:9e:e3:36:75:67:69:39:5c:0f:27:2a:8b:86:47:36:
aa:0e:0d:9c:32:a3:00:3c:96:5e:21:0e:e0:0c:c5:49:39:81:
05:7d:e7:24:07:90:2e:5f:f8:6c:93:d2:a7:41:3a:d8:90:5c:
56:92:d1:d6:64:e3:ba:32:49:85:e1:53:69:58:ed:48:85:20:
86:08:7e:99:49:48:42:7c:5c:30:23:5a:88:3a:c8:6f:82:22:
2c:39:ef:76:03:9a:25:a6:93:2f:c1:c5:e2:c1:f8:ea:c7:19:
6f:fc:d4:e7:fd:4e:7c:eb:af:cd:b2:25:1f:50:3f:d3:ce:1d:
ab:c9:88:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD47iJUYxDbPOdA1L1yilwrSA7pIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzFaFw0yNTAyMjQwODUzMzFaMDMxMTAvBgNV
BAMTKERBRDRFODgyRDA1QzdGRDk4Mjg1QzUxRDgxMTg3MDNCOTU4NTAzQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo+MGy7Vu2BfYXSmlkVfNm9Ziy
h66I0MMCkiYwb6wuB9dR3UzDuJovY9a1u209au8tB7xKqMZJ2MG2u0PTRfv3K+Rk
YAjCZRbs8XlJ5SkvvYoEtVGpMsWIBs4e/KeTiHImmoZ/3vMJ0kt6sYLjuWa8KHHS
ZieR7ZEYYlFAtox+k07PEt+0SIpW/l9L1V7GFmAckudwR8WKYAPduf7CY1S1Y+ap
Ykr3SyP91jU/SkumHQgidXxr/Pta5kUTxvIOmi1UjREHuBpDEOiSyb2CnTjlx+LJ
GAqxuLzeVCW8u8U5Hf63GLDTV1Cs1upJ7BK3Grc6bPKfQZcdZi2lUOGiLUkNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2tTogtBcf9mChcUdgRhwO5WFA7IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Ve/oMA0GCSqGSIb3DQEBCwUAA4IBAQAnShP33pBHPwpvIg8DNZnS3hDXJRt569Zd
gXCqCvMN9KnkK3fk1y5rMCb54yAvxLY6cyspWVXsGDw6E5NEXTAhLY3FXEhpPNuv
L1ZIvfFpyxxvoq53aF5uAOh9p7AIOmMpanyIzVioXy1Qk8llRGDxNSD4cNROKysi
muCJriGw0mue4zZ1Z2k5XA8nKouGRzaqDg2cMqMAPJZeIQ7gDMVJOYEFfeckB5Au
X/hsk9KnQTrYkFxWktHWZOO6MkmF4VNpWO1IhSCGCH6ZSUhCfFwwI1qIOshvgiIs
Oe92A5olppMvwcXiwfjqxxlv/NTn/U5866/NsiUfUD/Tzh2ryYiw
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:07 2024 by rpki-client on console-ams.rpki-client.org