Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e203233343730.roa
File: 38352e3131372e3232392e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: HUTmCm2TImDs0Yhhl7hgdJ8IlEK4xOTxiCr+5rFxRZI=
Subject key identifier: 44:FB:E1:16:12:5D:E5:04:3B:C3:78:92:5A:C2:0E:CE:AB:22:68:53
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 23D4DCE1DFD529BE77A27AA9C0F90EDD287FE563
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e203233343730.roa
Signing time: Sat 11 Jan 2025 14:55:46 +0000
ROA not before: Sat 11 Jan 2025 14:50:46 +0000
ROA not after: Sat 10 Jan 2026 14:55:46 +0000
asID: 23470
IP address blocks: 85.117.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d4:dc:e1:df:d5:29:be:77:a2:7a:a9:c0:f9:0e:dd:28:7f:e5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 14:50:46 2025 GMT
Not After : Jan 10 14:55:46 2026 GMT
Subject: CN=44FBE116125DE5043BC378925AC20ECEAB226853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:25:cd:69:58:33:ec:d8:7d:78:67:8f:a1:9f:
89:29:59:72:53:34:49:49:ae:e6:be:ff:9c:34:f4:
ea:01:53:d6:b4:43:a9:bd:2e:5a:c4:85:c2:99:34:
de:9e:71:a5:93:40:bd:b3:65:3d:20:be:d4:c6:72:
cf:21:72:55:32:fb:73:8d:0a:01:4d:e1:10:bd:3b:
c3:91:48:c6:9b:d3:50:6f:a2:be:8f:6e:76:9a:83:
7e:59:ec:41:01:dd:7c:47:c8:a1:90:f7:81:49:d8:
12:2e:92:f2:fb:ff:48:4f:a0:42:2f:f7:7a:37:61:
a7:af:a0:b9:ad:e4:dc:09:00:cc:31:3a:d8:d5:df:
d1:48:6a:18:12:d9:79:52:12:03:e4:68:1c:32:cd:
70:4a:1f:b0:1e:48:04:2e:9a:fe:18:09:d3:86:0d:
c1:17:16:db:03:d2:d8:8b:f2:9a:41:e2:ce:87:39:
0e:03:71:00:cd:04:93:b1:2e:4e:94:58:2b:28:18:
30:f6:26:04:66:47:22:da:e7:ae:a6:de:71:3c:16:
ef:09:52:27:50:15:0e:7f:33:a7:02:52:21:c5:16:
9e:8c:c8:b5:59:08:88:02:9f:8e:56:08:92:f1:bf:
9d:cb:51:7e:e7:9a:61:4b:2a:4b:94:ac:8c:e9:c1:
8b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FB:E1:16:12:5D:E5:04:3B:C3:78:92:5A:C2:0E:CE:AB:22:68:53
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.229.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5a:57:36:63:aa:7a:ce:46:59:52:5b:f4:65:69:ec:58:22:
d5:ad:74:22:61:b5:39:50:be:f7:c7:e2:75:87:a0:a0:cc:42:
b3:ce:e6:20:4f:c4:12:69:6d:30:f8:64:8c:d5:4a:34:e7:42:
6b:6f:33:3f:84:39:4e:76:5a:8b:cc:22:ba:4c:5e:47:40:8c:
97:a5:2f:bf:8f:87:b4:34:83:90:8a:f9:a8:ee:54:b1:92:a5:
bf:71:7a:69:47:3a:8d:18:0d:b6:be:49:01:6e:58:6e:fe:97:
9a:5f:07:20:92:7f:70:54:16:ca:6b:d0:a9:d1:e9:cb:a4:de:
26:f9:36:8d:10:d8:6a:66:26:18:7e:ac:03:ca:39:3c:2d:02:
21:fe:22:24:77:2d:cb:aa:73:dc:e9:2d:55:80:73:f2:71:54:
b3:d7:b9:7e:b4:b7:3b:f4:ca:68:b6:dc:39:f3:4d:49:db:be:
f1:9b:f4:e2:88:9b:65:a0:60:3d:01:9f:6a:42:08:cd:79:8e:
19:7f:a4:12:40:2c:d1:01:02:c0:46:99:0c:f1:8f:01:07:dd:
a7:cd:41:b0:a5:d3:5a:5c:03:b2:ac:16:d6:35:86:90:1b:99:
76:47:51:3b:bd:37:89:34:dc:97:50:6b:9f:32:e7:1d:5c:25:
ff:fd:80:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUI9Tc4d/VKb53onqpwPkO3Sh/5WMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExNDUwNDZaFw0yNjAxMTAxNDU1NDZaMDMxMTAvBgNV
BAMTKDQ0RkJFMTE2MTI1REU1MDQzQkMzNzg5MjVBQzIwRUNFQUIyMjY4NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrJc1pWDPs2H14Z4+hn4kpWXJT
NElJrua+/5w09OoBU9a0Q6m9LlrEhcKZNN6ecaWTQL2zZT0gvtTGcs8hclUy+3ON
CgFN4RC9O8ORSMab01Bvor6Pbnaag35Z7EEB3XxHyKGQ94FJ2BIukvL7/0hPoEIv
93o3YaevoLmt5NwJAMwxOtjV39FIahgS2XlSEgPkaBwyzXBKH7AeSAQumv4YCdOG
DcEXFtsD0tiL8ppB4s6HOQ4DcQDNBJOxLk6UWCsoGDD2JgRmRyLa566m3nE8Fu8J
UidQFQ5/M6cCUiHFFp6MyLVZCIgCn45WCJLxv53LUX7nmmFLKkuUrIzpwYtJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURPvhFhJd5QQ7w3iSWsIOzqsiaFMwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMzMzQzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VXXlMA0GCSqGSIb3DQEBCwUAA4IBAQCKWlc2Y6p6zkZZUlv0ZWnsWCLVrXQiYbU5
UL73x+J1h6CgzEKzzuYgT8QSaW0w+GSM1Uo050JrbzM/hDlOdlqLzCK6TF5HQIyX
pS+/j4e0NIOQivmo7lSxkqW/cXppRzqNGA22vkkBblhu/peaXwcgkn9wVBbKa9Cp
0enLpN4m+TaNENhqZiYYfqwDyjk8LQIh/iIkdy3LqnPc6S1VgHPycVSz17l+tLc7
9Mpottw5801J277xm/TiiJtloGA9AZ9qQgjNeY4Zf6QSQCzRAQLARpkM8Y8BB92n
zUGwpdNaXAOyrBbWNYaQG5l2R1E7vTeJNNyXUGufMucdXCX//YC0
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:50:36 2025 by rpki-client