Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203230343733.roa
File: 38352e3230392e31392e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: Ok/1fsSZr2so/IpQPOJ6JEPuNUf/+VhhAgPt79YijxM=
Subject key identifier: D2:DE:04:10:83:6A:52:0E:72:D8:5D:8E:D6:A8:A7:26:7C:E1:36:69
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 7EA722849795F0F5F50F432935B529E74DFC3771
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203230343733.roa
Signing time: Mon 12 Feb 2024 20:43:07 +0000
ROA not before: Mon 12 Feb 2024 20:38:07 +0000
ROA not after: Mon 10 Feb 2025 20:43:07 +0000
asID: 20473
IP address blocks: 85.209.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:a7:22:84:97:95:f0:f5:f5:0f:43:29:35:b5:29:e7:4d:fc:37:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 12 20:38:07 2024 GMT
Not After : Feb 10 20:43:07 2025 GMT
Subject: CN=D2DE0410836A520E72D85D8ED6A8A7267CE13669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c1:07:3e:3a:10:a5:34:bc:3f:ab:c3:52:de:
76:b8:39:69:13:f6:8b:3c:fc:47:ed:d3:a1:8f:43:
68:87:f5:98:dd:e7:e5:10:0d:fe:62:84:05:c9:95:
9c:34:01:3b:c2:ce:90:70:8b:a0:1a:9b:ea:9c:25:
5d:0c:50:2e:3a:66:0a:f7:66:aa:4c:33:cd:b5:81:
97:c6:3f:41:c7:07:f3:9b:17:8c:c8:c3:87:34:a2:
50:ce:37:e0:b0:d9:cb:49:5b:ff:96:ab:5c:21:34:
82:30:9c:e3:6d:e3:1a:bb:e2:76:79:12:ad:60:05:
7f:cc:c7:a6:83:0c:65:b5:5c:a0:cf:36:5b:a2:42:
2f:52:0b:b4:e7:2e:23:de:8f:ee:3b:b1:7d:ba:81:
1e:78:5b:3d:9c:00:81:2c:c0:1e:62:5a:88:ed:67:
c8:c4:4a:5c:e4:08:e3:b5:a8:5c:db:e6:40:aa:ee:
18:18:65:1b:c8:14:65:26:f3:21:a2:f4:96:8c:a2:
cf:0b:29:92:0d:91:dd:c2:d3:f3:1c:fc:59:a5:e7:
06:b9:d4:a6:53:9e:cf:9c:b4:6e:10:20:a9:1f:a7:
63:83:5a:7f:97:d2:4f:0f:73:3a:ad:fb:2c:f2:a8:
5f:c0:34:6f:33:70:1a:86:3a:04:b4:e2:3e:ba:bf:
e7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DE:04:10:83:6A:52:0E:72:D8:5D:8E:D6:A8:A7:26:7C:E1:36:69
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.19.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d1:4b:98:92:a2:1a:df:3a:2c:a0:d3:76:2a:46:b2:2f:40:
31:d3:de:1a:e4:7d:ad:e7:7f:53:6b:f1:7c:3a:d6:4f:33:18:
19:2b:db:79:3a:df:64:16:0f:fc:31:b9:62:cd:f7:54:5c:68:
c7:80:b2:58:4d:20:5e:e0:ae:02:1d:d3:21:ac:ca:cb:35:7f:
84:84:22:d1:7f:01:97:f7:7a:40:ac:ea:59:1d:ac:48:2d:7f:
39:90:10:0e:da:8b:5e:dc:29:36:1a:d2:48:63:2c:3e:eb:de:
f0:90:91:ff:80:d4:f5:ea:36:1c:44:f8:58:5e:6f:5e:86:42:
89:52:a2:ef:5e:e2:28:56:ed:c2:9f:07:83:36:93:bc:d3:5f:
87:84:73:cd:c4:e8:cd:10:3c:0a:26:16:10:0f:08:ab:6b:4a:
11:d7:92:45:aa:0f:56:22:20:e9:fe:b1:bb:3a:5d:ec:53:5d:
29:1b:5c:92:f0:cb:a6:2e:f4:13:9d:e3:ab:bf:9d:3d:0e:80:
a7:da:3a:c9:a0:5c:1c:4d:6e:bd:21:b3:90:31:f9:27:42:48:
6d:94:bd:07:86:33:c7:b7:01:32:48:58:9e:50:d6:39:4f:fb:
52:92:a5:e3:ff:e1:1f:27:5c:15:c4:c5:08:5b:0b:b7:81:a1:
92:5d:10:b5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfqcihJeV8PX1D0MpNbUp5038N3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMTIyMDM4MDdaFw0yNTAyMTAyMDQzMDdaMDMxMTAvBgNV
BAMTKEQyREUwNDEwODM2QTUyMEU3MkQ4NUQ4RUQ2QThBNzI2N0NFMTM2NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDawQc+OhClNLw/q8NS3na4OWkT
9os8/Eft06GPQ2iH9Zjd5+UQDf5ihAXJlZw0ATvCzpBwi6Aam+qcJV0MUC46Zgr3
ZqpMM821gZfGP0HHB/ObF4zIw4c0olDON+Cw2ctJW/+Wq1whNIIwnONt4xq74nZ5
Eq1gBX/Mx6aDDGW1XKDPNluiQi9SC7TnLiPej+47sX26gR54Wz2cAIEswB5iWojt
Z8jESlzkCOO1qFzb5kCq7hgYZRvIFGUm8yGi9JaMos8LKZINkd3C0/Mc/Fml5wa5
1KZTns+ctG4QIKkfp2ODWn+X0k8Pczqt+yzyqF/ANG8zcBqGOgS04j66v+clAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU0t4EEINqUg5y2F2O1qinJnzhNmkwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXR
EzANBgkqhkiG9w0BAQsFAAOCAQEAVdFLmJKiGt86LKDTdipGsi9AMdPeGuR9red/
U2vxfDrWTzMYGSvbeTrfZBYP/DG5Ys33VFxox4CyWE0gXuCuAh3TIazKyzV/hIQi
0X8Bl/d6QKzqWR2sSC1/OZAQDtqLXtwpNhrSSGMsPuve8JCR/4DU9eo2HET4WF5v
XoZCiVKi717iKFbtwp8HgzaTvNNfh4RzzcTozRA8CiYWEA8Iq2tKEdeSRaoPViIg
6f6xuzpd7FNdKRtckvDLpi70E53jq7+dPQ6Ap9o6yaBcHE1uvSGzkDH5J0JIbZS9
B4Yzx7cBMkhYnlDWOU/7UpKl4//hHydcFcTFCFsLt4Ghkl0QtQ==
-----END CERTIFICATE-----
Generated at Mon May 6 07:17:57 2024 by rpki-client on console-ams.rpki-client.org