Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323135323837.roa
File: 38352e3230392e3232392e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: m7YDwMLNt67QBXI8iJM7SEyXuqqXhs8L96e+6J4UhVA=
Subject key identifier: CB:88:13:91:CC:84:68:9D:3F:16:CA:72:FA:F4:C9:CF:D9:99:19:BF
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 16DB64A55D3C6FD964B4CAD9A0B6B906173AE9E0
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323135323837.roa
Signing time: Mon 11 Nov 2024 13:32:15 +0000
ROA not before: Mon 11 Nov 2024 13:27:15 +0000
ROA not after: Mon 10 Nov 2025 13:32:15 +0000
asID: 215287
IP address blocks: 85.209.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:db:64:a5:5d:3c:6f:d9:64:b4:ca:d9:a0:b6:b9:06:17:3a:e9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 11 13:27:15 2024 GMT
Not After : Nov 10 13:32:15 2025 GMT
Subject: CN=CB881391CC84689D3F16CA72FAF4C9CFD99919BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e2:cd:71:66:70:e2:82:28:95:f8:47:fb:b3:
9d:92:5b:b0:52:4c:02:4e:d0:be:4f:f1:6c:84:e5:
63:3d:05:e4:b9:65:dd:e0:15:af:3b:2f:a6:52:7c:
90:55:88:5f:8d:5e:27:f1:f5:a9:0e:2c:1f:71:ab:
d1:7b:a8:9c:12:33:47:21:b0:3a:d7:e5:b4:de:ad:
ea:76:17:a9:af:03:d1:20:cd:e1:a3:1f:4f:04:9a:
dc:6d:2e:ab:2c:3c:5e:ef:7b:57:ba:86:02:41:37:
c6:63:b2:89:d3:3d:77:b7:eb:c4:0c:94:d5:5d:69:
c8:cf:ab:53:48:a6:30:e6:2a:7e:70:b8:04:d7:fe:
19:ef:cb:63:53:9d:eb:8f:da:25:c2:9a:d5:a7:ad:
cc:83:7c:cf:4c:ca:d7:d6:9f:41:1f:30:44:49:9b:
a7:bf:34:ba:fe:80:fc:97:7c:9b:47:e8:6f:c9:6b:
b4:84:1c:f1:a9:6b:f1:2e:55:12:af:a7:dd:00:e0:
97:3e:e5:64:7d:dd:4a:09:52:4c:35:0c:5d:11:2b:
fd:03:ca:f5:40:02:ed:7a:ad:9d:39:9f:b9:5a:5c:
5c:81:2a:a0:c0:e8:c8:e2:f2:71:14:e3:ac:ae:ab:
a3:c8:95:c6:64:93:99:9e:36:f3:ed:94:e3:d2:b4:
66:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:88:13:91:CC:84:68:9D:3F:16:CA:72:FA:F4:C9:CF:D9:99:19:BF
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.229.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:04:bf:85:a7:ec:6e:70:d8:f2:48:ac:b7:1d:79:82:49:83:
9e:46:37:58:a6:1e:e0:4f:05:e1:1b:47:08:7f:62:30:47:2e:
5e:e1:a0:20:6f:8f:ee:eb:79:1d:92:ff:25:86:2d:54:5e:78:
13:0f:af:38:b7:0f:c9:3b:26:36:bf:2b:14:61:88:a5:68:4a:
7d:4a:6e:e6:48:71:eb:82:ee:7e:3c:76:b6:eb:22:eb:e1:21:
ab:11:68:fa:ad:65:72:09:1c:81:dd:f1:ea:d0:67:18:8c:dd:
42:14:d0:2f:46:c5:e2:05:87:b2:5b:d8:ea:f0:a6:c1:0a:f2:
0f:9a:46:17:b3:5d:fe:d0:c5:5d:f4:14:66:11:3b:d2:6a:a7:
c4:16:a5:e1:8f:6d:06:08:86:dd:1a:89:f5:44:f1:75:7f:c8:
5f:ec:a5:96:76:f2:ca:b7:58:d9:db:b2:02:0e:cf:70:55:9b:
bd:cf:c1:bd:e2:88:6b:05:78:4b:8c:c4:9e:7b:ab:b7:2b:a8:
0d:a3:fe:8c:9a:5c:51:cc:60:89:3a:46:da:b1:c9:a7:bd:2c:
1c:57:c5:74:89:b6:fb:f7:53:b0:3d:32:8d:7f:8c:de:4f:6f:
3e:0c:87:89:af:d8:b1:4a:8a:5a:5b:2c:b2:99:c3:d0:c1:7f:
ca:2b:99:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFttkpV08b9lktMrZoLa5Bhc66eAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMTExMzI3MTVaFw0yNTExMTAxMzMyMTVaMDMxMTAvBgNV
BAMTKENCODgxMzkxQ0M4NDY4OUQzRjE2Q0E3MkZBRjRDOUNGRDk5OTE5QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB4s1xZnDigiiV+Ef7s52SW7BS
TAJO0L5P8WyE5WM9BeS5Zd3gFa87L6ZSfJBViF+NXifx9akOLB9xq9F7qJwSM0ch
sDrX5bTerep2F6mvA9EgzeGjH08EmtxtLqssPF7ve1e6hgJBN8ZjsonTPXe368QM
lNVdacjPq1NIpjDmKn5wuATX/hnvy2NTneuP2iXCmtWnrcyDfM9MytfWn0EfMERJ
m6e/NLr+gPyXfJtH6G/Ja7SEHPGpa/EuVRKvp90A4Jc+5WR93UoJUkw1DF0RK/0D
yvVAAu16rZ05n7laXFyBKqDA6Mji8nEU46yuq6PIlcZkk5meNvPtlOPStGbdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUy4gTkcyEaJ0/Fspy+vTJz9mZGb8wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eUwDQYJKoZIhvcNAQELBQADggEBAEsEv4Wn7G5w2PJIrLcdeYJJg55GN1im
HuBPBeEbRwh/YjBHLl7hoCBvj+7reR2S/yWGLVReeBMPrzi3D8k7Jja/KxRhiKVo
Sn1KbuZIceuC7n48drbrIuvhIasRaPqtZXIJHIHd8erQZxiM3UIU0C9GxeIFh7Jb
2OrwpsEK8g+aRhezXf7QxV30FGYRO9Jqp8QWpeGPbQYIht0aifVE8XV/yF/spZZ2
8sq3WNnbsgIOz3BVm73Pwb3iiGsFeEuMxJ57q7crqA2j/oyaXFHMYIk6Rtqxyae9
LBxXxXSJtvv3U7A9Mo1/jN5Pbz4Mh4mv2LFKilpbLLKZw9DBf8orma4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:54:13 2024 by rpki-client on console-fra.rpki-client.org