Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
File: 38352e3230392e31362e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: p6Bk0gZf8IBhPL6y8ZeFGMDiI7CTICtCBqH+ui8UNPk=
Subject key identifier: 55:BD:DD:96:C4:01:41:B6:BA:AD:13:5E:E4:22:9E:31:05:18:E6:91
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 7699E16505C4267428A4DF285BF326377153C8C8
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
Signing time: Thu 23 Jan 2025 18:53:52 +0000
ROA not before: Thu 23 Jan 2025 18:48:52 +0000
ROA not after: Thu 22 Jan 2026 18:53:52 +0000
asID: 400039
IP address blocks: 85.209.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:99:e1:65:05:c4:26:74:28:a4:df:28:5b:f3:26:37:71:53:c8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jan 23 18:48:52 2025 GMT
Not After : Jan 22 18:53:52 2026 GMT
Subject: CN=55BDDD96C40141B6BAAD135EE4229E310518E691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:da:68:0c:74:f7:e0:8f:4d:df:be:91:8a:
35:4d:51:ba:95:80:38:0f:05:ae:cd:f8:20:5b:c5:
94:81:05:ed:d2:38:e7:30:0e:7f:33:d4:55:c3:4c:
f3:78:d1:7a:ec:7b:31:8c:86:dd:b9:d5:fe:13:00:
1c:40:d4:78:b4:c8:2c:b4:55:98:74:fd:85:b0:8a:
40:e5:a4:23:29:cd:99:37:9d:a2:7c:da:4a:c2:f9:
cd:ce:a1:22:01:4e:7b:b1:af:aa:3f:ea:e0:fd:23:
87:6d:bf:8f:49:db:eb:6e:6a:cd:6e:2e:96:11:b0:
f5:88:7d:de:15:6f:9d:5f:e5:9b:0e:bf:70:55:1a:
d8:0b:6a:d6:59:20:c1:98:19:6f:91:48:6a:a1:67:
be:14:81:14:57:4a:65:7f:e7:1d:80:1f:19:03:e2:
1a:3d:c3:b7:bd:f2:50:7c:44:8a:f7:26:ce:ef:74:
91:8d:c2:55:9e:02:13:3f:e2:58:f6:fc:f4:af:90:
ab:a7:09:bc:f0:b7:1c:11:4b:26:8e:51:6b:02:9d:
11:1b:f6:dc:11:96:e5:82:09:5d:29:b0:f2:fc:4d:
da:9d:ae:68:d8:97:ec:51:46:40:a0:1a:6d:aa:ca:
17:e6:99:88:79:d2:f9:c6:c2:40:c8:d8:0b:58:5e:
b5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BD:DD:96:C4:01:41:B6:BA:AD:13:5E:E4:22:9E:31:05:18:E6:91
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31362e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.16.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:bd:f9:7c:6e:53:4e:6b:0e:2b:45:a5:87:17:4b:8d:20:c8:
42:39:b2:77:ba:ec:4b:2c:db:60:96:6f:27:71:6c:71:d4:64:
40:20:b8:0c:3d:1e:74:dd:3a:6a:24:79:64:d5:cc:c2:9b:06:
91:59:f8:63:0a:51:1c:f0:47:71:d1:e5:c2:a1:41:bd:7d:5d:
04:54:87:e4:ff:a1:1b:fc:ed:00:03:2f:73:13:9b:cc:52:cb:
b3:72:21:d3:c7:0b:e4:02:3d:41:50:f7:e6:0f:ea:aa:94:20:
35:87:07:61:f0:da:bd:bb:97:31:fd:1f:19:7d:49:5d:be:76:
d0:fc:76:82:3a:19:fb:f1:12:e7:d6:38:37:d8:3c:c3:c0:82:
69:fb:ae:d5:7c:ff:c4:04:f0:1d:b5:29:60:bf:03:f1:f5:17:
d3:11:33:ce:bc:5f:4b:2a:38:49:c5:d4:bc:93:67:dc:1d:5c:
a1:35:88:2b:7f:5f:53:71:8f:ea:2b:25:18:f4:a3:97:08:65:
8f:46:96:4b:b2:bb:06:67:cf:9f:0e:30:ea:d5:af:b2:91:4c:
e0:b4:c2:33:c9:85:0e:16:a9:26:2e:59:38:99:4f:c1:f5:03:
61:66:3d:17:d1:8b:8f:53:d0:14:05:9a:04:d0:9e:61:ba:46:
7b:d6:ad:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdpnhZQXEJnQopN8oW/MmN3FTyMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTAxMjMxODQ4NTJaFw0yNjAxMjIxODUzNTJaMDMxMTAvBgNV
BAMTKDU1QkRERDk2QzQwMTQxQjZCQUFEMTM1RUU0MjI5RTMxMDUxOEU2OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwLNpoDHT34I9N376RijVNUbqV
gDgPBa7N+CBbxZSBBe3SOOcwDn8z1FXDTPN40XrsezGMht251f4TABxA1Hi0yCy0
VZh0/YWwikDlpCMpzZk3naJ82krC+c3OoSIBTnuxr6o/6uD9I4dtv49J2+tuas1u
LpYRsPWIfd4Vb51f5ZsOv3BVGtgLatZZIMGYGW+RSGqhZ74UgRRXSmV/5x2AHxkD
4ho9w7e98lB8RIr3Js7vdJGNwlWeAhM/4lj2/PSvkKunCbzwtxwRSyaOUWsCnREb
9twRluWCCV0psPL8TdqdrmjYl+xRRkCgGm2qyhfmmYh50vnGwkDI2AtYXrXPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVb3dlsQBQba6rRNe5CKeMQUY5pEwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdEQMA0GCSqGSIb3DQEBCwUAA4IBAQAdvfl8blNOaw4rRaWHF0uNIMhCObJ3uuxL
LNtglm8ncWxx1GRAILgMPR503TpqJHlk1czCmwaRWfhjClEc8Edx0eXCoUG9fV0E
VIfk/6Eb/O0AAy9zE5vMUsuzciHTxwvkAj1BUPfmD+qqlCA1hwdh8Nq9u5cx/R8Z
fUldvnbQ/HaCOhn78RLn1jg32DzDwIJp+67VfP/EBPAdtSlgvwPx9RfTETPOvF9L
KjhJxdS8k2fcHVyhNYgrf19TcY/qKyUY9KOXCGWPRpZLsrsGZ8+fDjDq1a+ykUzg
tMIzyYUOFqkmLlk4mU/B9QNhZj0X0YuPU9AUBZoE0J5hukZ71q3A
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:39 2025 by rpki-client