Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa
File: 38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa (raw, json)
Hash identifier: gTJ1v8QIBelH3ARyQQCBIby8zqqyP9uOTG6aymQUq/w=
Subject key identifier: 93:B8:F1:86:E5:1D:1A:25:F7:70:34:C2:CB:73:D1:14:A8:93:40:EA
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7584110F534BC754EE5DDD8C8A0A9AD7980C0C9A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa
Signing time: Thu 11 Jan 2024 18:16:55 +0000
ROA not before: Thu 11 Jan 2024 18:11:55 +0000
ROA not after: Thu 09 Jan 2025 18:16:55 +0000
asID: 211975
IP address blocks: 85.209.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:84:11:0f:53:4b:c7:54:ee:5d:dd:8c:8a:0a:9a:d7:98:0c:0c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 11 18:11:55 2024 GMT
Not After : Jan 9 18:16:55 2025 GMT
Subject: CN=93B8F186E51D1A25F77034C2CB73D114A89340EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:c8:42:bf:0c:f5:01:fc:bd:ba:b3:89:98:
eb:8f:2f:2c:83:fe:da:00:40:1c:c2:13:5b:d5:d7:
0d:47:7b:a4:b8:04:f6:c7:b1:9b:b7:7d:27:76:2a:
d6:ac:37:42:ea:46:83:62:20:7c:61:7d:84:d9:12:
3a:b7:0a:9a:8d:fd:a1:87:e7:f1:a1:89:06:ed:92:
7a:46:be:18:69:31:07:cd:92:97:5c:39:f9:52:99:
c5:b7:d9:2c:9f:8a:03:24:2e:5c:78:aa:d7:a3:43:
65:97:7b:6f:bd:f2:fa:d8:e8:54:5e:cb:79:d6:51:
11:97:71:c5:bc:d0:27:84:a7:d9:38:9d:74:6a:4c:
52:73:35:a9:94:3c:b8:b2:40:c8:91:3e:35:55:dc:
d3:12:fb:05:4f:96:a4:08:08:8a:01:df:c8:71:88:
6c:b9:12:73:31:46:44:5e:7c:4c:bc:33:6e:a3:8e:
0e:c0:1b:88:f0:93:50:19:8d:29:bb:11:20:99:e1:
43:9e:0f:44:40:6e:5f:c7:bc:48:71:9a:a3:34:59:
5c:a4:d1:5a:59:36:2c:3c:c6:d5:a4:0e:ca:5e:74:
6b:f6:ca:f7:73:44:02:4b:80:dc:9a:05:3e:b1:5b:
91:ad:52:bf:eb:f5:99:e1:a7:84:9a:94:26:8b:ed:
4e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B8:F1:86:E5:1D:1A:25:F7:70:34:C2:CB:73:D1:14:A8:93:40:EA
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.229.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:06:52:cc:4f:0d:ba:26:e7:4d:67:93:5c:78:fb:fa:3f:2f:
cb:38:1d:80:36:4d:da:ab:c4:68:93:bf:6a:66:d3:0d:49:72:
7a:9e:aa:65:75:5c:42:b0:26:ce:52:cd:db:81:8b:02:00:ff:
d2:97:e1:ca:10:f2:33:be:44:fc:0e:a1:cc:69:28:69:86:66:
f3:46:ac:e6:90:2b:8d:ca:af:a4:8f:cc:2e:df:78:96:fc:96:
f8:37:ae:e5:3f:1b:5c:45:ad:53:a0:7d:fe:92:68:2d:1d:c4:
67:06:63:d2:61:48:07:a9:c0:5f:3a:ad:b4:f8:07:55:64:2d:
81:1b:ee:1f:28:b5:b5:6c:d2:ef:cf:7f:75:f1:10:19:d3:91:
d9:af:f6:51:c0:6d:ed:6f:39:81:f4:65:1c:51:ab:03:05:9f:
26:11:d2:32:93:ef:4f:ec:8d:6c:cd:d0:e3:08:37:da:e7:f2:
db:9a:ec:5e:82:4a:f0:f5:a5:61:ae:f7:71:44:9d:e3:d5:3f:
b7:02:7c:1e:73:0d:e5:67:93:43:f8:8f:25:01:7d:bf:fb:47:
97:81:95:9b:63:7a:fe:dc:c6:71:45:db:2b:fd:8c:05:9e:e0:
a9:7e:33:9d:27:fa:d6:ee:a1:9a:9f:c9:7d:4c:d9:a1:76:42:
16:b6:e8:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdYQRD1NLx1TuXd2Migqa15gMDJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAxMTExODExNTVaFw0yNTAxMDkxODE2NTVaMDMxMTAvBgNV
BAMTKDkzQjhGMTg2RTUxRDFBMjVGNzcwMzRDMkNCNzNEMTE0QTg5MzQwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2S8hCvwz1Afy9urOJmOuPLyyD
/toAQBzCE1vV1w1He6S4BPbHsZu3fSd2KtasN0LqRoNiIHxhfYTZEjq3CpqN/aGH
5/GhiQbtknpGvhhpMQfNkpdcOflSmcW32SyfigMkLlx4qtejQ2WXe2+98vrY6FRe
y3nWURGXccW80CeEp9k4nXRqTFJzNamUPLiyQMiRPjVV3NMS+wVPlqQICIoB38hx
iGy5EnMxRkRefEy8M26jjg7AG4jwk1AZjSm7ESCZ4UOeD0RAbl/HvEhxmqM0WVyk
0VpZNiw8xtWkDspedGv2yvdzRAJLgNyaBT6xW5GtUr/r9Znhp4SalCaL7U6lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUk7jxhuUdGiX3cDTCy3PRFKiTQOowHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzOTM3MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eUwDQYJKoZIhvcNAQELBQADggEBAEoGUsxPDbom501nk1x4+/o/L8s4HYA2
TdqrxGiTv2pm0w1JcnqeqmV1XEKwJs5SzduBiwIA/9KX4coQ8jO+RPwOocxpKGmG
ZvNGrOaQK43Kr6SPzC7feJb8lvg3ruU/G1xFrVOgff6SaC0dxGcGY9JhSAepwF86
rbT4B1VkLYEb7h8otbVs0u/Pf3XxEBnTkdmv9lHAbe1vOYH0ZRxRqwMFnyYR0jKT
70/sjWzN0OMIN9rn8tua7F6CSvD1pWGu93FEnePVP7cCfB5zDeVnk0P4jyUBfb/7
R5eBlZtjev7cxnFF2yv9jAWe4Kl+M50n+tbuoZqfyX1M2aF2Qha26Ew=
-----END CERTIFICATE-----
Generated at Wed May 15 03:59:44 2024 by rpki-client on console-fra.rpki-client.org