Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323133313232.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20323133313232.roa (raw, json)
Hash identifier: 5/1tJ5PYVnI67L2Xmq0oecScWWuO2nb/LSm3qnaFT48=
Subject key identifier: 7A:59:EA:70:CC:CB:7F:83:52:D5:6B:57:D6:42:2B:F0:21:BC:B0:E5
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5D16C6D7BBD0F374CA442AD8554E6F7C0F1B5D51
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323133313232.roa
Signing time: Thu 07 Dec 2023 20:41:55 +0000
ROA not before: Thu 07 Dec 2023 20:36:55 +0000
ROA not after: Thu 05 Dec 2024 20:41:55 +0000
asID: 213122
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:16:c6:d7:bb:d0:f3:74:ca:44:2a:d8:55:4e:6f:7c:0f:1b:5d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 7 20:36:55 2023 GMT
Not After : Dec 5 20:41:55 2024 GMT
Subject: CN=7A59EA70CCCB7F8352D56B57D6422BF021BCB0E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fc:57:11:b2:d4:e1:63:a9:14:90:65:3d:62:
68:af:15:e5:67:8c:4a:d6:ba:57:4d:a3:21:7d:b3:
e9:da:a5:a2:b6:ad:f5:c1:18:62:75:99:63:86:27:
da:ea:db:0a:29:bd:b5:66:33:a2:f2:9a:d0:43:70:
a1:05:21:d5:24:de:34:ec:7b:42:0f:e8:dd:50:89:
ca:a8:94:fe:30:c4:9b:24:25:69:e9:5f:b0:04:7b:
a3:ab:7f:2a:bc:e0:6a:08:42:4e:66:b8:7b:06:51:
92:ee:b0:dc:a9:7a:dc:e1:13:fc:85:f1:8d:85:16:
df:df:0e:03:ca:b2:a4:d7:6d:5d:e3:ab:b7:b6:d1:
70:0e:32:02:c0:7a:96:85:30:6e:bc:33:8b:f4:92:
20:2d:e3:e3:b7:4b:14:84:f6:d5:1a:cb:c9:3d:91:
25:1c:c4:68:f5:2f:8c:0d:1d:01:62:62:71:a9:4a:
16:f9:5e:5e:13:76:ef:6c:1e:81:47:2e:ff:36:7c:
0b:45:f6:c3:09:98:69:10:84:16:5d:0c:e7:f0:49:
4b:09:68:d6:c8:3a:18:82:c3:35:36:4b:6b:69:4d:
f0:d3:31:4e:62:58:46:2b:74:8c:ad:a5:16:92:77:
45:30:cb:6c:86:27:38:23:81:22:c7:6d:f2:b4:c7:
c7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:59:EA:70:CC:CB:7F:83:52:D5:6B:57:D6:42:2B:F0:21:BC:B0:E5
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323133313232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:11:56:07:26:ac:bd:c5:17:2e:aa:76:f2:3a:f5:40:1c:e6:
f6:5b:0d:c8:88:66:60:e8:f5:74:cb:86:ee:89:86:9a:52:66:
a8:b3:44:3e:db:e9:77:0e:13:9b:44:e0:6b:d5:33:06:9a:a0:
ae:2c:29:41:6e:de:70:43:1c:4d:2d:6c:7c:19:4a:3e:b0:f3:
36:67:0f:1a:f9:9c:4f:a4:ec:be:a5:19:2f:4c:15:87:82:5b:
fb:07:99:b4:27:9c:58:a6:54:c8:8b:f6:d0:f6:7e:8d:de:2a:
bb:83:a8:79:37:70:62:c1:6b:75:5f:ba:31:1b:bd:aa:5b:bf:
bd:28:b6:98:b7:e0:cb:09:fc:0c:3b:73:2f:ec:80:b0:ec:61:
5c:6a:74:b8:c9:92:61:94:dd:05:60:a2:6e:06:5e:87:c1:c6:
74:7d:45:1e:33:b1:9a:a8:93:52:d8:03:0e:c7:2a:40:10:db:
f1:61:ed:ca:47:ae:68:6d:8e:c2:61:d7:15:c0:56:89:9f:06:
26:08:2a:ee:6b:4f:cf:58:6c:87:7c:eb:68:49:a6:35:c4:08:
d3:1f:7a:5d:e3:d4:6c:54:f0:b4:ef:c0:24:e0:b0:9c:0f:b7:
eb:4e:e3:85:41:08:7c:1d:f4:02:23:1b:47:b6:94:3c:bc:9e:
62:a9:28:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXRbG17vQ83TKRCrYVU5vfA8bXVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMDcyMDM2NTVaFw0yNDEyMDUyMDQxNTVaMDMxMTAvBgNV
BAMTKDdBNTlFQTcwQ0NDQjdGODM1MkQ1NkI1N0Q2NDIyQkYwMjFCQ0IwRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv/FcRstThY6kUkGU9YmivFeVn
jErWuldNoyF9s+napaK2rfXBGGJ1mWOGJ9rq2wopvbVmM6LymtBDcKEFIdUk3jTs
e0IP6N1QicqolP4wxJskJWnpX7AEe6Orfyq84GoIQk5muHsGUZLusNypetzhE/yF
8Y2FFt/fDgPKsqTXbV3jq7e20XAOMgLAepaFMG68M4v0kiAt4+O3SxSE9tUay8k9
kSUcxGj1L4wNHQFiYnGpShb5Xl4Tdu9sHoFHLv82fAtF9sMJmGkQhBZdDOfwSUsJ
aNbIOhiCwzU2S2tpTfDTMU5iWEYrdIytpRaSd0Uwy2yGJzgjgSLHbfK0x8eDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUelnqcMzLf4NS1WtX1kIr8CG8sOUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMTMyMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eYwDQYJKoZIhvcNAQELBQADggEBADwRVgcmrL3FFy6qdvI69UAc5vZbDciI
ZmDo9XTLhu6JhppSZqizRD7b6XcOE5tE4GvVMwaaoK4sKUFu3nBDHE0tbHwZSj6w
8zZnDxr5nE+k7L6lGS9MFYeCW/sHmbQnnFimVMiL9tD2fo3eKruDqHk3cGLBa3Vf
ujEbvapbv70otpi34MsJ/Aw7cy/sgLDsYVxqdLjJkmGU3QVgom4GXofBxnR9RR4z
sZqok1LYAw7HKkAQ2/Fh7cpHrmhtjsJh1xXAVomfBiYIKu5rT89YbId862hJpjXE
CNMfel3j1GxU8LTvwCTgsJwPt+tO44VBCHwd9AIjG0e2lDy8nmKpKJg=
-----END CERTIFICATE-----
Generated at Wed May 15 03:59:44 2024 by rpki-client on console-fra.rpki-client.org