Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
File: 38352e3230392e3233312e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: cUer1fFgoUaMXBv/Ofy3VHFv8QPdEE9BGuKF+6jEGKA=
Subject key identifier: 18:83:E9:03:9D:98:C0:89:E6:31:7F:81:87:3E:15:4B:88:A4:FA:62
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 449C73A7296513AB05378F893EAEF245D5B5FAAD
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
Signing time: Sat 19 Oct 2024 13:15:49 +0000
ROA not before: Sat 19 Oct 2024 13:10:49 +0000
ROA not after: Sat 18 Oct 2025 13:15:49 +0000
asID: 15440
IP address blocks: 85.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:9c:73:a7:29:65:13:ab:05:37:8f:89:3e:ae:f2:45:d5:b5:fa:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 19 13:10:49 2024 GMT
Not After : Oct 18 13:15:49 2025 GMT
Subject: CN=1883E9039D98C089E6317F81873E154B88A4FA62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a4:b3:02:27:21:b0:00:bc:49:0f:86:b9:fe:
80:61:1e:5a:2e:c3:01:4e:6f:9a:56:c4:4f:9a:c6:
e9:03:c7:26:47:f0:e4:ea:11:a7:2f:eb:b3:49:49:
45:78:70:06:de:2e:50:70:95:f7:3e:8b:8e:42:00:
1d:e7:52:2c:fc:0b:50:a6:7c:7b:91:83:06:8f:a4:
13:33:24:fa:a5:f0:c9:75:52:03:af:c7:4e:be:e6:
df:c8:44:a1:da:74:50:9e:e3:a5:48:93:72:d9:3c:
5b:fa:51:1e:b0:cf:0b:f6:06:c7:b4:48:e4:ba:f6:
7c:bb:88:5d:75:50:fd:31:b7:c6:ad:b9:ff:ea:89:
2d:34:a8:9c:ed:fc:e1:e3:81:24:9a:43:61:b7:f4:
7a:db:59:7d:06:58:d4:e4:e6:ae:6b:29:03:75:7f:
d4:d1:9d:9b:98:1f:f0:e2:d3:e6:40:14:21:9e:a0:
a7:56:35:39:29:ff:50:45:44:d5:14:9f:2c:7a:1f:
04:9c:e9:be:92:29:d3:74:54:6e:02:44:50:99:06:
f5:3a:46:f8:6a:2e:7a:9b:15:17:61:de:1d:f5:2a:
2a:9b:4e:00:c9:68:ff:e8:76:ac:3c:a7:36:33:4e:
95:29:d5:e1:d5:e0:e4:25:c7:53:8e:e4:0e:6e:b8:
7a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:83:E9:03:9D:98:C0:89:E6:31:7F:81:87:3E:15:4B:88:A4:FA:62
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
13:5a:ef:0b:69:9d:44:62:73:b4:1c:29:70:5d:aa:71:c7:13:
4f:0e:93:b2:83:49:7d:9a:88:07:2e:0c:e1:c4:cb:07:35:64:
1f:d7:16:3a:ac:fd:6d:0e:53:74:b5:5c:ed:c4:12:cf:f0:bf:
2e:e3:ba:ff:ba:a3:c9:41:f1:aa:9c:4b:f6:cf:31:82:06:cf:
6f:ad:d4:73:3c:0e:bc:1d:b3:58:a1:cf:ad:37:73:2d:6a:45:
5f:7d:a3:3a:04:4f:48:a5:6f:cd:78:cd:5e:89:82:b2:05:d0:
c3:05:da:10:3f:7c:d7:50:b8:74:de:84:44:e3:c4:f0:8e:3b:
82:8c:ac:07:0a:42:5c:ec:83:7b:4e:cc:84:03:03:bb:eb:c3:
3a:a8:3a:76:f5:d4:d3:dc:10:06:08:d1:99:11:d4:7c:f0:c5:
3e:2c:e1:16:e3:1e:0d:dc:e3:85:e0:a1:6d:3e:8e:d8:d1:50:
86:bd:fb:b5:fd:33:15:c4:6c:0f:64:a8:f6:cf:13:1c:0c:24:
f5:f7:d2:53:83:17:43:57:e0:88:05:37:6f:27:50:09:29:56:
0b:db:65:94:e1:d2:a5:f4:cd:63:9a:b7:e4:0b:45:f1:1f:5f:
01:db:7f:ef:38:45:c5:4d:5c:f7:19:6e:9f:ca:2e:bd:4b:e1:
55:88:7d:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURJxzpyllE6sFN4+JPq7yRdW1+q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDEwMTkxMzEwNDlaFw0yNTEwMTgxMzE1NDlaMDMxMTAvBgNV
BAMTKDE4ODNFOTAzOUQ5OEMwODlFNjMxN0Y4MTg3M0UxNTRCODhBNEZBNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCpLMCJyGwALxJD4a5/oBhHlou
wwFOb5pWxE+axukDxyZH8OTqEacv67NJSUV4cAbeLlBwlfc+i45CAB3nUiz8C1Cm
fHuRgwaPpBMzJPql8Ml1UgOvx06+5t/IRKHadFCe46VIk3LZPFv6UR6wzwv2Bse0
SOS69ny7iF11UP0xt8atuf/qiS00qJzt/OHjgSSaQ2G39HrbWX0GWNTk5q5rKQN1
f9TRnZuYH/Di0+ZAFCGeoKdWNTkp/1BFRNUUnyx6HwSc6b6SKdN0VG4CRFCZBvU6
RvhqLnqbFRdh3h31KiqbTgDJaP/odqw8pzYzTpUp1eHV4OQlx1OO5A5uuHoLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGIPpA52YwInmMX+Bhz4VS4ik+mIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHnMA0GCSqGSIb3DQEBCwUAA4IBAQATWu8LaZ1EYnO0HClwXapxxxNPDpOyg0l9
mogHLgzhxMsHNWQf1xY6rP1tDlN0tVztxBLP8L8u47r/uqPJQfGqnEv2zzGCBs9v
rdRzPA68HbNYoc+tN3MtakVffaM6BE9IpW/NeM1eiYKyBdDDBdoQP3zXULh03oRE
48TwjjuCjKwHCkJc7IN7TsyEAwO768M6qDp29dTT3BAGCNGZEdR88MU+LOEW4x4N
3OOF4KFtPo7Y0VCGvfu1/TMVxGwPZKj2zxMcDCT199JTgxdDV+CIBTdvJ1AJKVYL
22WU4dKl9M1jmrfkC0XxH18B23/vOEXFTVz3GW6fyi69S+FViH0h
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:15 2024 by rpki-client on console-ams.rpki-client.org