Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
File: 38352e3230392e31382e302f32342d3234203d3e20323132343136.roa (raw, json)
Hash identifier: J4P/0pJKXXswWDL/U/aSyTpYbnb7RCTWwOsChVTVKX0=
Subject key identifier: 00:29:ED:90:A8:F5:1D:0E:04:72:48:6E:1D:94:A0:1B:29:6F:BF:18
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 7650E50B4BD7314B1F3A089D855860163E2B5BF4
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
Signing time: Thu 23 Jan 2025 18:53:52 +0000
ROA not before: Thu 23 Jan 2025 18:48:52 +0000
ROA not after: Thu 22 Jan 2026 18:53:52 +0000
asID: 212416
IP address blocks: 85.209.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 10:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:50:e5:0b:4b:d7:31:4b:1f:3a:08:9d:85:58:60:16:3e:2b:5b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jan 23 18:48:52 2025 GMT
Not After : Jan 22 18:53:52 2026 GMT
Subject: CN=0029ED90A8F51D0E0472486E1D94A01B296FBF18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:18:ee:6f:54:70:cb:89:46:57:14:98:8f:38:
86:be:78:e0:40:c7:54:a4:25:fd:a5:0e:36:b3:ee:
5a:cd:c0:35:50:9d:6d:ea:17:66:f4:e9:9d:10:94:
04:ca:8d:9d:d3:17:b6:c9:6a:ee:9e:6f:c8:3e:1f:
19:fd:95:a6:32:17:8c:ec:51:55:63:ad:38:b9:2e:
b0:32:8b:f3:35:e3:18:02:4a:b3:89:8a:46:2b:f1:
c8:b5:01:e7:06:60:ed:f8:e4:3a:9f:1b:46:10:b5:
7c:99:8b:55:64:fd:ad:f0:5d:de:b9:49:a0:8b:80:
3f:1b:0f:da:2b:97:87:8d:b5:6d:d3:9a:85:e7:9a:
e4:a2:60:18:fc:1f:a3:91:aa:ec:35:24:66:eb:3e:
19:0a:0f:dd:81:78:73:0f:ea:f1:7a:f7:08:d1:0b:
34:2a:61:f3:c1:bd:73:45:3a:d7:55:fb:61:90:7f:
b7:a5:b4:b1:84:7b:d4:15:80:2e:f9:df:e2:ea:e1:
dc:75:0f:4d:56:d3:f4:2e:48:c7:f2:6e:77:35:a0:
7c:30:ad:08:4e:be:bd:31:eb:13:63:03:0f:f7:99:
03:bd:40:2a:fa:4c:dd:18:88:b5:dd:48:ee:5b:bc:
12:71:3e:1e:0e:17:a9:6e:da:af:6d:c4:b4:65:ed:
e1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:29:ED:90:A8:F5:1D:0E:04:72:48:6E:1D:94:A0:1B:29:6F:BF:18
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.18.0/24
Signature Algorithm: sha256WithRSAEncryption
22:21:f4:3b:23:ed:d4:03:7b:3e:45:2c:59:18:3e:85:8a:a6:
06:11:9a:b0:ab:bb:5c:e5:2e:da:b9:6c:05:d8:e6:cf:31:33:
15:62:4b:a3:d5:d5:9b:7e:57:b2:23:2f:2e:06:64:56:f4:cf:
71:e2:94:f1:3e:88:4b:a3:ce:58:58:55:55:c9:e5:24:f1:3e:
d2:f0:8d:13:ee:2f:0f:d3:fd:d9:72:f2:f4:d5:a5:3e:69:04:
c9:75:2c:de:49:44:4e:be:af:18:46:3c:d5:1d:30:f6:7d:e3:
44:3a:c0:8b:7d:77:0a:14:b1:11:0d:be:fc:ca:f0:a2:39:9a:
64:b4:ac:08:28:13:f1:df:16:77:de:8f:a1:c7:58:59:d0:b3:
d6:d6:cc:9a:81:13:0e:a1:ba:54:de:b6:57:4f:66:c1:5c:0e:
35:c9:dc:19:2c:03:e9:2d:24:89:07:5a:a2:61:f8:46:c8:a1:
cb:fd:f2:38:f8:f6:07:b8:8a:e9:dd:1f:db:d8:98:3f:3a:46:
64:9d:d1:86:1b:12:e2:fc:04:d3:f0:f3:a2:70:d9:57:d3:94:
a9:c4:22:03:6e:d4:b3:48:f3:ae:20:dd:9d:5f:03:dc:8a:73:
a1:b0:fd:88:8a:cc:e7:3d:a6:6b:5f:53:6e:b1:bb:79:8a:06:
3c:c7:49:82
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdlDlC0vXMUsfOgidhVhgFj4rW/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTAxMjMxODQ4NTJaFw0yNjAxMjIxODUzNTJaMDMxMTAvBgNV
BAMTKDAwMjlFRDkwQThGNTFEMEUwNDcyNDg2RTFEOTRBMDFCMjk2RkJGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuGO5vVHDLiUZXFJiPOIa+eOBA
x1SkJf2lDjaz7lrNwDVQnW3qF2b06Z0QlATKjZ3TF7bJau6eb8g+Hxn9laYyF4zs
UVVjrTi5LrAyi/M14xgCSrOJikYr8ci1AecGYO345DqfG0YQtXyZi1Vk/a3wXd65
SaCLgD8bD9orl4eNtW3TmoXnmuSiYBj8H6ORquw1JGbrPhkKD92BeHMP6vF69wjR
CzQqYfPBvXNFOtdV+2GQf7eltLGEe9QVgC753+Lq4dx1D01W0/QuSMfybnc1oHww
rQhOvr0x6xNjAw/3mQO9QCr6TN0YiLXdSO5bvBJxPh4OF6lu2q9txLRl7eFnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUACntkKj1HQ4EckhuHZSgGylvvxgwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzQzMTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdESMA0GCSqGSIb3DQEBCwUAA4IBAQAiIfQ7I+3UA3s+RSxZGD6FiqYGEZqwq7tc
5S7auWwF2ObPMTMVYkuj1dWbfleyIy8uBmRW9M9x4pTxPohLo85YWFVVyeUk8T7S
8I0T7i8P0/3ZcvL01aU+aQTJdSzeSUROvq8YRjzVHTD2feNEOsCLfXcKFLERDb78
yvCiOZpktKwIKBPx3xZ33o+hx1hZ0LPW1syagRMOobpU3rZXT2bBXA41ydwZLAPp
LSSJB1qiYfhGyKHL/fI4+PYHuIrp3R/b2Jg/OkZkndGGGxLi/ATT8POicNlX05Sp
xCIDbtSzSPOuIN2dXwPcinOhsP2IisznPaZrX1Nusbt5igY8x0mC
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:42:57 2025 by rpki-client