Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
File: 38352e3230392e31362e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: UgI/51A2bcq107ZFEky5Ecfs8BRKlXHWJ17xhKHSilI=
Subject key identifier: CE:F7:27:D0:59:10:CF:9B:F1:7F:F2:AD:66:B5:63:64:FC:F7:4D:F3
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 5CC837912E2128C37D12E4916EFBBEC0B5566FAB
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
Signing time: Thu 22 Feb 2024 18:05:14 +0000
ROA not before: Thu 22 Feb 2024 18:00:14 +0000
ROA not after: Thu 20 Feb 2025 18:05:14 +0000
asID: 400039
IP address blocks: 85.209.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:c8:37:91:2e:21:28:c3:7d:12:e4:91:6e:fb:be:c0:b5:56:6f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 22 18:00:14 2024 GMT
Not After : Feb 20 18:05:14 2025 GMT
Subject: CN=CEF727D05910CF9BF17FF2AD66B56364FCF74DF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cf:9c:ad:9b:b0:de:54:d9:28:a5:78:a0:ee:
0c:74:06:35:af:19:61:38:2a:40:96:1f:1a:8c:75:
a5:c9:cf:16:97:d6:b7:b6:7d:5e:31:7a:94:b5:ee:
33:a7:b1:42:d3:af:4d:e4:3f:19:1c:b9:42:d7:41:
17:90:3d:d7:0f:b9:1e:98:d1:06:fa:23:bb:d7:8b:
bf:91:4f:a5:30:84:20:3c:8d:5b:07:2f:79:2a:85:
92:ef:b7:30:26:74:f3:a1:56:9e:c3:fe:ba:25:44:
6d:39:67:37:ce:64:95:ff:e5:00:0f:87:7b:36:82:
33:2f:0f:15:f9:bf:6d:dc:02:34:ec:4d:f2:73:c4:
fc:d0:03:a4:d7:fe:db:0b:bc:44:d8:10:27:cf:00:
96:bf:fb:16:11:3f:a7:91:cd:a1:99:4f:fd:af:c4:
26:f4:7e:1d:58:f4:fb:7b:11:4c:a1:d5:7e:d9:ae:
99:87:84:bf:fc:e5:86:25:c6:a0:42:c9:09:7c:59:
e3:ca:3a:4f:b7:71:2e:30:bb:20:76:6f:9d:9e:80:
58:e8:4e:0b:70:b5:af:3f:09:7b:c6:3c:c0:9d:a4:
0e:e2:3c:9c:17:ab:ef:02:1e:e2:2a:01:5c:2b:9c:
9e:8e:45:a4:dd:1f:6f:28:9b:60:bb:a9:39:41:98:
97:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F7:27:D0:59:10:CF:9B:F1:7F:F2:AD:66:B5:63:64:FC:F7:4D:F3
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.16.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9a:b5:4d:a4:0f:eb:4d:d0:b5:62:0d:1d:ca:69:b9:27:9a:
81:09:6b:aa:a6:f4:d3:56:90:de:a7:47:53:ec:0f:8b:09:b2:
de:9f:d9:3f:d4:53:37:cb:90:6c:75:81:af:1b:f2:15:65:91:
d6:77:13:19:26:07:30:d7:73:e3:a4:10:a0:a5:ac:ad:ca:ec:
cd:4e:f3:db:02:d9:da:8e:4c:ac:37:51:9c:ad:eb:06:b2:68:
2b:b9:3f:25:87:66:cd:11:e5:67:14:3d:4b:7b:02:6c:7b:bf:
54:ac:6e:c3:7a:9c:f3:06:8c:7e:1b:9c:db:82:db:0a:58:2e:
63:db:64:bd:fa:8d:11:6f:ec:ae:c8:33:47:b8:cc:91:fb:c7:
82:49:22:fe:2f:cc:c3:13:eb:eb:cd:ec:d8:38:0c:b4:78:e2:
0b:aa:60:17:ab:68:59:34:5e:0e:d7:83:99:5b:51:85:30:cd:
2b:a8:f4:f9:e4:3c:5b:b2:35:5e:72:57:df:8e:42:9b:c6:9f:
40:f2:aa:ef:9c:f4:30:6f:29:4e:d8:33:a3:20:56:1f:f2:7e:
fe:39:88:e4:35:75:e9:dd:b4:de:d7:a7:15:de:d1:07:4b:5e:
dc:1f:87:c2:7e:82:5e:ad:4b:82:21:8e:a6:2f:e1:02:d8:06:
f7:28:28:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXMg3kS4hKMN9EuSRbvu+wLVWb6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMjIxODAwMTRaFw0yNTAyMjAxODA1MTRaMDMxMTAvBgNV
BAMTKENFRjcyN0QwNTkxMENGOUJGMTdGRjJBRDY2QjU2MzY0RkNGNzRERjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3z5ytm7DeVNkopXig7gx0BjWv
GWE4KkCWHxqMdaXJzxaX1re2fV4xepS17jOnsULTr03kPxkcuULXQReQPdcPuR6Y
0Qb6I7vXi7+RT6UwhCA8jVsHL3kqhZLvtzAmdPOhVp7D/rolRG05ZzfOZJX/5QAP
h3s2gjMvDxX5v23cAjTsTfJzxPzQA6TX/tsLvETYECfPAJa/+xYRP6eRzaGZT/2v
xCb0fh1Y9Pt7EUyh1X7ZrpmHhL/85YYlxqBCyQl8WePKOk+3cS4wuyB2b52egFjo
Tgtwta8/CXvGPMCdpA7iPJwXq+8CHuIqAVwrnJ6ORaTdH28om2C7qTlBmJctAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzvcn0FkQz5vxf/KtZrVjZPz3TfMwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdEQMA0GCSqGSIb3DQEBCwUAA4IBAQA7mrVNpA/rTdC1Yg0dymm5J5qBCWuqpvTT
VpDep0dT7A+LCbLen9k/1FM3y5BsdYGvG/IVZZHWdxMZJgcw13PjpBCgpaytyuzN
TvPbAtnajkysN1GcresGsmgruT8lh2bNEeVnFD1LewJse79UrG7DepzzBox+G5zb
gtsKWC5j22S9+o0Rb+yuyDNHuMyR+8eCSSL+L8zDE+vrzezYOAy0eOILqmAXq2hZ
NF4O14OZW1GFMM0rqPT55DxbsjVeclffjkKbxp9A8qrvnPQwbylO2DOjIFYf8n7+
OYjkNXXp3bTe16cV3tEHS17cH4fCfoJerUuCIY6mL+EC2Ab3KChg
-----END CERTIFICATE-----
Generated at Sat May 4 16:55:12 2024 by rpki-client on console-ams.rpki-client.org