Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
File: 38352e3230392e31382e302f32342d3234203d3e20323132343136.roa (raw, json)
Hash identifier: eVP9RPY/WpuBxj4uRQpsGyWhFlJEVn2o5gOxlnEx12Y=
Subject key identifier: 64:C0:D0:C4:BC:84:62:82:65:13:20:D5:A3:EC:0D:DB:C8:5D:0F:4D
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 6007FAB942F17B5888A98E26AE17D4A4C0CA7880
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
Signing time: Thu 22 Feb 2024 18:05:14 +0000
ROA not before: Thu 22 Feb 2024 18:00:14 +0000
ROA not after: Thu 20 Feb 2025 18:05:14 +0000
asID: 212416
IP address blocks: 85.209.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 04:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:07:fa:b9:42:f1:7b:58:88:a9:8e:26:ae:17:d4:a4:c0:ca:78:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 22 18:00:14 2024 GMT
Not After : Feb 20 18:05:14 2025 GMT
Subject: CN=64C0D0C4BC846282651320D5A3EC0DDBC85D0F4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:44:a6:8d:1f:15:e4:09:e7:bc:b9:ec:54:
45:37:de:ce:52:9d:44:7d:23:0d:ac:fc:b4:61:65:
fe:cc:d3:81:d7:5b:34:62:c8:c5:a9:cf:69:b5:5e:
cd:3d:73:da:fa:af:28:e1:58:6f:a0:60:4e:e0:8f:
31:07:32:11:aa:74:9f:81:da:28:78:67:16:01:fd:
c7:f1:53:28:91:7e:59:82:c2:3d:ff:76:78:89:97:
15:10:73:8b:4f:f2:0c:9a:6b:7e:95:9b:dd:4d:2d:
50:fe:1b:90:89:17:8e:41:01:63:ac:59:19:f5:da:
95:62:5a:b2:a0:46:c9:ae:77:d5:55:9b:dc:e3:df:
b0:88:cf:9f:7d:18:b6:28:cc:a9:bb:21:ac:72:04:
06:a3:9a:fd:4c:4c:f7:a5:c7:31:e0:81:02:42:60:
bb:1a:ee:1c:c7:9f:c6:2b:5f:41:3f:a4:d5:e0:5b:
64:4c:2e:71:e1:6c:eb:10:98:26:9f:1c:35:f1:cd:
f8:72:27:f3:98:d0:2c:b3:0c:fb:aa:82:13:3a:11:
98:c2:51:3e:a2:3f:ec:71:27:10:c0:ea:9c:45:de:
ff:99:e6:4b:e9:6c:10:ec:63:5c:10:0c:63:b3:61:
3a:42:8a:23:9e:57:9c:54:c7:b0:4d:2f:70:5e:82:
fa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C0:D0:C4:BC:84:62:82:65:13:20:D5:A3:EC:0D:DB:C8:5D:0F:4D
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31382e302f32342d3234203d3e20323132343136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.18.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d9:20:d3:93:74:46:21:30:a9:c8:bb:79:01:73:e2:66:35:
6c:e8:c9:16:39:76:df:67:c4:83:40:7d:5d:83:45:a0:54:ca:
02:bd:e1:39:6d:d3:f0:9e:f5:cd:39:48:fe:e9:ac:aa:3b:6c:
54:e2:e8:0d:d4:7b:f7:8c:45:09:50:3b:1d:56:41:e2:8b:ea:
1d:89:a7:59:81:e3:e2:38:45:bc:7a:2b:e1:bd:f2:ee:b6:9b:
eb:e6:0c:83:38:aa:b0:ad:0e:f4:ee:bc:87:cd:30:45:b4:71:
9f:57:07:08:3d:c3:8e:19:d5:fa:e8:cf:50:6b:bd:f9:78:a8:
6f:8a:c1:eb:7b:9a:09:fc:37:d9:6a:a6:50:b5:4e:5a:b3:80:
b6:e5:4e:26:3f:66:c2:3f:1b:03:1d:04:e9:fa:56:71:e0:d9:
ef:4b:ff:f5:b6:f9:7c:53:cb:04:e2:42:ff:01:49:b3:25:e8:
1d:45:fe:30:aa:14:81:90:0e:de:50:d5:c4:d3:66:dc:d0:fa:
92:7d:22:b7:16:2d:4d:7a:9b:ef:6f:29:97:08:3c:6d:fd:1b:
c0:1d:72:77:39:ef:ea:7a:bd:31:73:1f:61:b3:f2:22:22:38:
d5:db:41:3b:2c:8b:d0:ec:c4:21:4d:86:99:88:88:e5:f1:42:
6c:75:f3:98
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYAf6uULxe1iIqY4mrhfUpMDKeIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMjIxODAwMTRaFw0yNTAyMjAxODA1MTRaMDMxMTAvBgNV
BAMTKDY0QzBEMEM0QkM4NDYyODI2NTEzMjBENUEzRUMwRERCQzg1RDBGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJmESmjR8V5AnnvLnsVEU33s5S
nUR9Iw2s/LRhZf7M04HXWzRiyMWpz2m1Xs09c9r6ryjhWG+gYE7gjzEHMhGqdJ+B
2ih4ZxYB/cfxUyiRflmCwj3/dniJlxUQc4tP8gyaa36Vm91NLVD+G5CJF45BAWOs
WRn12pViWrKgRsmud9VVm9zj37CIz599GLYozKm7IaxyBAajmv1MTPelxzHggQJC
YLsa7hzHn8YrX0E/pNXgW2RMLnHhbOsQmCafHDXxzfhyJ/OY0CyzDPuqghM6EZjC
UT6iP+xxJxDA6pxF3v+Z5kvpbBDsY1wQDGOzYTpCiiOeV5xUx7BNL3BegvoTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZMDQxLyEYoJlEyDVo+wN28hdD00wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzQzMTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdESMA0GCSqGSIb3DQEBCwUAA4IBAQAQ2SDTk3RGITCpyLt5AXPiZjVs6MkWOXbf
Z8SDQH1dg0WgVMoCveE5bdPwnvXNOUj+6ayqO2xU4ugN1Hv3jEUJUDsdVkHii+od
iadZgePiOEW8eivhvfLutpvr5gyDOKqwrQ707ryHzTBFtHGfVwcIPcOOGdX66M9Q
a735eKhvisHre5oJ/DfZaqZQtU5as4C25U4mP2bCPxsDHQTp+lZx4NnvS//1tvl8
U8sE4kL/AUmzJegdRf4wqhSBkA7eUNXE02bc0PqSfSK3Fi1NepvvbymXCDxt/RvA
HXJ3Oe/qer0xcx9hs/IiIjjV20E7LIvQ7MQhTYaZiIjl8UJsdfOY
-----END CERTIFICATE-----
Generated at Sat May 11 12:11:03 2024 by rpki-client on console-ams.rpki-client.org