Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20323132313530.roa
File: 38352e3131372e3233302e302f32342d3234203d3e20323132313530.roa (raw, json)
Hash identifier: TNWvmVMYUNTjv7XUOYgDcfltzLMqNiQOo1MP2jb0Lpw=
Subject key identifier: 03:9F:FA:F3:62:C3:DB:01:9D:18:E4:D6:BB:F7:68:CC:19:5C:0E:6E
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4E85C91C69B8C304AD80412DC84200C65284208B
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20323132313530.roa
Signing time: Mon 13 Jan 2025 17:23:10 +0000
ROA not before: Mon 13 Jan 2025 17:18:10 +0000
ROA not after: Mon 12 Jan 2026 17:23:10 +0000
asID: 212150
IP address blocks: 85.117.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:85:c9:1c:69:b8:c3:04:ad:80:41:2d:c8:42:00:c6:52:84:20:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 13 17:18:10 2025 GMT
Not After : Jan 12 17:23:10 2026 GMT
Subject: CN=039FFAF362C3DB019D18E4D6BBF768CC195C0E6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e2:a7:40:80:65:08:c7:c4:60:84:b1:cd:64:
11:ef:87:16:45:80:a5:5b:51:da:41:92:85:70:9e:
86:ae:10:b5:b9:19:86:ee:7e:ab:73:6f:cb:75:d1:
24:ea:4a:0b:68:37:86:91:9f:ab:9d:bc:99:44:06:
cf:f0:c9:15:39:5e:87:90:93:1c:8c:cd:f7:1a:dc:
2d:6d:79:36:cc:c2:b0:f6:39:be:7c:43:07:96:a8:
b7:ee:46:0e:48:37:88:c7:54:c9:6a:ee:1f:85:01:
f0:f9:f0:9b:b8:15:2a:a4:d1:96:d5:17:eb:37:85:
db:39:59:52:b6:6c:96:ab:26:50:85:63:bb:8b:06:
87:b8:c4:9a:5b:20:ed:45:d6:5b:cf:1b:05:bf:9a:
04:97:f6:fa:c8:4e:a1:97:fa:b3:b5:18:da:cf:7b:
88:31:df:e8:97:f6:2a:74:fc:08:c2:a8:9a:5e:f4:
80:97:90:cb:2a:ce:0b:31:f5:bc:a4:10:2f:13:df:
05:a0:68:13:af:34:b9:66:94:a1:1f:21:0c:d4:de:
5f:a2:eb:53:c0:1a:8e:c0:e0:88:ce:a0:20:12:ee:
04:64:f3:73:a7:7f:85:5c:36:51:35:9e:d2:65:61:
c0:bb:4d:12:93:4d:43:a4:0d:bf:9e:19:d7:12:c7:
f7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9F:FA:F3:62:C3:DB:01:9D:18:E4:D6:BB:F7:68:CC:19:5C:0E:6E
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20323132313530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.230.0/24
Signature Algorithm: sha256WithRSAEncryption
65:50:5c:3d:ad:be:a5:04:e2:30:98:64:19:ed:0e:42:e4:78:
ae:b7:1b:1a:c1:b3:00:e0:0b:84:73:a6:8b:46:6c:13:32:39:
07:76:ad:e1:7e:7f:92:2a:f0:a0:68:a3:d8:c9:d7:cf:04:ae:
20:ec:4b:97:22:81:1a:b5:5c:79:6d:41:0a:2b:c6:61:e4:2f:
ed:af:70:48:4d:9f:57:e5:d6:53:0f:e1:1a:b1:d2:a2:ed:70:
9f:73:fb:08:8e:ff:c6:69:b4:a6:1d:fe:ee:57:38:0d:6c:ad:
a2:3c:fd:e9:04:f9:e8:01:54:ce:bc:9c:a2:f2:92:78:35:b3:
99:4e:a0:04:48:ba:7e:07:55:ee:72:fe:c8:fd:c8:1d:65:d7:
d4:51:52:4a:16:ba:d8:7f:6a:fd:04:6a:0c:f6:d3:27:1f:3a:
82:f9:af:45:7f:56:a6:c9:c2:0e:79:14:b7:50:63:1e:ed:8b:
d7:e6:ce:70:5a:b0:ec:ad:6b:43:c8:f3:f8:84:48:88:23:f9:
77:91:8c:81:72:3c:04:56:88:75:46:49:28:ed:55:a4:78:e0:
28:66:95:f9:83:fb:4c:d5:5a:f2:c8:c9:6e:d4:3b:99:3b:61:
08:3c:ec:e1:5e:79:d1:83:84:ff:21:27:7c:e8:0b:c6:34:62:
6a:e2:fd:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUToXJHGm4wwStgEEtyEIAxlKEIIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTMxNzE4MTBaFw0yNjAxMTIxNzIzMTBaMDMxMTAvBgNV
BAMTKDAzOUZGQUYzNjJDM0RCMDE5RDE4RTRENkJCRjc2OENDMTk1QzBFNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC4qdAgGUIx8RghLHNZBHvhxZF
gKVbUdpBkoVwnoauELW5GYbufqtzb8t10STqSgtoN4aRn6udvJlEBs/wyRU5XoeQ
kxyMzfca3C1teTbMwrD2Ob58QweWqLfuRg5IN4jHVMlq7h+FAfD58Ju4FSqk0ZbV
F+s3hds5WVK2bJarJlCFY7uLBoe4xJpbIO1F1lvPGwW/mgSX9vrITqGX+rO1GNrP
e4gx3+iX9ip0/AjCqJpe9ICXkMsqzgsx9bykEC8T3wWgaBOvNLlmlKEfIQzU3l+i
61PAGo7A4IjOoCAS7gRk83Onf4VcNlE1ntJlYcC7TRKTTUOkDb+eGdcSx/enAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUA5/682LD2wGdGOTWu/dozBlcDm4wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMTM1MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVdeYwDQYJKoZIhvcNAQELBQADggEBAGVQXD2tvqUE4jCYZBntDkLkeK63GxrB
swDgC4RzpotGbBMyOQd2reF+f5Iq8KBoo9jJ188EriDsS5cigRq1XHltQQorxmHk
L+2vcEhNn1fl1lMP4Rqx0qLtcJ9z+wiO/8ZptKYd/u5XOA1sraI8/ekE+egBVM68
nKLykng1s5lOoARIun4HVe5y/sj9yB1l19RRUkoWuth/av0Eagz20ycfOoL5r0V/
VqbJwg55FLdQYx7ti9fmznBasOyta0PI8/iESIgj+XeRjIFyPARWiHVGSSjtVaR4
4ChmlfmD+0zVWvLIyW7UO5k7YQg87OFeedGDhP8hJ3zoC8Y0Ymri/fQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:42:52 2025 by rpki-client