Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20323037333838.roa
File: 38352e3131372e3232382e302f32342d3234203d3e20323037333838.roa (raw, json)
Hash identifier: 1/tBNS+kodwg8jeozfe8VuWvUrIAtLdwZSa7YwWGM6g=
Subject key identifier: 29:07:76:86:FF:A9:DB:42:B0:C0:44:C2:6A:11:41:82:61:CB:3D:ED
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7AA514FAAE6B3ECDEAD063278D5E8D32F0C4FB8C
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20323037333838.roa
Signing time: Fri 10 Jan 2025 14:56:32 +0000
ROA not before: Fri 10 Jan 2025 14:51:32 +0000
ROA not after: Fri 09 Jan 2026 14:56:32 +0000
asID: 207388
IP address blocks: 85.117.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:a5:14:fa:ae:6b:3e:cd:ea:d0:63:27:8d:5e:8d:32:f0:c4:fb:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 10 14:51:32 2025 GMT
Not After : Jan 9 14:56:32 2026 GMT
Subject: CN=29077686FFA9DB42B0C044C26A11418261CB3DED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:c6:85:8e:06:ca:f3:a6:96:71:a3:97:51:
64:fc:30:b5:3f:93:62:ed:1f:2e:b8:55:1c:6e:a4:
7a:ed:f0:f1:ee:17:12:b1:44:5e:2c:d9:1c:92:9e:
6c:df:bb:cf:99:4f:6f:34:79:f4:60:17:5a:f1:d2:
6e:8a:b1:f6:de:62:47:6f:78:17:c9:26:8f:fd:f4:
20:33:c4:86:55:56:34:16:68:11:5b:2d:b5:5c:35:
80:ab:04:2c:92:d7:d2:b5:bc:07:7d:ac:89:85:74:
38:e3:19:28:9d:d6:4f:af:e5:cc:20:2c:14:2f:eb:
23:17:b2:ea:e9:2f:6b:b0:6d:7e:01:ef:7f:02:8a:
10:33:b4:cf:05:2e:f1:7a:62:fa:66:48:89:71:35:
80:f7:54:9b:1a:d0:82:35:dd:42:1f:d7:ed:1f:e9:
ef:40:82:f6:4f:12:1b:ca:39:fd:4b:71:63:3a:41:
4d:e4:21:25:af:e3:cf:17:07:71:f9:c9:5f:97:0b:
94:17:e3:40:ba:7f:e6:9a:69:14:95:c7:4a:99:98:
ad:39:a3:d9:dc:4a:18:8b:4b:93:e5:93:2e:37:7a:
11:8d:46:c6:14:50:a1:43:c0:b3:a3:40:6f:c2:2e:
87:2f:08:99:c3:4c:79:71:94:92:2e:fb:a7:a8:c3:
a4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:07:76:86:FF:A9:DB:42:B0:C0:44:C2:6A:11:41:82:61:CB:3D:ED
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20323037333838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/24
Signature Algorithm: sha256WithRSAEncryption
49:76:af:e4:52:7e:2a:19:a9:46:55:6b:aa:7f:23:b8:ff:4b:
21:ee:f9:99:99:fc:31:42:8c:b9:c2:8a:37:57:30:46:b7:d8:
6a:10:bf:f9:a3:0e:ee:a4:74:11:04:ce:ba:4d:5b:a7:1b:17:
ca:cd:dd:f1:c4:d0:db:33:b4:f7:4d:b4:1c:68:ca:f6:cc:e0:
12:dc:41:f5:08:79:4a:1a:96:08:29:67:19:b1:5a:de:d6:3e:
77:67:99:0b:83:ba:18:b5:89:fd:53:f7:25:07:45:f4:de:6a:
45:85:d4:84:b6:45:09:7b:be:52:9f:9f:17:ec:4d:41:4e:4d:
6d:c7:29:f7:3c:08:2a:2d:11:11:2e:56:d8:d3:00:8f:23:bb:
30:ec:93:19:65:b9:69:c6:cc:30:be:b5:85:91:d7:9d:45:7b:
d4:29:80:46:7f:8f:b0:06:5d:37:f4:dc:98:65:0e:66:0f:91:
3c:a9:90:d2:ca:ce:81:90:5a:24:f1:2e:8b:b2:13:90:88:ca:
71:5c:86:cf:6f:45:ae:22:5c:4e:a1:d7:bf:24:03:30:6b:8b:
b4:64:bc:23:88:f2:16:b2:6c:08:e8:c9:fb:f7:b8:a4:a7:ad:
f4:18:0e:3d:74:e2:ca:12:49:e4:17:7e:a1:26:0a:91:88:59:
de:d7:6e:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeqUU+q5rPs3q0GMnjV6NMvDE+4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTAxNDUxMzJaFw0yNjAxMDkxNDU2MzJaMDMxMTAvBgNV
BAMTKDI5MDc3Njg2RkZBOURCNDJCMEMwNDRDMjZBMTE0MTgyNjFDQjNERUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC47MaFjgbK86aWcaOXUWT8MLU/
k2LtHy64VRxupHrt8PHuFxKxRF4s2RySnmzfu8+ZT280efRgF1rx0m6KsfbeYkdv
eBfJJo/99CAzxIZVVjQWaBFbLbVcNYCrBCyS19K1vAd9rImFdDjjGSid1k+v5cwg
LBQv6yMXsurpL2uwbX4B738CihAztM8FLvF6YvpmSIlxNYD3VJsa0II13UIf1+0f
6e9AgvZPEhvKOf1LcWM6QU3kISWv488XB3H5yV+XC5QX40C6f+aaaRSVx0qZmK05
o9ncShiLS5Plky43ehGNRsYUUKFDwLOjQG/CLocvCJnDTHlxlJIu+6eow6SJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKQd2hv+p20KwwETCahFBgmHLPe0wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMzM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVdeQwDQYJKoZIhvcNAQELBQADggEBAEl2r+RSfioZqUZVa6p/I7j/SyHu+ZmZ
/DFCjLnCijdXMEa32GoQv/mjDu6kdBEEzrpNW6cbF8rN3fHE0NsztPdNtBxoyvbM
4BLcQfUIeUoalggpZxmxWt7WPndnmQuDuhi1if1T9yUHRfTeakWF1IS2RQl7vlKf
nxfsTUFOTW3HKfc8CCotEREuVtjTAI8juzDskxlluWnGzDC+tYWR151Fe9QpgEZ/
j7AGXTf03JhlDmYPkTypkNLKzoGQWiTxLouyE5CIynFchs9vRa4iXE6h178kAzBr
i7RkvCOI8haybAjoyfv3uKSnrfQYDj104soSSeQXfqEmCpGIWd7Xbhs=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:48:35 2025 by rpki-client