Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203536333637.roa
File: 38352e3230392e3233302e302f32342d3234203d3e203536333637.roa (raw, json)
Hash identifier: 4LpREoMyJWDoZRRQsdI3pvFbF/E0RXn0ETx/bGVgKXI=
Subject key identifier: 7C:4A:EA:CA:93:78:96:80:9A:FC:C3:79:7E:17:94:93:4A:94:47:91
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3AF7FFBB3B4B882BA554D28201BD43182D81CAEE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203536333637.roa
Signing time: Fri 21 Feb 2025 16:41:13 +0000
ROA not before: Fri 21 Feb 2025 16:36:13 +0000
ROA not after: Fri 20 Feb 2026 16:41:13 +0000
asID: 56367
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f7:ff:bb:3b:4b:88:2b:a5:54:d2:82:01:bd:43:18:2d:81:ca:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 21 16:36:13 2025 GMT
Not After : Feb 20 16:41:13 2026 GMT
Subject: CN=7C4AEACA937896809AFCC3797E1794934A944791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ae:80:9d:42:cc:30:0a:63:4a:4b:8c:1e:91:
29:b0:3c:5a:8b:eb:f4:34:1d:c6:d8:4c:b2:72:cc:
1e:54:ff:5c:8e:93:49:1b:cf:84:3a:61:ba:d0:47:
e1:f7:23:02:bf:3d:ed:ab:0d:52:64:33:a2:80:8b:
26:f6:4e:f5:51:57:ed:06:c5:e9:4c:a7:fc:68:37:
79:b9:8a:bc:4d:fc:4c:0c:0a:fd:0e:a6:76:b6:4c:
02:d4:7b:ca:17:b0:ea:b5:12:87:d9:48:94:e3:3e:
88:9a:7f:f6:f3:db:71:94:b7:bf:7d:a3:a8:6e:7b:
1d:9a:54:0a:45:e3:3f:97:c3:40:0d:63:47:95:93:
c5:e1:43:2f:94:ff:d3:77:55:17:ba:35:13:78:de:
98:6a:d3:07:e7:de:54:3d:b0:07:2f:4b:91:09:0a:
7e:ee:10:48:5a:dd:52:15:f5:e5:39:98:dd:1a:c2:
a9:d0:83:c4:8f:72:c0:f6:43:0c:65:b7:77:0c:40:
5b:5d:3f:89:5b:80:4b:95:c8:76:30:25:df:08:ab:
54:d1:7e:66:2f:22:d8:dc:63:48:b3:81:ee:a0:18:
86:24:b5:4a:d8:6b:3c:95:11:f8:31:21:b1:e9:ca:
d0:49:30:3e:8d:f6:a8:d2:86:54:11:f7:e0:a3:f1:
f5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4A:EA:CA:93:78:96:80:9A:FC:C3:79:7E:17:94:93:4A:94:47:91
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203536333637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
61:b9:37:03:e1:c7:08:03:fb:97:ca:77:91:85:30:7b:7f:5b:
95:37:b3:65:9e:ff:2d:98:5f:d4:b3:14:de:1e:ed:31:20:c5:
c8:c4:00:f3:f9:bc:36:f4:83:5b:a0:8a:cb:f1:7f:e1:0b:50:
6a:51:ce:ba:e7:6a:bd:00:82:30:c0:3b:d6:f2:bd:5f:8a:1e:
9d:58:61:42:8b:15:b5:03:13:41:cd:51:3a:c4:3a:70:98:eb:
cf:2f:88:bd:ad:62:61:8b:eb:e7:d1:e8:e4:ed:f7:1a:07:db:
04:04:f7:ca:6f:a3:a6:92:f9:dd:b9:20:80:09:f0:76:c2:32:
56:51:12:06:40:41:3f:45:9d:3d:ab:11:3e:e8:f1:35:3b:c1:
a2:28:1c:59:10:57:f4:8c:be:60:6d:50:b5:63:f2:ba:51:c5:
dd:ca:09:c0:6c:d4:a6:b3:53:d7:b8:15:ee:0c:7a:e0:0e:61:
86:1f:7f:7d:af:cf:be:14:a5:ba:3a:ee:0f:fa:2d:99:66:74:
e0:98:3f:4d:ed:c8:88:c1:dc:7c:4e:70:f3:c7:7f:98:11:7b:
46:dc:50:2e:00:77:f5:36:71:a7:5a:29:2b:1d:31:b4:c0:c2:
0c:80:64:e9:50:d0:a8:93:3c:07:47:fe:dd:82:5e:98:f4:f7:
ae:dc:85:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOvf/uztLiCulVNKCAb1DGC2Byu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMjExNjM2MTNaFw0yNjAyMjAxNjQxMTNaMDMxMTAvBgNV
BAMTKDdDNEFFQUNBOTM3ODk2ODA5QUZDQzM3OTdFMTc5NDkzNEE5NDQ3OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXroCdQswwCmNKS4wekSmwPFqL
6/Q0HcbYTLJyzB5U/1yOk0kbz4Q6YbrQR+H3IwK/Pe2rDVJkM6KAiyb2TvVRV+0G
xelMp/xoN3m5irxN/EwMCv0Opna2TALUe8oXsOq1EofZSJTjPoiaf/bz23GUt799
o6huex2aVApF4z+Xw0ANY0eVk8XhQy+U/9N3VRe6NRN43phq0wfn3lQ9sAcvS5EJ
Cn7uEEha3VIV9eU5mN0awqnQg8SPcsD2Qwxlt3cMQFtdP4lbgEuVyHYwJd8Iq1TR
fmYvItjcY0izge6gGIYktUrYazyVEfgxIbHpytBJMD6N9qjShlQR9+Cj8fXrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfErqypN4loCa/MN5fheUk0qUR5EwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM2MzMzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHmMA0GCSqGSIb3DQEBCwUAA4IBAQBhuTcD4ccIA/uXyneRhTB7f1uVN7Nlnv8t
mF/UsxTeHu0xIMXIxADz+bw29INboIrL8X/hC1BqUc6652q9AIIwwDvW8r1fih6d
WGFCixW1AxNBzVE6xDpwmOvPL4i9rWJhi+vn0ejk7fcaB9sEBPfKb6OmkvnduSCA
CfB2wjJWURIGQEE/RZ09qxE+6PE1O8GiKBxZEFf0jL5gbVC1Y/K6UcXdygnAbNSm
s1PXuBXuDHrgDmGGH399r8++FKW6Ou4P+i2ZZnTgmD9N7ciIwdx8TnDzx3+YEXtG
3FAuAHf1NnGnWikrHTG0wMIMgGTpUNCokzwHR/7dgl6Y9Peu3IVH
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:57:04 2025 by rpki-client