Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135343135.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20323135343135.roa (raw, json)
Hash identifier: nQW3VSKEnCMjY8M2IGLhDVn57ZwGeZuI987P09F401g=
Subject key identifier: 03:A1:48:D8:40:DD:EE:23:35:B8:60:BD:6B:F8:11:9C:42:D2:CA:F7
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 395D37B7A355D869EC3B8B14C8B4BEC73DCE0A58
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135343135.roa
Signing time: Thu 08 Aug 2024 08:53:30 +0000
ROA not before: Thu 08 Aug 2024 08:48:30 +0000
ROA not after: Thu 07 Aug 2025 08:53:30 +0000
asID: 215415
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:5d:37:b7:a3:55:d8:69:ec:3b:8b:14:c8:b4:be:c7:3d:ce:0a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Aug 8 08:48:30 2024 GMT
Not After : Aug 7 08:53:30 2025 GMT
Subject: CN=03A148D840DDEE2335B860BD6BF8119C42D2CAF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:19:63:b0:a9:79:58:13:53:90:24:ba:e8:
75:7d:08:02:16:95:ad:11:0d:0e:0a:b9:b1:70:68:
77:d4:fd:f8:60:e0:19:8a:09:e1:d0:42:b1:f5:41:
56:06:e4:48:ee:81:08:de:cb:aa:3b:bc:e6:f0:2e:
e9:b4:c2:a2:de:ca:a3:60:61:8d:ad:08:c8:89:27:
a1:96:a7:51:36:29:db:d6:a0:94:69:42:e0:78:cd:
67:92:2d:01:3f:94:7c:35:5c:c2:f3:0f:1d:d4:5e:
7e:8d:9b:72:b8:ea:19:ca:28:f7:98:44:42:dd:0b:
8d:1d:6f:7b:1d:f0:b4:5d:a3:f8:94:d5:01:a7:73:
f3:61:85:3c:a8:95:9a:e5:4b:59:95:72:fb:d4:ab:
9e:56:2d:e2:03:7c:53:8a:23:35:dc:92:15:8c:c3:
8a:60:46:47:cb:0f:39:1d:17:fb:c2:2c:14:07:0e:
fd:ab:a1:86:3d:c3:68:80:30:94:12:b1:5b:0b:f8:
89:a8:68:00:55:35:b4:c1:b2:2d:8f:89:58:7f:46:
d6:56:51:82:32:8c:1b:2f:d5:58:17:56:60:b3:6c:
ed:1b:66:2e:97:11:f7:cf:be:fe:2f:a6:6f:5f:f2:
a6:b8:9f:f0:0d:41:b7:d9:c5:fa:4f:70:c7:cb:77:
48:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A1:48:D8:40:DD:EE:23:35:B8:60:BD:6B:F8:11:9C:42:D2:CA:F7
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:f7:3e:b6:2a:01:7f:23:16:8f:e7:0e:90:66:f3:10:6b:2c:
67:4d:97:3d:5f:a6:91:86:0b:de:73:95:0b:41:d5:fc:c0:8d:
10:aa:e4:40:0f:97:14:59:cd:c3:44:dc:43:9d:35:dd:25:e0:
f6:53:39:18:80:0a:c6:ce:f3:ab:ac:29:95:53:c8:71:a9:09:
4f:5f:cc:b1:38:0a:d9:d6:5b:2e:f8:87:af:a8:70:f5:57:33:
e2:0b:b3:8f:8c:2b:e3:01:96:22:2d:b6:5d:e0:05:30:a4:38:
c1:3e:86:28:72:7b:a3:11:9d:27:10:0d:bf:3c:9e:52:53:b1:
10:b9:a0:84:11:f0:1f:15:47:93:0a:91:c8:6d:a9:be:a2:9c:
b5:7f:ac:cd:cb:65:82:fd:53:10:07:84:5b:91:70:bd:b1:69:
04:6d:5c:71:d7:24:6d:7f:bb:0e:e2:c3:9a:d8:c7:a4:f0:d7:
12:95:6f:ea:ef:03:28:7f:34:60:85:ee:b9:3c:d7:37:d4:49:
18:1e:e3:3e:86:06:fb:7a:a8:e0:ed:ba:dd:99:a5:55:12:c6:
a2:bf:b7:7b:4d:fe:1d:0e:36:41:b8:de:18:9b:22:bb:7b:c4:
1d:ba:5d:d3:05:82:b4:a6:94:f9:61:c9:24:79:3a:83:ec:7e:
38:c5:2d:11
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOV03t6NV2GnsO4sUyLS+xz3OClgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA4MDgwODQ4MzBaFw0yNTA4MDcwODUzMzBaMDMxMTAvBgNV
BAMTKDAzQTE0OEQ4NDBEREVFMjMzNUI4NjBCRDZCRjgxMTlDNDJEMkNBRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaqxljsKl5WBNTkCS66HV9CAIW
la0RDQ4KubFwaHfU/fhg4BmKCeHQQrH1QVYG5EjugQjey6o7vObwLum0wqLeyqNg
YY2tCMiJJ6GWp1E2KdvWoJRpQuB4zWeSLQE/lHw1XMLzDx3UXn6Nm3K46hnKKPeY
RELdC40db3sd8LRdo/iU1QGnc/NhhTyolZrlS1mVcvvUq55WLeIDfFOKIzXckhWM
w4pgRkfLDzkdF/vCLBQHDv2roYY9w2iAMJQSsVsL+ImoaABVNbTBsi2PiVh/RtZW
UYIyjBsv1VgXVmCzbO0bZi6XEffPvv4vpm9f8qa4n/ANQbfZxfpPcMfLd0irAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUA6FI2EDd7iM1uGC9a/gRnELSyvcwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzNDMxMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eYwDQYJKoZIhvcNAQELBQADggEBALD3PrYqAX8jFo/nDpBm8xBrLGdNlz1f
ppGGC95zlQtB1fzAjRCq5EAPlxRZzcNE3EOdNd0l4PZTORiACsbO86usKZVTyHGp
CU9fzLE4CtnWWy74h6+ocPVXM+ILs4+MK+MBliIttl3gBTCkOME+hihye6MRnScQ
Db88nlJTsRC5oIQR8B8VR5MKkchtqb6inLV/rM3LZYL9UxAHhFuRcL2xaQRtXHHX
JG1/uw7iw5rYx6Tw1xKVb+rvAyh/NGCF7rk81zfUSRge4z6GBvt6qODtut2ZpVUS
xqK/t3tN/h0ONkG43hibIrt7xB26XdMFgrSmlPlhySR5OoPsfjjFLRE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:42 2024 by rpki-client on console-ams.rpki-client.org